3 Replies
      Latest reply on Feb 14, 2020 1:59 AM by biotto
      hwcho Level 1 Level 1 (0 points)

        There are a lot of libraries(java-jwt, OpenSSL, chilkat.. etc) to make ES256 signature value of JWT(client_secret).


        According to the RFC 7515, the result of the digital signature is the Elliptic Curve (EC) point (R, S), where R and S are unsigned integers. The Signature is the value R || S. When the algorithm is ES256, the length of R || S is 64.


        But, OpenSSL's ES256 signature result is a DER-encoded ASN.1 structure (it's size exceed 64). (not a raw R || S value),

        like the following

        ECDSASignature ::= SEQUENCE {
          r INTEGER,
          s INTEGER

        --> recv 'invalid_client' error from apple.

        --> some libraries will return an exception for the length if they are larger than 64. (ex: java-jwt)


        So I tested it like this,

        1) decode ES256 result(DER-encoded ASN.1 structure) of OpenSSL,

        2) parse R, S value,

        3) make a raw R || S  value,

        4) JWT signature value = Base64UrlEncode(raw R || S value)

        --> recv success from apple.


        Share for other users using OpenSSL.


        Apple Push Service succeeded using the same OpenSSL, but it doesn't seem to be available for Sign in with Apple yet.

        The best thing seems to be support from Sign in with Apple : )