[OpenSIPS-Users] Stir_shaken signature length
Vlad Patrascu
vladp at opensips.org
Mon Apr 13 15:01:14 EST 2020
Hi Alexandru,
OpenSIPS is using the signature in DER encoded format (as it is directly
generated by openssl) but indeed it is not the proper format as per RFC
7518. Thanks for the report, I am working on a fix.
Regards,
Vlad Patrascu
On 10.04.2020 12:28, Alexandru Tripon wrote:
> Hi,
>
> I tried to populate the Identity header with the stir_shaken module.
> The header is populated but when I try to verify the signature using
> an external tool it fails because of the length.
> I have the folowing Identity generated by Opensips:
> `
> eyJhbGciOiJFUzI1NiIsInBwdCI6InNoYWtlbiIsInR5cCI6InBhc3Nwb3J0IiwieDV1IjoiL2hvbWUvdHJpYWwvTHVjcnUvQ29kZS9zdGlyU2hha2VuL215cHVia2V5LnBlbSJ9.eyJhdHRlc3QiOiJBIiwiZGVzdCI6eyJ0biI6WyIxMDAyIl19LCJpYXQiOjE1ODY1MDMxODcsIm9yaWciOnsidG4iOiIxMDAxIn0sIm9yaWdpZCI6IjEyMzQ1NiJ9.MEYCIQCjIx6w8IeilqHq0jbc6uwIB9v1RDmecoep0gRJJC4EmQIhANH1MO9jwRtqH6jgFH12XqROFv-nUroEgzsRAaMJtAsR;info=\u003c/home/trial/Lucru/Code/stirShaken/mypubkey.pem\u003e;ppt=\"shaken\"
> `
> the lenght of encoded signature(in base64) is 96 and in the decoded
> one is 72.
> In the RFC for ES256
> algorithm(https://tools.ietf.org/html/rfc7518#section-3.4) the length
> of the decoded signature is 64.
> Am I missing something here?
>
> Thanks,
> Alexandru Tripon
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20200413/8f431ad8/attachment.html>
More information about the Users
mailing list