1. Brian Campbell Avatar Brian Campbell
  2. Untitled project
  3. jose4j
  4. Issues

Support of RFC 7797 JWS Unencoded Payload Option doesn't work

Issue #156 closed
Yaroslav Soltys created an issue

I need to generate jws with an unencoded payload according to RFC 7797.

I’ve written code according to your wiki tutorial:

public static String createJwsSignature() throws CertificateException, UnrecoverableEntryException, NoSuchAlgorithmException, KeyStoreException, IOException, JoseException {
    JsonWebSignature signerJws = new JsonWebSignature();
    signerJws.setPayload("{\"key\": \"value\"}");

    signerJws.getHeaders().setObjectHeaderValue(HeaderParameterNames.BASE64URL_ENCODE_PAYLOAD, false);

    signerJws.setCriticalHeaderNames(
            HeaderParameterNames.BASE64URL_ENCODE_PAYLOAD
    );
    signerJws.setKeyIdHeaderValue("213081410402036757863450612430055725658");
    signerJws.setAlgorithmHeaderValue("RS256");

    signerJws.setKey(HttpClientUtil.getPrivateKey());

   return signerJws.getCompactSerialization();
}

And it generates me a jws with an encoded payload :

eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJraWQiOiIyMTMwODE0MTA0MDIwMzY3NTc4NjM0NTA2MTI0MzAwNTU3MjU2NTgiLCJhbGciOiJSUzI1NiJ9.eyJrZXkiOiAidmFsdWUifQ.T0MV9G55LQyEDLRO_Q2XXYXOFqkUaoxvHfneyH5iqq2i9ba-ThPePPx3JdgkGIrthyDBjNPGr8REF0mPcO_knPBO1sMv6vr1LIr4kVmVg5ougQ6oi7V6QZ1WnHYWE94BfJHu_r0SJ0OGnoQPGDqXLKL3PttXeXbE7Xe9MiaJYOfKEw9bHX-0lxCEJjphYhZS8uWA2DmqqLrs9to8OdT1eau92HveLzux7X1r4jPxzkgeN6fGqUv_Oyd6lfWJPEu_ZDGXUAZSRM7QI9ok1oGf8jbmIECTGrc4Wv0D1ocE1uObUSt2tDmQ-GgLGXa8DwlXqS0AZBI6GeZOkotTEYYiXw

When I call signerJws.toString() It get me correct header structure but anyway payload is encoded in the final jws.

JsonWebSignature{"b64":false,"crit":["b64"],"kid":"213081410402036757863450612430055725658","alg":"RS256"}

Comments (4)

  1. Brian Campbell repo owner

    You need to use getDetachedContentCompactSerialization() rather than getCompactSerialization() as shown in the wiki example at https://bitbucket.org/b_c/jose4j/wiki/JWS%20Examples#markdown-header-using-the-rfc-7797-jws-unencoded-payload-option 

        // Produce the compact serialization with an empty/detached payload,
    // which is the encoded header + ".." + the encoded signature
    String detachedContentJws = signerJws.getDetachedContentCompactSerialization();

    and from JsonWebSignature

    /**
 * Produces the compact serialization with an empty/detached payload as described in
 * <a href="http://tools.ietf.org/html/rfc7515#appendix-F">Appendix F, Detached Content, of the JWS spec</a>
 * though providing library support rather than making the application do it all as
 * described therein.
 *
 * @return the encoded header + ".." + the encoded signature
 * @throws JoseException if an error condition is encountered during the signing process
 */
public String getDetachedContentCompactSerialization() throws JoseException
{
    this.sign();
    return CompactSerializer.serialize(getEncodedHeader(), "", getEncodedSignature());
}

  2. Brian Campbell repo owner

    Or were you wanting to produce a JWS compact serialization with the Unencoded Payload Option (like the snippet below)? That indeed appears not to be working correctly. I guess I didn’t think anyone would every actually use that combination of things and apparently overlooked it when implementing and testing RFC 7797 support.

    eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJraWQiOiIyMTMwODE0MTA0MDIwMzY3NTc4NjM0NTA2MTI0MzAwNTU3MjU2NTgiLCJhbGciOiJSUzI1NiJ9.{"key": "value"}.T0MV9G55LQyEDLRO_Q2XXYXOFqkUaoxvHfneyH5iqq2i9ba-ThPePPx3JdgkGIrthyDBjNPGr8REF0mPcO_knPBO1sMv6vr1LIr4kVmVg5ougQ6oi7V6QZ1WnHYWE94BfJHu_r0SJ0OGnoQPGDqXLKL3PttXeXbE7Xe9MiaJYOfKEw9bHX-0lxCEJjphYhZS8uWA2DmqqLrs9to8OdT1eau92HveLzux7X1r4jPxzkgeN6fGqUv_Oyd6lfWJPEu_ZDGXUAZSRM7QI9ok1oGf8jbmIECTGrc4Wv0D1ocE1uObUSt2tDmQ-GgLGXa8DwlXqS0AZBI6GeZOkotTEYYiXw

  5. Log in to comment
Assignee
Type
bug
Priority
major
Status
closed
Votes
0
Watchers
1
Jira: the preferred issue tracker for Bitbucket. Join the team!