Random invalid signature check

[gaeldb]

Hi,

I have an issue with mod_authnz_jwt. When using a JWT to authenticate, mod_authnz_jwt randomly answers :

• 200 OK
• 401 Unauthorized

for any apparent reason.

The JWT we are using for test : eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJ0ZXN0ZG9tYWluLmNvbSIsImlhdCI6MTUyMTY1NDgwMSwiZXhwIjoxNTUzMTkwODEwLCJhdWQiOiJ3d3cuZXhhbXBsZS5jb20iLCJzdWIiOiJ0ZXN0QGV4YW1wbGUuY29tIiwidXNlciI6ImFkbWluIn0.g6lHZQbv7H9dD3CXZpw3zZ7zfO4bTuGs3BI6mWndAeE Secret is test

Sended to our test server with this curl command : curl -X GET -k -H 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJ0ZXN0ZG9tYWluLmNvbSIsImlhdCI6MTUyMTY1NDgwMSwiZXhwIjoxNTUzMTkwODEwLCJhdWQiOiJ3d3cuZXhhbXBsZS5jb20iLCJzdWIiOiJ0ZXN0QGV4YW1wbGUuY29tIiwidXNlciI6ImFkbWluIn0.g6lHZQbv7H9dD3CXZpw3zZ7zfO4bTuGs3BI6mWndAeE' -i 'https://testdomain.com'

We sometimes receive 200 OK answer Apache logs :

[Thu Mar 22 10:15:40.702067 2018] [auth_jwt:debug] [pid 334] mod_authnz_jwt.c(975): [client 217.108.243.20:13728] AH55405: auth_jwt authn: checking signature and fields correctness... [Thu Mar 22 10:15:40.702334 2018] [auth_jwt:debug] [pid 334] mod_authnz_jwt.c(980): [client 217.108.243.20:13728] AH55406: auth_jwt authn: signature is correct [Thu Mar 22 10:15:40.702352 2018] [auth_jwt:debug] [pid 334] mod_authnz_jwt.c(983): [client 217.108.243.20:13728] AH55405: auth_jwt authn: algorithm found is HS256

And sometimes 401 Unauthorized a few seconds later Apache logs :

[Thu Mar 22 10:15:37.096715 2018] [auth_jwt:debug] [pid 334] mod_authnz_jwt.c(975): [client 217.108.243.20:13728] AH55405: auth_jwt authn: checking signature and fields correctness... [Thu Mar 22 10:15:37.096913 2018] [auth_jwt:error] [pid 334] [client 217.108.243.20:13728] AH55512: Decoding process has failed, token is either malformed or signature is invalid

Token and request method are strictly the same. Do you have any idea why the token is sometimes decoded and sometimes rejected as invalid/malformed ?

Thanks

[brycehemme]

Can you provide your public key?

[gaeldb]

We use a shared secret key : test Apache conf is :

AuthJWTSignatureAlgorithm HS256 AuthJWTSignatureSharedSecret dGVzdA== AuthJWTIss testdomain.com

[brycehemme]

Sorry, I missed that this was HS256. I'll try to debug in the next couple of days.

[greg95000]

Hello,

I'm working with gaeldb on the same subject and we still have the same issue. After some researches we found that the function "token_decode" returns the errno 22. The server receives correctly the token (we display it in the stderr) The server also correctly decode the key (also displayed by us in the stderr)

[brycehemme]

I haven’t been able to reproduce this. I tried it with a basic config, similar to the test suite on this project, and it consistently works. Can you provide more info? Specifically, have you tried it with an extremely simple config and very bare Apache setup (i.e. no unnecessary modules enabled)? If you have a basic config that is failing that you’d be willing to share or info regarding other dependencies such as libssl version I will take another look.

[bmerry]

I'm hitting the same issue, using a Docker image based on Ubuntu 16.04 and with libssl version 1.0.2g-1ubuntu4.12. I've been trying to reproduce the issue with a minimum Dockerfile and httpd.conf, but annoyingly I haven't been able to do so.

I've dug into it a bit, and it looks like the key length is being mis-computed, because apr_base64_decode_len returns an upper bound. As long as the extra bytes were zero the verification would work (I assume because HMAC does some zero padding of its own), but if the extra bytes happened to have uninitialised data it would fail.

24 fixed this for get_encode_key, but missed get_decode_key. I'll submit a patch tomorrow.

[AnthonyDeroche]

Thanks for the fix

[gaeldb]

Thanks all