futur.blue / pegasus
objective categorical abstract machine language personal data server
fork atom

Low-S normalize DPoP signature before verifying

futur.blue 425576b7 37774d81

verified
+17 -10
unified split
+6
kleidos/kleidos.ml
··· 29 30 val normalize_pubkey_to_raw : bytes -> bytes 31 32 val sign : privkey:bytes -> msg:bytes -> bytes 33 34 val verify : pubkey:bytes -> msg:bytes -> signature:bytes -> bool ··· 73 failwith "invalid compressed key" ) 74 | len -> 75 failwith ("invalid key length: " ^ string_of_int len) 76 77 let sign ~privkey ~msg : bytes = 78 let hashed = SHA2_256.hash msg in ··· 141 failwith "invalid compressed key" ) 142 | len -> 143 failwith ("invalid key length: " ^ string_of_int len) 144 145 let sign ~privkey ~msg : bytes = 146 let hashed = SHA2_256.hash msg in
··· 29 30 val normalize_pubkey_to_raw : bytes -> bytes 31 32 + val low_s_normalize_signature : bytes -> bytes 33 + 34 val sign : privkey:bytes -> msg:bytes -> bytes 35 36 val verify : pubkey:bytes -> msg:bytes -> signature:bytes -> bool ··· 75 failwith "invalid compressed key" ) 76 | len -> 77 failwith ("invalid key length: " ^ string_of_int len) 78 + 79 + let low_s_normalize_signature = Low_s.normalize_k256 80 81 let sign ~privkey ~msg : bytes = 82 let hashed = SHA2_256.hash msg in ··· 145 failwith "invalid compressed key" ) 146 | len -> 147 failwith ("invalid key length: " ^ string_of_int len) 148 + 149 + let low_s_normalize_signature = Low_s.normalize_p256 150 151 let sign ~privkey ~msg : bytes = 152 let hashed = SHA2_256.hash msg in
+11 -10
pegasus/lib/oauth/dpop.ml
··· 122 let x = x |> Jwt.b64_decode |> Bytes.of_string in 123 let y = y |> Jwt.b64_decode |> Bytes.of_string in 124 let pubkey = Bytes.cat (Bytes.of_string "\x04") (Bytes.cat x y) in 125 - let pubkey = 126 - ( pubkey 127 - , match crv with 128 - | "secp256k1" -> 129 - (module Kleidos.K256 : Kleidos.CURVE) 130 - | "P-256" -> 131 - (module Kleidos.P256 : Kleidos.CURVE) 132 - | _ -> 133 - failwith "unsupported algorithm" ) 134 - in 135 let sig_bytes = Jwt.b64_decode sig_b64 |> Bytes.of_string in 136 let r = Bytes.sub sig_bytes 0 32 in 137 let s = Bytes.sub sig_bytes 32 32 in 138 let signature = Bytes.cat r s in 139 Kleidos.verify ~pubkey ~msg ~signature 140 | _ -> 141 false
··· 122 let x = x |> Jwt.b64_decode |> Bytes.of_string in 123 let y = y |> Jwt.b64_decode |> Bytes.of_string in 124 let pubkey = Bytes.cat (Bytes.of_string "\x04") (Bytes.cat x y) in 125 let sig_bytes = Jwt.b64_decode sig_b64 |> Bytes.of_string in 126 let r = Bytes.sub sig_bytes 0 32 in 127 let s = Bytes.sub sig_bytes 32 32 in 128 let signature = Bytes.cat r s in 129 + let pubkey, signature = 130 + match crv with 131 + | "secp256k1" -> 132 + ( (pubkey, (module Kleidos.K256 : Kleidos.CURVE)) 133 + , Kleidos.K256.low_s_normalize_signature signature ) 134 + | "P-256" -> 135 + ( (pubkey, (module Kleidos.P256 : Kleidos.CURVE)) 136 + , Kleidos.P256.low_s_normalize_signature signature ) 137 + | _ -> 138 + failwith "unsupported algorithm" 139 + in 140 Kleidos.verify ~pubkey ~msg ~signature 141 | _ -> 142 false