Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Signature verification failure when using URLSafeBase64Encoder #525

Open
kiwih opened this issue May 2, 2019 · 1 comment
Open

Signature verification failure when using URLSafeBase64Encoder #525

kiwih opened this issue May 2, 2019 · 1 comment

Comments

@kiwih
Copy link

kiwih commented May 2, 2019
edited

I have been experimenting with pynacl (1.3.0) using python3 (3.5.2)
Using the examples on https://pynacl.readthedocs.io/en/stable/signing/, I construct this minimum example:

import nacl.encoding
import nacl.signing

message = b"Attack at Dawn"

# Generate a new random signing key
signing_key = nacl.signing.SigningKey.generate()

# Sign a message with the signing key
signed = signing_key.sign(message, encoder=nacl.encoding.HexEncoder)

# Obtain the verify key for a given signing key
verify_key = signing_key.verify_key

# Check the validity of a message's signature
# The message and the signature can either be passed separately or
# concatenated together.  These are supposed to be equivalent:
verify_key.verify(signed, encoder=nacl.encoding.HexEncoder) #this line verifies
verify_key.verify(signed.message, signed.signature, encoder=nacl.encoding.HexEncoder) #this line also verifies, since they are the same

print("All is well")

This works fine.
However, if we change the encoding type to URLSafeBase64Encoder, as in the following minimum example

import nacl.encoding
import nacl.signing

message = b"Attack at Dawn"

# Generate a new random signing key
signing_key = nacl.signing.SigningKey.generate()

# Sign a message with the signing key
signed = signing_key.sign(message, encoder=nacl.encoding.URLSafeBase64Encoder)

# Obtain the verify key for a given signing key
verify_key = signing_key.verify_key

# Check the validity of a message's signature
# The message and the signature can either be passed separately or
# concatenated together.  These are supposed to be equivalent:
verify_key.verify(signed, encoder=nacl.encoding.URLSafeBase64Encoder) #this line verifies
verify_key.verify(signed.message, signed.signature, encoder=nacl.encoding.URLSafeBase64Encoder) #THIS LINE DOES NOT VERIFY

print("All is well")

I get the following trace

Traceback (most recent call last):
  File "testing_nacl.py", line 19, in <module>
    verify_key.verify(signed.message, signed.signature, encoder=nacl.encoding.URLSafeBase64Encoder) #THIS LINE DOES NOT VERIFY
  File "/home/username/.local/lib/python3.5/site-packages/nacl/signing.py", line 112, in verify
    return nacl.bindings.crypto_sign_open(smessage, self._key)
  File "/home/username/.local/lib/python3.5/site-packages/nacl/bindings/crypto_sign.py", line 111, in crypto_sign_open
    raise exc.BadSignatureError("Signature was forged or corrupt")
nacl.exceptions.BadSignatureError: Signature was forged or corrupt

I think there is a bug with the URLSafeBase64Encoder in this case.
@lmctv
Copy link
Contributor

lmctv commented May 7, 2019

This kind of weirdness is the reason why we are discussing, about removing support from the encoding= parameter since @alex comment in #504 (comment) and my later #523 PR.

@lmctv lmctv mentioned this issue May 18, 2019
Open
6 tasks
@mattsdevop mattsdevop mentioned this issue May 10, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lmctv @kiwih