What does "verify-signature" mean? #23
Comments
This was the payload I used: |
This is how I'm creating my signature in PHP (private key is abridged here, please see attached file): function makeSignature($signingInput) |
Hi @Agile-Dev, "verify-signature" means the attempt to verify that the signature matches your public key failed. This method is what's doing that computation under the hood. I haven't had a chance to dig any deeper yet into where exactly things are going wrong, but hopefully that helps. |
Thank you very much. I'll be looking into it. -- Agile-Dev On Fri, Oct 18, 2013 at 10:33 AM, Mike Larsson notifications@github.comwrote:
|
Make sure you have structural validity as well as signature validity: https://github.com/mozilla/openbadges/wiki/Assertions Haven't done this in PHP yet, so I can't comment on your code otherwise. |
I've managed to fix it. What I did was change the public key link to be in ".pem" format instead of a php or text file.(perhaps this requirement can be made more explicit?) Take note that the public key must contain exactly 65 characters per line (except the header, footer, and last line of the key) and that the private key must be exactly 64 characters per line (same exceptions). ....So using PHPSecLib turned out not to be the problem at all as I had thought before. |
I have the problem with private key! A real example which I could paste and it pass. |
@eGavr this page includes a short guide to creating keys https://github.com/mozilla/openbadges/wiki/Creating-Signed-Assertions#prepare-your-keys |
Thank you! |
I'm getting the following output from the validator:
{
"status": "invalid",
"reason": "verify-signature",
"error": {
"message": "verify-signature",
"code": "verify-signature"
},
"info": {
"version": "1.0.0",
"signature": "eyJhbGciOiJSUzI1NiJ9.ewoJInVpZCI6ImgyYTIwIiwKCSJyZWNpcGllbnQiOgoJewoJCSJ0eXBlIjoiZW1haWwiLAoJCSJoYXNoZWQiOnRydWUsCgkJInNhbHQiOiJkZWFkc2VhIiwKCQkiaWRlbnRpdHkiOiJzaGEyNTYkYzdjMjUzNjU0YTZhNzc4YWE2ZTUzOGU5NmMxNWM3NGJlNDgyMDg4MmRmNWNkODU1YzBmYWJjMzliNzUzNjNmMyIKCX0sCgkiaXNzdWVkT24iOjEzODA4MzM5NjcsCgkiYmFkZ2UiOiAiaHR0cDovL29wZW5iYWRnZXMtenpsLm9yZy9vcGVuYmFkZ2VzL2JhZGdlX3NpbXBsZS5qc29uIiwKCSJ2ZXJpZnkiOgoJewoJCSJ0eXBlIjoic2lnbmVkIiwKCQkidXJsIjoiaHR0cDovL29wZW5iYWRnZXMtenpsLm9yZy9vcGVuYmFkZ2VzL3B1YmtleS50eHQiCgl9Cn0.YK-QbFc7bkwYSmJlC32GSSooCRrT3HdU5-2d1u75-TRXohP3Zmzu0zrJd_AiLcKnQuVllzMLNeQvMe3rNij_gnBizr487_z_OZW6yvboyyexeCc-5vZFEyvR_d6PHKGviZgSYobUXKSMrGbuh8WPgrvGt1OLY_0TaX8QB9XLX3q3Rcc2GtwCKrqWtbG-xW73YPUeJq3pZCMvn_UdaZsQjnOy0wrrqKZ5wUTiWU6TIN9xXqk0c6wDj9YB3CJ2nx5vKtvohHBdOuGc2uAb8coRe0KVC5uK7djSLqrYZa9HsCYC0nwe0LrmjXs9jvp_oF4k6fMcc9tyR67D4Epkufc7dg",
"structures": {
"assertion": {
"uid": "h2a20",
"recipient": {
"type": "email",
"hashed": true,
"salt": "deadsea",
"identity": "sha256$c7c253654a6a778aa6e538e96c15c74be4820882df5cd855c0fabc39b75363f3"
},
"issuedOn": 1380833967,
"badge": "http://openbadges-zzl.org/openbadges/badge_simple.json",
"verify": {
"type": "signed",
"url": "http://openbadges-zzl.org/openbadges/pubkey.txt"
}
},
"badge": {
"name": "Lightning caricaturist",
"description": "Has attained rank of Thor",
"image": "http://openbadges-zzl.org/openbadges/badge.png",
"criteria": "http://drawing.wonderhowto.com/how-to/draw-lightning-with-different-drawing-techniques-264782/",
"issuer": "http://openbadges-zzl.org/openbadges/issuer_simple.json"
},
"issuer": {
"name": "Zig Zag Lightning Openbadges Issuer",
"url": "http://openbadges-zzl.org/"
}
}
}
}
Any ideas?
Thank you,
Freddie
The text was updated successfully, but these errors were encountered: