jsthemis: Secure Message failed to verify signature: failure.

[feliciss]

I have:

• searched open and closed issues for duplicates

---

Issue description

Failed to verify signature using jsthemis.
Part of the verify signature code:

let sm = new themis.SecureMessage(new Buffer.from(private_key, "base64"), new Buffer.from(peer_public_key, "base64"));
    try {
        let message = sm.verify(new Buffer.from(signed_message, "base64")).toString();
        return message;
    } catch (error) {
        console.error("ERROR: ", error);
    }

And the console:

ERROR:  { Error: Secure Message failed to verify signature: failure

Environment info

OS: macOS Mojave 10.14.4

Themis version: 0.11.1 (latest)

Installation way:

• downloaded tag from github
• via package manager
• built from source

Crypto provider: I don't know

Link to example project

https://github.com/5sWind/nodejs-crypto-lab

[vixentael]

Hi @5sWind

Please double check keys.

Key you are using to verify signature should be a public key from the same keypair as private key you used to sign message. Basically, to sign and to verify message you are operating with the same keypair. Private key is used to sign message, public key is used to verify message signed with that private key.

This is example I've done just now using jsthemis 0.11.0 in command line on macOS:

➜  js git:(master) ✗ node 
> var themis = require('jsthemis');
undefined
> var keys = new themis.KeyPair()
undefined
> var privKey = keys.private()
undefined
> privKey
<Buffer 52 45 43 32 00 00 00 2d 65 2e 65 fb 00 e5 59 1d ba fb 19 3b f5 28 16 65 3c 9d 5c ee 77 fc b4 b4 c8 8a a5 ff 44 01 e3 80 64 39 17 09 c3>
> var pubKey = keys.public()
undefined
> pubKey
<Buffer 55 45 43 32 00 00 00 2d 48 93 31 81 02 e0 8f 74 3b 12 e4 f8 2b a5 69 1b 88 ef ad 62 fe e0 8b 81 40 92 ad 09 71 e8 e9 a2 a3 23 be ca d1>

// we have keypair, we've checked that keys are there

> var sm = new themis.SecureMessage(new Buffer(privKey), new Buffer(pubKey))
undefined
> sm
SecureMessage {}
> var signed = sm.sign(new Buffer("hello message"))
undefined
> signed
<Buffer 20 26 04 26 0d 00 00 00 47 00 00 00 68 65 6c 6c 6f 20 6d 65 73 73 61 67 65 30 45 02 21 00 94 5f 2d 7b 5b 10 91 b5 aa 62 e5 60 b1 99 4c 93 e9 b2 ca fb ... >

// we signed message, then used same keys to create new SecureMessage and verify signed message

> var sm2 = new themis.SecureMessage(new Buffer(privKey), new Buffer(pubKey))
undefined
> sm2
SecureMessage {}
> var verified = sm2.verify(new Buffer(signed))
undefined
> verified.toString()
'hello message'

[vixentael]

You can also test your message and keys with Themis data simulator:
https://docs.cossacklabs.com/simulator/data-message/

This is a web simulator that runs Themis and allows you to enter your keys (base64) and your data, and sign/verify it.

[feliciss]

Oh, I forget to receive the object as I returned two fields (privateKey and publicKey).
feliciss/nodejs-crypto-lab@413dfb9
Other parts are working as fine...thank you for your support!
Sorry for that, closing this issue...

[vixentael]

Sure, no worries! :)
Good luck in making secure applications!

[vixentael]

@5sWind, just letting you know, that thank to you opening this issue, we've improved few things:

• found and fixed a small bug in log messages for sign/verify mode in SecureMessage for jsthemis
  https://github.com/cossacklabs/themis/pull/465/files

• pushed update of jsthemis 0.11.2 to npm with fixed logs
  https://www.npmjs.com/package/jsthemis

• improved docs for all languages for SecureMessage to pay attention that private/public key should be used from the same keypair
  https://github.com/cossacklabs/themis/wiki/NodeJS-Howto#example-1

Thank you for asking question and paying attention! Our goal is to make Themis easy to use and hard to misuse, so we are happy to improve unclear bits :)

[feliciss]

Thanks @vixentael :).