2

I'm trying to understand this blog post about JOSE. In the part about JWS, it says the following:

Including the public key in the protected header would not only give the server the ability the validate the signature, we will also be sure that it is the correct one since the protected header is integrity protected!

This is what the example object looks like:

{
    "payload": "eyAKICAgICAgICAiZnJvbSI6ewogICAgICAgICAgICAibmFtZSI6ICJUaW0gWXNld3luIiwKICAgICAgICAgICAgImFjY291bnQiOiAiQ2hlY2tpbmcgYWNjb3VudCIKICAgICAgICB9LAogICAgICAgICJ0byI6ewogICAgICAgICAgICAibmFtZSI6ICJUaW0gWXNld3luIiwKICAgICAgICAgICAgImFjY291bnQiOiAiU2F2aW5ncyBhY2NvdW50IgogICAgICAgIH0sCiAgICAgICAgImFtb3VudCI6IDI1MAogICAgICAgICJjdXJyZW5jeSI6ICJFVVIiCiAgICB9",
    "protected": "eyAKICAgICAgICAiYWxnIjogIlJTMjU2IgogICAgfQ==",
    "header": {
        "signature": "DtEhU3ljbEg8L38VWAfUAqOyKAM6-Xx-F4GawxaepmXFCgfTjDxw5djxLa8ISlSApmWQxfKTUJqPP3-Kg6NU01Q"
    }
}

The protected header is the base64url encoding of:

{ 
    "alg": "ES256"
}

The only reference I can find to putting a public key in there is the use of the key id field kid like so: 

{"alg":"RSA1_5","kid":"2011-04-29"}

Is this what the post is referring to? Or is it referring to something else (like putting the entire public key into the protected header as:

{"alg":"RSA1_5","key":"somepublickeyhere"}
dlggr
  • 741
  • 7
  • 15
aroooo
  • 4,726
  • 8
  • 47
  • 81

1 Answers1

4

You are on the right path. What the article is probably referring to is the "jwk" header parameter defined in RFC-7515 as follows:

The "jwk" (JSON Web Key) Header Parameter is the public key that corresponds to the key used to digitally sign the JWS. This key is represented as a JSON Web Key.

JSON Web Key (JWK) is another part of JOSE defined in RFC-7517. It defines how to represent cryptographic keys in JSON format so they can be transmitted e.g. in a JWS header. An RSA key in JWK format might look something like this:

{
  "kty":"RSA",
  "n": "0vx7 (...) DKgw",
  "e":"AQAB",
  "alg":"RS256",
  "kid":"2011-04-29"
}

And a (protected) JWS header carrying a key, as described in the article, therefore might look like this:

{
  "alg": "RS256",
  "jwk": {
    "kty":"RSA",
    "n": "0vx7 (...) DKgw",
    "e":"AQAB",
    "alg":"RS256",
    "kid":"2011-04-29"
  }
}
Community
  • 1
  • 1
dlggr
  • 741
  • 7
  • 15