[Acme] Cleartext JavaScript/JSON signatures using ES6 + Google V8

Anders Rundgren <anders.rundgren.net@gmail.com> Sat, 16 January 2016 07:18 UTC

Return-Path: <anders.rundgren.net@gmail.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9115E1A039A for <acme@ietfa.amsl.com>; Fri, 15 Jan 2016 23:18:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.7
X-Spam-Level:
X-Spam-Status: No, score=0.7 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Vp3CjwFlrxOh for <acme@ietfa.amsl.com>; Fri, 15 Jan 2016 23:18:30 -0800 (PST)
Received: from mail-wm0-x22f.google.com (mail-wm0-x22f.google.com [IPv6:2a00:1450:400c:c09::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B25671A0397 for <acme@ietf.org>; Fri, 15 Jan 2016 23:18:29 -0800 (PST)
Received: by mail-wm0-x22f.google.com with SMTP id f206so47393380wmf.0 for <acme@ietf.org>; Fri, 15 Jan 2016 23:18:29 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:subject:to:message-id:date:user-agent:mime-version :content-type:content-transfer-encoding; bh=+FJO4jdElkgIsrt8bFRb4v/duKaSjfBIQwf7Rnd6RoQ=; b=l6tRfgbUca2DGlsGQfGGSlZ+m9tehMGzZn3cGtQeQ0x+iAkT5/FYHRtlgE3X8KxpRB eKXqpUoSMInvtYhr3q5xkuRevLFCHF12AYx1E52Sytd8EUEL6WVXC0KGm9Bj2R6CnDlD U9aObembBqdb5pvE4ejLJ0mOFrmqyWo9Zs2U28fWlWoIstOm8NiMR90TtGg8zN5A89I2 /CqeLcrXLPnVPxrLVcANmYG8zA5b3JJx7ocQM1aKnf/CPcNqp4vTBR3tqqKXmntHMykO 7iRrejToaep2oUmOGyysK8YuI2TgIqxQno/L2kcFcoprBkro4jq4W8SgGEjO2So6CDZj nv1g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:subject:to:message-id:date:user-agent :mime-version:content-type:content-transfer-encoding; bh=+FJO4jdElkgIsrt8bFRb4v/duKaSjfBIQwf7Rnd6RoQ=; b=K562cfHkYepaCkILVxIKd4iPeDX5fcefBNu01MtFiUOosvOiY/g3kcCJYTGEZu28Bw NaCGSLk/xLB81ukLoX0fq8qNN9iDsDu7OV6nfTD5EOdj9Fo5X6/BJ92Ck74c8PJo2lKE SK2Dx4qsd1ujj8SZvBNiJBmQbzllny89yRNrLGaJi2GVp6Z45JHmJeDOVemqx/vQpXZQ nuyJr0MHYmoVb2iVDUQdGKNve8SEuUhIDnGGLZ3GV30SojgN/ybg9c4U1Z1IdC3y32nE JamwPTK7Q43qUWgK2RzmaK5m8VHH0ebRD2qTtEdrVW5Cq5oVp+mxcW3QNS/WxFH63nuz EnmQ==
X-Gm-Message-State: ALoCoQnLK36QwVa8+0Udecft4LbPUywmiPv22/slXu5D/yPa/b94IySyOtF6ot4W65NCxbo1623CC4s9Wcz9Hae+LnhCR3C8cg==
X-Received: by 10.194.176.170 with SMTP id cj10mr13874545wjc.165.1452928708391; Fri, 15 Jan 2016 23:18:28 -0800 (PST)
Received: from [192.168.1.79] (9.197.130.77.rev.sfr.net. [77.130.197.9]) by smtp.googlemail.com with ESMTPSA id m128sm5669035wma.24.2016.01.15.23.18.27 (version=TLSv1/SSLv3 cipher=OTHER); Fri, 15 Jan 2016 23:18:27 -0800 (PST)
From: Anders Rundgren <anders.rundgren.net@gmail.com>
To: "acme@ietf.org" <acme@ietf.org>
Message-ID: <5699EEC1.6000602@gmail.com>
Date: Sat, 16 Jan 2016 08:18:25 +0100
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/acme/SHQaRpTllaEg-zKGMjYeu2Y3tKA>
Subject: [Acme] Cleartext JavaScript/JSON signatures using ES6 + Google V8
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 16 Jan 2016 07:18:31 -0000

By relying on Google's V8 for number serialization, the final interop hurdle was removed.

JCS was developed to match information-rich, multi-signature schemes like https://www.w3.org/Payments/IG/wiki/Main_Page/ProposalsQ42015/SCAI#The_SCAI_line and similar.  JCS has recently been upgraded to match ECMAScript revision 6/Google V8 making JCS compatible with node.js, Chrome, Firefox, Safari and [of course] my Java reference implementation

It should work equally well for ACME...

JSON Cleartext Signature (JCS): https://cyberphone.github.io/openkeystore/resources/docs/jcs.html#ECMAScript_Compatibility_Mode

var signedObject = {
     // The data
     statement: "Hello signed world!",
     otherProperties: [2000, true],
     // The signature
     signature: {
         algorithm: "ES256",
         publicKey: {
             type: "EC",
             curve: "P-256",
             x: "vlYxD4dtFJOp1_8_QUcieWCW-4KrLMmFL2rpkY1bQDs",
             y: "fxEF70yJenP3SPHM9hv-EnvhG6nXr3_S-fDqoj-F6yM"
         },
         value: "2H__TkcV28QpGWPkyVbR1CW0I8L4xARrVGL0LjOeHJLOPozdzRqCTyYfmAippJXqdzgNAonnFPVCSI5A6novMQ"
     }
};


Anders