I try to implement something like DID auth for OI Chat. On the server with python I use coincurve to verify the jwt signature:
pwd = password.encode("utf-8") try: signing_input, crypto_segment = pwd.rsplit(b".", 1) header_segment, payload_segment = signing_input.split(b".", 1) except ValueError: raise DecodeError("Not enough segments") payload = self.base64url_decode(payload_segment) payload = json.loads(payload.decode("utf-8")) publicKey = payload["public_keys"] pubKey = bytes.fromhex(publicKey) sig = bytes.fromhex(crypto_segment.hex()) coincurve.verify_signature(sig, payload_segment, pubKey)
This fails with
The DER-encoded signature could not be parsed.
Am I using the method incorrectly?
The full code can be found here:
In particular in feature branch jwt-auth:
To run a test just call
Any help to make the test past would be appreciated.
There is a question on bitcoin stackoverflow, however, I am not sure how to apply the answer to my code. Is the public key in DER format? https://bitcoin.stackexchange.com/questions/86043/question-about-python-library-coincurve-libsecp256k
Is there a (better) package to verify ES256k signatures?