Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: the bytes of the output of the hash function must be base64url-encoded. #57

Merged
merged 2 commits into from
Feb 8, 2024
Merged

fix: the bytes of the output of the hash function must be base64url-encoded. #57

merged 2 commits into from
Feb 8, 2024

Conversation

y12studio
Copy link
Contributor

No description provided.

@y12studio
fix: the bytes of the output of the hash function must be base64url-e…
2550305 
…ncoded.

Signed-off-by: JOYE LIN <y12studio@gmail.com>
@lukasjhan
Copy link
Member

Hi @y12studio.

The bytes of the output of the hash function MUST be base64url-encoded
https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-07.html#section-5.2.3

Like you pointed out, There is a bug processing hash of disclosure.
But I think we should modify the digest function to return base64url in crypto.ts. Because user's hasher function can be used and it might not return a hex string.

User's hasher function is passed through,

  • [index.ts] issue function pass hasher function to pack function
  • [sdjwt.ts] pack function use it to disclosure.digest and createDecoy

It would be good if you could share your thoughts please. :)

@lukasjhan
Copy link
Member

Maybe, User's hasher function must return a base64url string should be added to the docs later.

@y12studio
Copy link
Contributor Author

@lukasjhan I encountered issues during pnpm test while trying to modify the digest function to directly return a base64url-encoded string. Despite my efforts, I couldn't resolve these errors. As a temporary solution, I've implemented a workaround that allows the tests to pass successfully.

To ensure long-term maintainability and code quality, I propose merging this PR first. This will allow you to address the digest function rewrite without compromising test integrity.

@lukasjhan
Copy link
Member

That would be a good idea. :)

@lukasjhan lukasjhan merged commit 025786b into openwallet-foundation-labs:main Feb 8, 2024
1 check passed
@lukasjhan
Copy link
Member

@lukasjhan I encountered issues during pnpm test while trying to modify the digest function to directly return a base64url-encoded string. Despite my efforts, I couldn't resolve these errors.

I'll check on this :)

lukasjhan added a commit to lukasjhan/sd-jwt-js that referenced this pull request Feb 11, 2024
@lukasjhan
Revert "fix: the bytes of the output of the hash function must be bas…
d55879c 
…e64url-encoded. (openwallet-foundation-labs#57)"

This reverts commit 025786b.

Signed-off-by: Lukas.J.Han <lukas.j.han@gmail.com>
@y12studio y12studio deleted the base64url-encoded-digest branch February 23, 2024 07:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lukasjhan lukasjhan lukasjhan approved these changes

@zustkeeper zustkeeper Awaiting requested review from zustkeeper zustkeeper is a code owner

@berendsliedrecht berendsliedrecht Awaiting requested review from berendsliedrecht berendsliedrecht is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@y12studio @lukasjhan