signatures calculated incorrectly (hexdigest instead of digest)

[seregine]

Hi,

Thanks for writing this gem! I'm working on the Java implementation of JWT, using the outputs of your Ruby gem to sanity check my results. I ran into an incompatibility and traced it to your use of OpenSSL::HMAC.hexdigest instead of OpenSSL::HMAC.digest (which is what the spec intends).

This is the spec I'm using:
http://self-issued.info/docs/draft-jones-json-web-token-01.html#anchor10

Your call to hexdigest() is in line 16 of jwt.rb.

Here's an example to illustrate the difference:
ruby-1.8.7-p302 > key = "abcdefghijklmnop"
=> "abcdefghijklmnop"
ruby-1.8.7-p302 > msg = "eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ"
=> "eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ"
ruby-1.8.7-p302 > base64url_encode(OpenSSL::HMAC.digest(OpenSSL::Digest::Digest.new('sha256'), key, msg))
=> "Hp4r9or7FRoPXBtCBbQmU3gxrR2d_rDq_2ZGqeshh4A"
ruby-1.8.7-p302 > base64url_encode(OpenSSL::HMAC.hexdigest(OpenSSL::Digest::Digest.new('sha256'), key, msg))
=> "MWU5ZTJiZjY4YWZiMTUxYTBmNWMxYjQyMDViNDI2NTM3ODMxYWQxZDlkZmViMGVhZmY2NjQ2YTllYjIxODc4MA"

Please let me know if you disagree, or are using a different spec.

Mikhail

[progrium]

No, this looks right. I was just too used to the hexdigest representation of HMAC and the spec was not terribly clear about this. I'm updating my other libs (PyJWT and php-jwt) as well. Can you share a JWT produced with your lib for me to use in my tests? Preferably:

payload json: {"hello": "world"}
key: "secret"
alg: HS256

[progrium]

Fixed and released. For now I'm using one generated by the fixed version of the library. Hopefully you'd have generated the same:

eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ9.eyJoZWxsbyI6ICJ3b3JsZCJ9.tvagLDLoaiJKxOKqpBXSEGy7SYSifZhjntgm9ctpyj8

[seregine]

I can come close. The spec requires the "issuer" claim, so here's what I get:

Encoded token:
eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJpc3N1ZXIiLCJoZWxsbyI6IndvcmxkIn0.DpAMLPYNOvukLtXpEWncK0dOV6vKWvp1KAi8NVcCFcg
Token header:
{"alg":"HS256"}
Token payload:
{"iss":"issuer","hello":"world"}

[seregine]

Also, thank you for fixing it so fast!

[progrium]

According to the spec, the issuer is optional!

http://self-issued.info/docs/draft-jones-json-web-token-01.html#ReservedClaimName

[seregine]

Right, thanks for catching that. I'll fix that in my code. Now this is the closest I'll get (whitespace is the difference):

Yours:
{"alg": "HS256", "typ": "JWT"}.{"hello": "world"}

Mine:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJoZWxsbyI6IndvcmxkIn0.lnneNaoem98xYFES3mi2CJJjnMONuWAu-FTWB3XJN14
{"alg":"HS256","typ":"JWT"}.{"hello":"world"}

BTW the Java library doesn't insert "typ":"JWT" because it's also optional, I just added it here to come closer to your example.

[progrium]

Ah, but it works! So good.

Yes, I'm surprised I decided to include typ by default.

Btw, where's your Java implementation?

[seregine]

It's this one. It's not "mine" so much as I'm updating it:
http://code.google.com/p/jsontoken/