connect2id / Nimbus-JOSE-JWT / issues / #77 - EC JWK 'x' and 'y' param leading zero padding bug — Bitbucket

Issue #77 resolved

Vladimir Dzhuvinov created an issue 2014-01-21

Reported by email:

From: Anders Rundgren Subject: EC JWK Bug in NimbusDS Date: Tue, 21 Jan 2014 13:28:24 +0100 (01/21/2014 02:28:24 PM)

Hi Vladimir, I may have accidentally found a bug in NimbusDS.

http://www.ietf.org/mail-archive/web/jose/current/msg03901.html

Cheers, Anders

Comments (5)

Vladimir Dzhuvinov reporter
- changed title to EC JWK 'x' and 'y' param leading zero padding bug
- changed component to JWK
- assigned issue to
  
  Vladimir Dzhuvinov
- 2014-01-24T08:08:07+00:00
Vladimir Dzhuvinov reporter
- changed status to open
- 2014-01-24T08:08:16+00:00
Vladimir Dzhuvinov reporter
Further comments and suggestions from Anders:

My fix to the problem was using a table:

https://code.google.com/p/openkeystore/source/browse/javascript/trunk/src/crypto/KeySerializing.js

I.e. if you know the curve you can from a table find how long a coordinate is supposed to be and then pad it to the proper length.

Hi Vladimir, I enclosed a bunch of such from my tests. Note that the JSON keys are not following JWK but the line below is a genuine SPKI.

I think the fix is finding the fieldsize : ((ECPublicKey)public_key).getParams ().getCurve ().getField ().getFieldSize ())

The number of bytes to output is: (fieldsize + 7)/8

Good luck!

Anders
- 2014-01-24T08:10:47+00:00
Vladimir Dzhuvinov reporter
Test vector fixed in commit 95d2a1e, merging with master branch.
- 2014-01-24T15:24:39+00:00
Vladimir Dzhuvinov reporter
- changed status to resolved
- 2014-01-24T15:25:33+00:00
Log in to comment

Assignee: Vladimir Dzhuvinov

Type: bug

Priority: major

Status: resolved

Component: JWK

Milestone: –

Votes: 0

Watchers: 1

Jira: the preferred issue tracker for Bitbucket. Join the team!