2

I'm having issues verifying a JWS with detached payload. I've basically copied all steps in the example provided on the jose4j documentation but for some reason verification still returns false while it should succeed.

Here's the code I'm using, using latest version of jose4j.

// signature is the complete JWS in the form: "JOSE Header".."JWS Signature"
// payload is the unencoded JSON string that makes up the request body
public boolean verifySignature(String signature, String payload) {

        JsonWebSignature jws = new JsonWebSignature();
        jws.setKnownCriticalHeaders(critHeaders); //critical headers from documentation
        //Algorithm as provided in documentation
        jws.setAlgorithmConstraints(new AlgorithmConstraints(AlgorithmConstraints.ConstraintType.PERMIT, 
                                                            AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256));
        jws.setPayload(payload);
        try {
            jws.setCompactSerialization(signature);
            String keyId = jws.getKeyIdHeaderValue();
            String keyType = jws.getKeyType();
            String keyAlg = jws.getAlgorithmHeaderValue();
            //Retrieve key from cached jwks
            JsonWebKey usedKey = jwks.findJsonWebKey(keyId, keyType, "sig", keyAlg);
            jws.setKey(usedKey.getKey());
            return jws.verifySignature();
        } catch  (JoseException e) {
            //log
            return false;
        }       
    }
KoMaBeLu
  • 63
  • 10
  • *for some reason verification still returns false* - you should at least log the exception and tell us the result. And can you please add a link to the example to which you refer? That would be helpful as well. – jps Dec 16 '21 at 16:48
  • @jps there is no exception, the `jws.verifySignature();` is returning the boolean value false, while it should be true. I've added the link to the example in question – KoMaBeLu Dec 21 '21 at 10:09

2 Answers2

2

Try moving jws.setPayload(payload); down to after the jws.setCompactSerialization(...); line.
I think that jws.setCompactSerialization(...); is overwriting the payload to be the empty string, which would break the signature verification.

Brian Campbell
  • 2,293
  • 12
  • 13
  • unfortunately this was not the solution – KoMaBeLu Dec 21 '21 at 10:06
  • As an fyi, your hunch was correct in that setting the payload before the compact serialization was resetting the payloadBytes to an empty array – KoMaBeLu Dec 21 '21 at 14:35
  • I couldn't get this working and had to switch over to Nimbus JOSE, so if you want I can open an issue over on bitbucket so you can investigate? – KoMaBeLu Jan 07 '22 at 08:15
  • Sure, if you can provide enough info to look into it. Like the snippet of code used, the JWS, the payload, the public key / JWK, etc. And the snippet of Nimbus code that worked. – Brian Campbell Jan 16 '22 at 13:30
  • 1
    Done, good luck debugging! – KoMaBeLu Jan 20 '22 at 13:19
0

Brian Campbell looked into this over on the jose4j Bitbucket, and this is his solution

adding a jws.setEncodedPayload(null); right after jws.setCompactSerialization(signature); will make it work.

Apparently there is some inconsistency in my use case between the encoded/unencoded payload

KoMaBeLu
  • 63
  • 10