IETF Logo Mail Archive

Re: [Acme] ACME signature mechanics

Anders Rundgren <anders.rundgren.net@gmail.com> Wed, 17 December 2014 10:07 UTC

Return-Path: <anders.rundgren.net@gmail.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ADD931A1BBB for <acme@ietfa.amsl.com>; Wed, 17 Dec 2014 02:07:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tzx035uxrZ7o for <acme@ietfa.amsl.com>; Wed, 17 Dec 2014 02:07:26 -0800 (PST)
Received: from mail-wi0-x234.google.com (mail-wi0-x234.google.com [IPv6:2a00:1450:400c:c05::234]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 337FF1A8788 for <acme@ietf.org>; Wed, 17 Dec 2014 02:07:25 -0800 (PST)
Received: by mail-wi0-f180.google.com with SMTP id n3so15452561wiv.1 for <acme@ietf.org>; Wed, 17 Dec 2014 02:07:24 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=/gAZR42ZjZwoUNByseU3F+k+y9Pw+tn+RLKPCpXKH/Q=; b=zxy2ty8QYYZpqqQp/0Ar/tic7IXMq2uzzcQs9iWjUYlmf6wp54oagDfI5Z54wWwO9j jCxI3xHnwOSRbln5DtcAgCC+St8Rr5jDqfk7L74TYHqTE7CfF4gZQPyhnfGZBSTFqjBj AhRDJ1WgIFU/PhYUfw/Lk3RwpmbRBzmgO/6BhJaOSi8OuQHroxP/LbBUqDvwfJBDe5g1 UIg+UMOeGUB8e82UAk85jXR7YTtg+PgOb6p6GLDbG7qqfdbty9tzyyoWb/ZQu5Gy3ze/ /n/a8dm5aYDPAwVHrywFJWMm+H5wryz9tElCKXB0Hm31QljVFmUbrFJxfP/cJUV8po9H RKFg==
X-Received: by 10.180.88.33 with SMTP id bd1mr12851707wib.10.1418810843946; Wed, 17 Dec 2014 02:07:23 -0800 (PST)
Received: from [192.168.1.79] (52.16.14.81.rev.sfr.net. [81.14.16.52]) by mx.google.com with ESMTPSA id 18sm4426994wjr.46.2014.12.17.02.07.23 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 17 Dec 2014 02:07:23 -0800 (PST)
Message-ID: <549155D4.80605@gmail.com>
Date: Wed, 17 Dec 2014 11:07:16 +0100
From: Anders Rundgren <anders.rundgren.net@gmail.com>
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0
MIME-Version: 1.0
To: Richard Barnes <rlb@ipv.sx>
References: <548FF9E3.1020703@gmail.com> <CAL02cgT9iYqtX2Ui5XQYnj=yeF_QnSkKn-jE0D5d56WMzB5bBg@mail.gmail.com>
In-Reply-To: <CAL02cgT9iYqtX2Ui5XQYnj=yeF_QnSkKn-jE0D5d56WMzB5bBg@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/acme/Dot8jK_GmFIGSoTZMJnjT8USXPs
Cc: "acme@ietf.org" <acme@ietf.org>
Subject: Re: [Acme] ACME signature mechanics
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Dec 2014 10:07:27 -0000

FWIW, it seems that Python can do JCS with floating point data as the (expected) exception:

import json
import collections

jcs_signed_data = (
'{ '
'  "now": "2014-12-08T10:25:17Z", '
'  "escapeMe": "\\u20ac$\\u000F\\u000aA\'\\u0042\\u0022\\u005c\\\\\\"\\/", '
'  "numbers": [1e0, 4.50, 6], '
'  "signature": '
'    { '
'      "algorithm": "ES256", '
'      "publicKey": '
'        { '
'          "type": "EC", '
'          "curve": "P-256", '
'          "x": "lNxNvAUEE8t7DSQBft93LVSXxKCiVjhbWWfyg023FCk", '
'          "y": "LmTlQxXB3LgZrNLmhOfMaCnDizczC_RfQ6Kx8iNwfFA" '
'        }, '
'      "value": "MEYCIQDGP3HL5aCGaMlgNlqqnPbq-Dhkli4SkfV_ZoGlhGroowIhAPlPhXOsjpPHgQ8E8M-jUQo8lfgO_GRZUJKsg_-u-aJO" '
'    } '
'}'
)

jsonObject = json.loads(jcs_signed_data, object_pairs_hook=collections.OrderedDict)
parsed_signature = json.dumps(jsonObject,separators=(',',':'),ensure_ascii=False)
print parsed_signature
#get all but the signature value
jsonObject['signature'].pop('value')
normalized_result = json.dumps(jsonObject,separators=(',',':'),ensure_ascii=False)
print normalized_result

expected_result_adjusted_for_FP = (
u'{"now":"2014-12-08T10:25:17Z","escapeMe":"\u20ac$\\u000f\\nA\'B\\"\\\\\\\\\\"/","numbers":[1.0,4.5,6],"signature":'
u'{"algorithm":"ES256","publicKey":{"type":"EC","curve":"P-256","x":"lNxNvAUEE8t7DSQBft93LVSXxKCiVjhbWW'
u'fyg023FCk","y":"LmTlQxXB3LgZrNLmhOfMaCnDizczC_RfQ6Kx8iNwfFA"}}}'
)

print expected_result_adjusted_for_FP == normalized_result

v2.23.0 | Report a Bug | By Email