-
Notifications
You must be signed in to change notification settings - Fork 41
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
use ECDSA with SHA256 signers and verifiers for elliptic curve algorithms #8
Comments
Hi, I ran in exactly the same issue. @shea256 What do you think? Cheers, |
@pgaubatz I don't think this actually fixes the problem. I just ended up writing my own JWT library: https://github.com/blockstack/jwt-js Maybe it'll be helpful for you. It only currently supports the curve SECP256k1, but it is designed in a way that anyone can easily write a client for ES256, RS256, etc. |
Yeah, so at the time the module was written, while openssl supported EC, there wasn't an algorithm available to call it with. So specifying RSA here gets it into openssl, and aftet it parses the PEM, it does the right thing. I would be happy to accept a pull request which used the correct name (I looked when this issue first opened - it appears it might exist in openssl now) - perhaps deciding based off if the openssl or node.js version. |
@shea256 ES256 is secp256r1, not k1 |
@omsmith yes, I'm aware. I mentioned that my library only currently supports SECP256k1 (which I abbreviate as ES256k) and while my library currently doesn't support the widely accepted ES256 and RS256 standards, those could easily be added in. I might actually add in an ES256 client soon, which will use SECP256r1 (according to the standards). |
There is an open PR on browserify-sign (what browserify uses to get node crypto to work) which addresses this. When that PR goes through, a change to this library to not masquerade as rsa and just use 'sha' + bits should work. Tried it out by monkeypatching locally. |
Alright they merged that PR over in Browserify. @omsmith what were the limitations of a PR over here? I have a patch I wrote that's very dumb that basically just switches from |
@samuelhorwitz feel free to submit your changes as a PR and we'll see what happens with the test suite (which will run it against older versions of node as well). |
Fixes: auth0#8 Ref: auth0#23 Ref: nodejs/node#15024 PR-URL: auth0#26
Please correct me if I'm wrong here, but I've noticed two things that together seem strange:
RSA-SHAxxx
hash functions are being used to create the signers and verifiers increateKeySigner
andcreateKeyVerifier
.createECDSASigner
andcreateECDSAVerifer
are simply wrappers aroundcreateKeySigner
andcreateKeyVerifier
, with a single modification to reformat the signatureThis leads me to believe that the signers and verifiers are performing signing and verifying with the
RSA-SHAxxx
hash functions provided by Node's built-in crypto library, when they should be using ECDSA with SHA256.Is there something I'm missing here? Is there another place where the signers and verifiers are being defined?
I came across an issue when I browserify-ed
node-jsonwebtoken
and noticed that the signing wasn't working.Thanks!
Reference code:
The text was updated successfully, but these errors were encountered: