pact icon indicating copy to clipboard operation
pact copied to clipboard
verified publisher icon kadena-io

Add jose for verifying signatures (temporary, WIP, etc)

Open edmundnoble opened this issue 2 years ago • 2 comments

edmundnoble avatar Mar 16 '23 18:03 edmundnoble

I've added the following tests:

(expect "hashing clientdatajson should result in the same hash"
  "0n-BTHjCrUTiOhN1wWgcacSvrpL-4gyuAPAp5-_5i1I"
  (sha-256 "eyJ0eXBlIjoid2ViYXV0aG4uZ2V0IiwiY2hhbGxlbmdlIjoiWVRNek1HWmtNakV4T0RRMU9XRmtaamRrTW1Kak1qUTJZMkpqWW1KalpHTTVZemhtTnpkaU5UVTFZakZqWWpWak5UZ3lNR0kzTW1JelpqazFOVFl3TlEiLCJvcmlnaW4iOiJodHRwOi8vbG9jYWxob3N0OjEzMzciLCJjcm9zc09yaWdpbiI6ZmFsc2V9"))
(expect "same sig"
  "svaPFnKK5EUpBSnECZsrMCchQxyjRIwlsyRCj2pNAZRkr_W69RSiev0gNgU2la39dLkzMmaND8XlixyWL4t-vA"
  (base64-concat ["SZYN5YgOjGh0NBcPZHZgW4_krrmihjLHmVzzuoMdl2MFAAAABw" "0n-BTHjCrUTiOhN1wWgcacSvrpL-4gyuAPAp5-_5i1I"]))
(expect "authenticator data to be concatenated with clientdata"
  "svaPFnKK5EUpBSnECZsrMCchQxyjRIwlsyRCj2pNAZRkr_W69RSiev0gNgU2la39dLkzMmaND8XlixyWL4t-vA"
  (base64-concat
    ["SZYN5YgOjGh0NBcPZHZgW4_krrmihjLHmVzzuoMdl2MFAAAABw"
     (base64-encode
       (sha-256
         "eyJ0eXBlIjoid2ViYXV0aG4uZ2V0IiwiY2hhbGxlbmdlIjoiWVRNek1HWmtNakV4T0RRMU9XRmtaamRrTW1Kak1qUTJZMkpqWW1KalpHTTVZemhtTnpkaU5UVTFZakZqWWpWak5UZ3lNR0kzTW1JelpqazFOVFl3TlEiLCJvcmlnaW4iOiJodHRwOi8vbG9jYWxob3N0OjEzMzciLCJjcm9zc09yaWdpbiI6ZmFsc2V9"))]))

I think the sha-256 works as expected, but the base64-concat is not concatenating the strings correctly.

When converted to a byte array the length of authenticator is 37 and the client data json is 32 for the above provided values. I noticed that you are converting the base64 string to utf8, which I believe yields different results. In javascript I convert it with a function like this: Buffer.from("SZYN5YgOjGh0NBcPZHZgW4_krrmihjLHmVzzuoMdl2MFAAAABw", "base64") if I would similarly convert it with utf8, I would get an array length of 50 and 43.

EnoF avatar Mar 21 '23 07:03 EnoF

The above mentioned tests are incorrect, made some copy paste errors for the values... resulting in the false negatives.

Below are the rectified tests:

(expect "hashing clientdatajson should result in the same hash"
  "ofPpLhvmSReO2yJ8yReN2rzxtCZTgKrZ7mTcVl5QZfk"
  (sha-256 "eyJ0eXBlIjoid2ViYXV0aG4uZ2V0IiwiY2hhbGxlbmdlIjoiYThhM0FaZlNUTkliZ3RQYlNYM2VkLXd6QmZhQm1fbDd3UDdyYTRscDh6SSIsIm9yaWdpbiI6Imh0dHA6Ly9sb2NhbGhvc3Q6MTMzNyIsImNyb3NzT3JpZ2luIjpmYWxzZSwib3RoZXJfa2V5c19jYW5fYmVfYWRkZWRfaGVyZSI6ImRvIG5vdCBjb21wYXJlIGNsaWVudERhdGFKU09OIGFnYWluc3QgYSB0ZW1wbGF0ZS4gU2VlIGh0dHBzOi8vZ29vLmdsL3lhYlBleCJ9"))
(expect "find tx-message"
  true
  (contains "\"YTMzMGZkMjExODQ1OWFkZjdkMmJjMjQ2Y2JjYmJjZGM5YzhmNzdiNTU1YjFjYjVjNTgyMGI3MmIzZjk1NTYwNQ\"" (base64-decode "eyJ0eXBlIjoid2ViYXV0aG4uZ2V0IiwiY2hhbGxlbmdlIjoiWVRNek1HWmtNakV4T0RRMU9XRmtaamRrTW1Kak1qUTJZMkpqWW1KalpHTTVZemhtTnpkaU5UVTFZakZqWWpWak5UZ3lNR0kzTW1JelpqazFOVFl3TlEiLCJvcmlnaW4iOiJodHRwOi8vbG9jYWxob3N0OjEzMzciLCJjcm9zc09yaWdpbiI6ZmFsc2V9")))
(expect "same sig"
  "SZYN5YgOjGh0NBcPZHZgW4_krrmihjLHmVzzuoMdl2MFAAAAKKHz6S4b5kkXjtsifMkXjdq88bQmU4Cq2e5k3FZeUGX5"
  (base64-concat ["SZYN5YgOjGh0NBcPZHZgW4_krrmihjLHmVzzuoMdl2MFAAAAKA" "ofPpLhvmSReO2yJ8yReN2rzxtCZTgKrZ7mTcVl5QZfk"]))
(expect "authenticator data to be concatenated with clientdata"
  "SZYN5YgOjGh0NBcPZHZgW4_krrmihjLHmVzzuoMdl2MFAAAAKKHz6S4b5kkXjtsifMkXjdq88bQmU4Cq2e5k3FZeUGX5"
  (base64-concat
    ["SZYN5YgOjGh0NBcPZHZgW4_krrmihjLHmVzzuoMdl2MFAAAAKA"
      (sha-256 "eyJ0eXBlIjoid2ViYXV0aG4uZ2V0IiwiY2hhbGxlbmdlIjoiYThhM0FaZlNUTkliZ3RQYlNYM2VkLXd6QmZhQm1fbDd3UDdyYTRscDh6SSIsIm9yaWdpbiI6Imh0dHA6Ly9sb2NhbGhvc3Q6MTMzNyIsImNyb3NzT3JpZ2luIjpmYWxzZSwib3RoZXJfa2V5c19jYW5fYmVfYWRkZWRfaGVyZSI6ImRvIG5vdCBjb21wYXJlIGNsaWVudERhdGFKU09OIGFnYWluc3QgYSB0ZW1wbGF0ZS4gU2VlIGh0dHBzOi8vZ29vLmdsL3lhYlBleCJ9")
    ]))

EnoF avatar Mar 21 '23 14:03 EnoF