[SERVER-67551] Implement JWSValidator Created: 27/Jun/22  Updated: 28/Oct/22  Resolved: 28/Oct/22

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Task Priority: Major - P3
Reporter: Varun Ravichandran Assignee: Adrian Gonzalez Montemayor
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
depends on SERVER-67660 Implement JWKManager Closed
Problem/Incident
Related
related to SERVER-70954 Implement JWSValidator Closed
is related to SERVER-69803 Revert PM-2888 spike on 6.1 Closed
Backwards Compatibility: Fully Compatible
Sprint: Security 2022-07-11, Security 2022-07-25, Security 2022-08-08, Security 2022-08-22, Security 2022-10-31
Participants:
Linked BF Score: 169

 Description   

Create a class called AsymmetricKeySignatureVerifier. It should have a single method called verify, which takes in a message, signature, and message digest context and returns a Status depending on whether or not the signature verification occurred as expected.

The class should store a unique_ptr to the verification context that it uses for verification. This context is initialized with a public key that is passed into the constructor of the class.

The class should be unit tested using NIST RS256 vectors to ensure that it properly verifies signed messages.

Find more details here.



 Comments   
Comment by Githook User [ 20/Sep/22 ]

Author:

{'name': 'Varun Ravichandran', 'email': 'varun.ravichandran@mongodb.com', 'username': 'varunravi98'}

Message: Revert "SERVER-67551: Asymmetric Key class"

This reverts commit b6f2d94e35f0c6f4b00cd68077510f697f354122.

(cherry picked from commit 489dcc7c682900bfa7483a83532b6ed55dcf9006)
Branch: v6.1
https://github.com/mongodb/mongo/commit/0d202a5f19efc5bca4926b76cd216d05f57cdff4

Comment by Spencer Jackson [ 19/Sep/22 ]

We are reverting this patch from the v6.1 branch, to keep v6.1 close to the master branch. We previously merged feature-flag guarded work under this ticket to the master branch, but ultimately decided to move development to a feature branch and revert the changes on master. However, the v6.1 branch split off before the revert landed and the change materialized in 6.1.0-rc0-2.

We are tracking the revert in SERVER-69803.

Comment by Githook User [ 23/Aug/22 ]

Author:

{'name': 'Varun Ravichandran', 'email': 'varun.ravichandran@mongodb.com', 'username': 'varunravi98'}

Message: Revert "SERVER-67551: Asymmetric Key class"

This reverts commit b6f2d94e35f0c6f4b00cd68077510f697f354122.
Branch: master
https://github.com/mongodb/mongo/commit/489dcc7c682900bfa7483a83532b6ed55dcf9006

Comment by Githook User [ 11/Aug/22 ]

Author:

{'name': 'Adhishree Abhyankar', 'email': 'adhishree.abhyankar@mongodb.com'}

Message: SERVER-67551: Asymmetric Key class
Branch: master
https://github.com/mongodb/mongo/commit/b6f2d94e35f0c6f4b00cd68077510f697f354122

Comment by Githook User [ 04/Aug/22 ]

Author:

{'name': 'liubov.molchanova', 'email': 'liubov.molchanova@mongodb.com', 'username': 'liubov-molchanova'}

Message: Revert "SERVER-67551: Creates a class called AsymmetricKeySignatureVerifier."

This reverts commit 822bbb9f942abd858d43003ee35a7c0f02df9202.
Branch: master
https://github.com/mongodb/mongo/commit/19ee811d2e4e3e54b3fbab9ce718efacf1e1f287

Generated at Thu Feb 08 06:08:26 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.