Re: Question for ES256 ... need for JWTs for DID project from Orie Steele on 2022-11-08 (public-credentials@w3.org from November 2022)

From: Orie Steele <orie@transmute.industries>
Date: Tue, 8 Nov 2022 13:04:48 +0000
To: Brent Shambaugh <brent.shambaugh@gmail.com>
Cc: Credentials Community Group <public-credentials@w3.org>
Message-ID: <CAN8C-_+V9WqnJQYoJ7YCXb6STsVEZX5DZ69y1oppZJwFDrx4PQ@mail.gmail.com>
I suggest you review https://www.npmjs.com/package/jose

You can hack the node module to review intermediate data structures to help
resolve any discrepancies.

OS

On Tue, Nov 8, 2022 at 12:03 AM Brent Shambaugh <brent.shambaugh@gmail.com>
wrote:

> oops, this is the signature given in RFC7515. The signature that I gave in
> this thread was what I got.
>
> What I got:
> Uint8Array(32) [
>   225, 116, 158,  38, 197,   3,  46,  22,
>    98, 176,  94, 213, 135,  30, 226,  96,
>   143, 234, 247,  30, 218, 220, 201,  60,
>   251,  11,  35, 250,  58,  95, 223, 208
> ]
> Uint8Array(32) [
>   209, 123, 230, 195, 18, 223, 176, 237,
>    73,  77, 215,  28, 31, 166,  42,  46,
>   186, 129, 172, 178,  2,  74,   1,  63,
>    70, 192,  71, 142, 70,  60, 238,  34
> ]
>
> What they got:
>
>    +--------+----------------------------------------------------------+
>    | Result | Value                                                    |
>    | Name   |                                                          |
>    +--------+----------------------------------------------------------+
>    | R      | [14, 209, 33, 83, 121, 99, 108, 72, 60, 47, 127, 21, 88, |
>    |        | 7, 212, 2, 163, 178, 40, 3, 58, 249, 124, 126, 23, 129,  |
>    |        | 154, 195, 22, 158, 166, 101]                             |
>    | S      | [197, 10, 7, 211, 140, 60, 112, 229, 216, 241, 45, 175,  |
>    |        | 8, 74, 84, 128, 166, 101, 144, 197, 242, 147, 80, 154,   |
>    |        | 143, 63, 127, 138, 131, 163, 84, 213]                    |
>    +--------+----------------------------------------------------------+
>
> It would seem like that sha-256 hashing precedes feeding it to the signature function. The hash would give 32 bytes, but I am getting the length that would be expected for the signature 64 bytes. This isn't clear from the RFC.
>
> -Brent Shambaugh
>
> GitHub: https://github.com/bshambaugh
> Website: http://bshambaugh.org/
> LinkedIN: https://www.linkedin.com/in/brent-shambaugh-9b91259
> Skype: brent.shambaugh
> Twitter: https://twitter.com/Brent_Shambaugh
> WebID: http://bshambaugh.org/foaf.rdf#me
>
>
> On Mon, Nov 7, 2022 at 5:56 PM Brent Shambaugh <brent.shambaugh@gmail.com>
> wrote:
>
>> Dear all, I hope today finds you well. I hope it is in scope to ask about
>> ES256. I'm using it for JWTs for a did type construction.
>>
>> I' m a bit confused what ES256 is supposed to look like. I chose to
>> follow: https://www.rfc-editor.org/rfc/rfc7515.html#appendix-A.3
>>
>> In summary I have this working..
>>
>> {"alg":"ES256"} converted to octet Array and then converted to base54ul
>> gives: eyJhbGciOiJFUzI1NiJ9
>>
>> {"iss":"joe","exp":1300819380,"http://example.com/is_root":true}
>> converted to octet Array and then converted to base54ul gives:
>> eyJpc3MiOiJqb2UiLCJleHAiOjEzMDA4MTkzODAsImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ
>>
>> concatenating and then converting to a octetArray gives
>>
>>
>> toOctetArray(eyJhbGciOiJFUzI1NiJ9.eyJpc3MiOiJqb2UiLCJleHAiOjEzMDA4MTkzODAsImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ)
>>
>> [101, 121, 74, 104, 98, 71, 99, 105, 79, 105, 74, 70, 85, 122, 73,
>>    49, 78, 105, 74, 57, 46, 101, 121, 74, 112, 99, 51, 77, 105, 79, 105,
>>    74, 113, 98, 50, 85, 105, 76, 65, 48, 75, 73, 67, 74, 108, 101, 72,
>>    65, 105, 79, 106, 69, 122, 77, 68, 65, 52, 77, 84, 107, 122, 79, 68,
>>    65, 115, 68, 81, 111, 103, 73, 109, 104, 48, 100, 72, 65, 54, 76,
>>    121, 57, 108, 101, 71, 70, 116, 99, 71, 120, 108, 76, 109, 78, 118,
>>    98, 83, 57, 112, 99, 49, 57, 121, 98, 50, 57, 48, 73, 106, 112, 48,
>>    99, 110, 86, 108, 102, 81]
>>
>>
>> However, I am not sure what to do from here. I think I should hash it and
>> then sign it with a private key. If I perform a SHA-256 hash of this I get.
>>
>> Uint8Array(32) [
>>   180,  18, 240, 220, 249,   3,  49, 190,
>>   173, 106, 190, 219,  46, 253, 149, 129,
>>   253, 214, 109,  21,  89,  79,  24,  93,
>>   153, 224, 231,  84, 182,  63, 136, 232
>> ]
>>
>> The signature will then be:
>>
>> Uint8Array(32) [
>>   225, 116, 158,  38, 197,   3,  46,  22,
>>    98, 176,  94, 213, 135,  30, 226,  96,
>>   143, 234, 247,  30, 218, 220, 201,  60,
>>   251,  11,  35, 250,  58,  95, 223, 208
>> ]
>> Uint8Array(32) [
>>   209, 123, 230, 195, 18, 223, 176, 237,
>>    73,  77, 215,  28, 31, 166,  42,  46,
>>   186, 129, 172, 178,  2,  74,   1,  63,
>>    70, 192,  71, 142, 70,  60, 238,  34
>> ]
>>
>> However, this is not what I get. Am I missing something?
>>
>> I put my code in a gist:
>> https://gist.github.com/bshambaugh/7caa03e042545873b5cf055b584e8157
>>
>> -Brent Shambaugh
>>
>> GitHub: https://github.com/bshambaugh
>> Website: http://bshambaugh.org/
>> LinkedIN: https://www.linkedin.com/in/brent-shambaugh-9b91259
>> Skype: brent.shambaugh
>> Twitter: https://twitter.com/Brent_Shambaugh
>> WebID: http://bshambaugh.org/foaf.rdf#me
>>
>

-- 
*ORIE STEELE*
Chief Technical Officer
www.transmute.industries

<https://www.transmute.industries>
Received on Tuesday, 8 November 2022 13:05:12 UTC