
<html>

  <head>

    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">

  </head>

  <body bgcolor="#FFFFFF" text="#000000">

    <p>Hi Alexandru,</p>

    <p>OpenSIPS is using the signature in DER encoded format (as it is

      directly generated by openssl) but indeed it is not the proper

      format as per RFC 7518. Thanks for the report, I am working on a

      fix.</p>

    <p>Regards,</p>

    <p>Vlad Patrascu<br>

    </p>

    <div class="moz-cite-prefix">On 10.04.2020 12:28, Alexandru Tripon

      wrote:<br>

    </div>

    <blockquote type="cite"

cite="mid:CAAkCrROwX0p8kKOGFRNEdEt1QDyjhpesB6O+FgP7b7_ZvsiK4w@mail.gmail.com">

      <meta http-equiv="content-type" content="text/html; charset=UTF-8">

      <div dir="ltr">Hi,<br>

        <br>

        I tried to populate the Identity header with the stir_shaken

        module.<br>

        The header is populated but when I try to verify the signature

        using an external tool it fails because of the length.<br>

        I have the folowing Identity generated by Opensips:<br>

        `<br>

eyJhbGciOiJFUzI1NiIsInBwdCI6InNoYWtlbiIsInR5cCI6InBhc3Nwb3J0IiwieDV1IjoiL2hvbWUvdHJpYWwvTHVjcnUvQ29kZS9zdGlyU2hha2VuL215cHVia2V5LnBlbSJ9.eyJhdHRlc3QiOiJBIiwiZGVzdCI6eyJ0biI6WyIxMDAyIl19LCJpYXQiOjE1ODY1MDMxODcsIm9yaWciOnsidG4iOiIxMDAxIn0sIm9yaWdpZCI6IjEyMzQ1NiJ9.MEYCIQCjIx6w8IeilqHq0jbc6uwIB9v1RDmecoep0gRJJC4EmQIhANH1MO9jwRtqH6jgFH12XqROFv-nUroEgzsRAaMJtAsR;info=\u003c/home/trial/Lucru/Code/stirShaken/mypubkey.pem\u003e;ppt=\"shaken\"<br>

        ` <br>

        the lenght of encoded signature(in base64) is 96 and in the

        decoded one is 72.<br>

        In the RFC for ES256 algorithm(<a

          href="https://tools.ietf.org/html/rfc7518#section-3.4"

          moz-do-not-send="true">https://tools.ietf.org/html/rfc7518#section-3.4</a>)

        the length of the decoded signature is 64.<br>

        Am I missing something here?<br>

        <br>

        Thanks,<br>

        Alexandru Tripon</div>

      <br>

      <fieldset class="mimeAttachmentHeader"></fieldset>

      <pre class="moz-quote-pre" wrap="">_______________________________________________

Users mailing list

<a class="moz-txt-link-abbreviated" href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a>

<a class="moz-txt-link-freetext" href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a>

</pre>

    </blockquote>

  </body>

</html>