TheLazy.Dev
Portfolio GitHub

Blog

Unable to verify digital signature with public key and detached payload

shreya_dalvi_40fd31b69610

Shreya Dalvi

Posted on May 27, 2024

Unable to verify digital signature with public key and detached payload

Hi Team,

I have a response from the external API in the below format:

const inputData = {
signature: 'eyJhbGciOiJSUzI1NiIsImtpZCI6InNhbXBsZS1rZXktaWQifQ..SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c',
response: 'jdskhfgdjskfgkjsdhf'
};
The signature is without the payload check ("..") in inputData signature, and I am trying to verify the signature.

My public key format is:

PublicKey: {
"kty": "RSA",
"e": "AQAB",
"use": "sig",
"kid": "erityuiuerot",
"n": "kjfghdsjkbfdasbf"
}
The inputData is:

const inputData = {
signature: 'eyJhbGciOiJSUzI1NiIsImtpZCI6InNhbXBsZS1rZXktaWQifQ..SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c',
response: 'jdskhfgdjskfgkjsdhf'
};
I am using the below code to verify it in nodejs:

const jose = require("node-jose");

async function createKeystore() {
const keystore = jose.JWK.createKeyStore();

// Add the public key to the keystore
const key = await keystore.add({
    kty: 'RSA',
    kid: "erityuiuerot",
    use: 'sig',
    alg: 'RS256',
    n: "kjfghdsjkbfdasbf",
    e: 'AQAB'
}, 'json');

return keystore;
Enter fullscreen mode Exit fullscreen mode

}

async function verifyDetachedJWS(jws, payload) {
try {
const keystore = await createKeystore();
console.log("keystore", keystore);
// Use JWS.createVerify to verify the token
const verifier = jose.JWS.createVerify(keystore);

   const result = await verifier.verify(jws);

    console.log('Verification successful:', result);
} catch (error) {
    console.error('Verification failed:', error);
}
Enter fullscreen mode Exit fullscreen mode

}

// Example JWS token (without payload) and payload (replace with your actual values)
const jws = 'eyJhbGciOiJSUzI1NiIsImtpZCI6InNhbXBsZS1rZXktaWQifQ..SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c';

verifyDetachedJWS(jws, payload);
But I am getting the following error:

Verification failed: Error: no key found
at processSig (/node_modules/node-jose/lib/jws/verify.js:132:22)
I am unable to figure out where the issue is. Can you please help me resolve this as soon as possible?

Do I need to use private for verification, if yes then please suggest code how to do it.

my private key is in below format :

PrivateKey : {
keys : [{
"p": "",
"kty": "RSA",
"q": "",
"d": "",
"e": "",
"use": "sig",
"kid": "",
"qi": "",
"dp": "",
"dq": "",
"n": ""
}]
};

Kindest Regards

💖 💪 🙅 🚩
shreya_dalvi_40fd31b69610
Shreya Dalvi

Posted on May 27, 2024

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related

I am purposefully super nice to AI because I imagine they are trained on data where nice people get better help. Doing this, though, has an existential uneasiness to it.
ai I am purposefully super nice to AI because I imagine they are trained on data where nice people get better help. Doing this, though, has an existential uneasiness to it.

November 28, 2024

If you're a beginner, definitely check this open source guide. I've explained almost everything you need to know.
undefined If you're a beginner, definitely check this open source guide. I've explained almost everything you need to know.

November 28, 2024

The best way to get better at writing code is...
development The best way to get better at writing code is...

November 28, 2024

AI Innovations at Microsoft Ignite 2024 What You Need to Know (Part 2)
githubcopilot AI Innovations at Microsoft Ignite 2024 What You Need to Know (Part 2)

November 29, 2024

Buying nothing, or how digital art is disappearing
discuss Buying nothing, or how digital art is disappearing

November 28, 2024