Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use readKeyFile to read both seed file and public key file #54

Merged
merged 1 commit into from
Jun 27, 2023
Merged

Use readKeyFile to read both seed file and public key file #54

merged 1 commit into from
Jun 27, 2023

Conversation

nanjj
Copy link
Contributor

@nanjj nanjj commented Jun 25, 2023

It's consistent with the key reading behavior in sign, and we can add some comments in both seed file and public key file.

@coveralls
Copy link

coveralls commented Jun 25, 2023
edited
Loading

Pull Request Test Coverage Report for Build 5373303424

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 79.429%
Totals Coverage Status
Change from base Build 4916660300: 0.0%
Covered Lines: 417
Relevant Lines: 525
💛 - Coveralls

@derekcollison derekcollison self-requested a review June 25, 2023 16:35
derekcollison
derekcollison reviewed Jun 25, 2023
View reviewed changes
Copy link
Member

@derekcollison derekcollison left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Update copyright to 2018-2023 then I think it LGTM

@nanjj
Copy link
Contributor Author

nanjj commented Jun 26, 2023

Update copyright to 2018-2023 then I think it LGTM

Fixed

@nanjj
Use readKeyFile to read both seed file and public key file
1db6785 
It's consistent with the key reading behavior in `sign`, and we can add some
comments in both seed file and public key file.

And encode the signature with base64 url nopadding format instead of base64 std,
since jwt signature is using base64 url nopadding format. So that `nk` command
can be used to verify jwt token conviniently.

Signed-off-by: JUN JIE NAN <[email protected]>
@nanjj nanjj requested a review from derekcollison June 26, 2023 02:57
derekcollison
derekcollison reviewed Jun 26, 2023
View reviewed changes
nk/main.go
@@ -157,7 +157,7 @@ func sign(fname, keyFile string) {
if err != nil {
log.Fatal(err)
}
log.Printf("%s", base64.StdEncoding.EncodeToString(sigraw))
log.Printf("%s", base64.RawURLEncoding.EncodeToString(sigraw))
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why the change here?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Because in JWT three parts, header.payload.signature, the signature part is encoded in base64 url no padding format according JWT spec. If nk uses base64 url no padding format as signature content, nk command can be used to verify jwt token like this:
nk -verify header.payload -pubin pubin -sigfile signature
Or nk would compain illegle charset error.

@derekcollison derekcollison self-requested a review June 27, 2023 16:00
derekcollison
derekcollison approved these changes Jun 27, 2023
View reviewed changes
Copy link
Member

@derekcollison derekcollison left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@derekcollison derekcollison merged commit 82f3ee7 into nats-io:main Jun 27, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@derekcollison derekcollison derekcollison approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@nanjj @coveralls @derekcollison