aboutsummaryrefslogtreecommitdiffstats
path: root/util
diff options
context:
space:
mode:
authorMatthew Wild <mwild1@gmail.com>2022-09-29 23:15:39 +0100
committerMatthew Wild <mwild1@gmail.com>2022-09-29 23:15:39 +0100
commit8695a72a668fa38f1df64653508c360534e5e3db (patch)
treee2f0c8754d2268b9918b9adb7e2f6ff33fca6636 /util
parentdfd1e396bb80af04b25f82efafc6d1dd67d7056a (diff)
downloadprosody-8695a72a668fa38f1df64653508c360534e5e3db.tar.gz
prosody-8695a72a668fa38f1df64653508c360534e5e3db.zip
util.crypto, util.jwt: Generate consistent signature sizes (via padding)
This fixes the signature parsing and building to work correctly. Sometimes a signature was one or two bytes too short, and needed to be padded. OpenSSL can do this for us.
Diffstat (limited to 'util')
-rw-r--r--util/jwt.lua8
1 files changed, 4 insertions, 4 deletions
diff --git a/util/jwt.lua b/util/jwt.lua
index 5c74850a..1c7daf12 100644
--- a/util/jwt.lua
+++ b/util/jwt.lua
@@ -135,21 +135,21 @@ local function new_rsa_algorithm(name)
end
-- ES***
-local function new_ecdsa_algorithm(name, c_sign, c_verify)
+local function new_ecdsa_algorithm(name, c_sign, c_verify, sig_bytes)
local function encode_ecdsa_sig(der_sig)
- local r, s = crypto.parse_ecdsa_signature(der_sig);
+ local r, s = crypto.parse_ecdsa_signature(der_sig, sig_bytes);
return r..s;
end
local function decode_ecdsa_sig(jwk_sig)
- return crypto.build_ecdsa_signature(jwk_sig:sub(1, 32), jwk_sig:sub(33, 64));
+ return crypto.build_ecdsa_signature(jwk_sig:sub(1, sig_bytes), jwk_sig:sub(sig_bytes+1, sig_bytes*2));
end
return new_crypto_algorithm(name, "id-ecPublicKey", c_sign, c_verify, encode_ecdsa_sig, decode_ecdsa_sig);
end
local algorithms = {
HS256 = new_hmac_algorithm("HS256"), HS384 = new_hmac_algorithm("HS384"), HS512 = new_hmac_algorithm("HS512");
- ES256 = new_ecdsa_algorithm("ES256", crypto.ecdsa_sha256_sign, crypto.ecdsa_sha256_verify);
+ ES256 = new_ecdsa_algorithm("ES256", crypto.ecdsa_sha256_sign, crypto.ecdsa_sha256_verify, 32);
RS256 = new_rsa_algorithm("RS256"), RS384 = new_rsa_algorithm("RS384"), RS512 = new_rsa_algorithm("RS512");
PS256 = new_rsa_algorithm("PS256"), PS384 = new_rsa_algorithm("PS384"), PS512 = new_rsa_algorithm("PS512");
};