无法在rfc7515的3.3节中获得相同的签名

问题描述 投票:0回答:1

rfc7515中,有一个jws示例:

BASE64URL(UTF8(JWS保护的标头))= eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9] >>

BASE64URL(JWS有效负载)= eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ

其秘密密钥是jwk:

{“ kty”:“ oct”,“ k”:“ [AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow

”}

然后,我们需要使用指定的密钥和base64url编码结果。

在jws示例中,它给出'dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk

'作为签名,而我得到的是<< [ZekyXWlxvuCN9H8cuDrZfaRa3pMJhHpv6QKFdUqXb>。有什么问题吗?这是我的python3代码。

import hashlib import hmac import base64 message = bytes('eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ','ascii') secret = bytes('AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow','utf-8') signature = base64.urlsafe_b64encode(hmac.new(secret, message, digestmod=hashlib.sha256).digest()) print(signature) 

在rfc7515中,有一个jws示例:BASE64URL(UTF8(JWS受保护的标头))= eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9 BASE64URL(JWS Payload)= ...
jwt hmac
1个回答
0
投票
我发现直接用密钥的字节签名是错误的。我应该使用base64url_decode(key)。然后我得到正确的签名'dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk ='。

import hashlib import hmac import base64 message = bytes('eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ','ascii') secret = base64.urlsafe_b64decode('AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow==') signature = base64.urlsafe_b64encode(hmac.new(secret, message, digestmod=hashlib.sha256).digest()) print(signature)

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.