From 9ec19fa4ee67e046fce945d2dcb43a5c7f0b09b6 Mon Sep 17 00:00:00 2001
From: Matthew Raymer <matthew.raymer@anomalistdesign.com>
Date: Thu, 24 Aug 2023 18:46:33 +0800
Subject: [PATCH] Added a quick fix to console signing.  Need to edit text
 later

---
 .gitignore                  |  5 ++++-
 openssl_signing_console.rst |  4 ++++
 openssl_signing_console.sh  | 25 +++++++++++++++++++++++++
 3 files changed, 33 insertions(+), 1 deletion(-)
 create mode 100755 openssl_signing_console.sh

diff --git a/.gitignore b/.gitignore
index 8bfa236..e0a7745 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,13 +1,16 @@
 .DS_Store
 node_modules
 /dist
+signature.bin
+*.pem
+verified.txt
 
 *~
 # local env files
 .env.local
 .env.*.local
 
-# Log files
+# Log filesopenssl dgst -sha256 -verify public.pem -signature <(echo -n "$signature") "$signing_input"
 npm-debug.log*
 yarn-debug.log*
 yarn-error.log*
diff --git a/openssl_signing_console.rst b/openssl_signing_console.rst
index db13f04..83139ef 100644
--- a/openssl_signing_console.rst
+++ b/openssl_signing_console.rst
@@ -1,3 +1,7 @@
+Prerequisits:
+
+jq 
+
 You can create a JWT using a library or by encoding the header and payload base64Url and signing it with a secret using a ES256K algorithm. Here is an example of how you can create a JWT using the jq and openssl command line utilities:
 
 Here is an example of how you can use openssl to sign a JWT with the ES256K algorithm:
diff --git a/openssl_signing_console.sh b/openssl_signing_console.sh
new file mode 100755
index 0000000..acdda68
--- /dev/null
+++ b/openssl_signing_console.sh
@@ -0,0 +1,25 @@
+#!/bin/bash
+
+openssl ecparam -name secp256k1 -genkey -noout -out private.pem
+openssl ec -in private.pem -pubout -out public.pem
+
+header='{"alg":"ES256K", "issuer": "", "typ":"JWT"}'
+
+payload='{"@context": "http://schema.org", "@type": "PlanAction", "identifier": "did:ethr:0xb86913f83A867b5Ef04902419614A6FF67466c12", "name": "Test", "description": "Me"}'
+
+header_b64=$(echo -n "$header" | jq -c -M . | tr -d '\n')
+payload_b64=$(echo -n "$payload" | jq -c -M . | tr -d '\n')
+
+signing_input="$header_b64.$payload_b64"
+
+echo -n "$signing_input" | openssl dgst -sha256 -sign private.pem -out signature.bin
+
+# Read binary signature from file and encode it to Base64 URL-Safe format
+signature_b64=$(base64 -w 0 < signature.bin | tr -d '=' | tr '+' '-' | tr '/' '_')
+
+# Construct the JWT
+jwt="$signing_input.$signature_b64"
+
+openssl dgst -sha256 -verify public.pem -signature signature.bin -out verified.txt <(echo -n "$signing_input")
+
+