Vulnerability / Unexpected Token Verification Behavior with Private Key

[AbdullahSoomroOfficial]

Issue Title: Unexpected Token Verification Behavior with Private Key

Description: I've encountered unexpected behavior while using the jsonwebtoken library for token verification. As per best practices, I'm aware that token verification should use the public key, but I noticed that token verification is succeeding even when using the private key.

Steps to Reproduce:

Generate an RSA key pair using the crypto module. Sign a JWT using the private key with the RS256 algorithm. Attempt to verify the JWT using the private key instead of the public key. Expected Behavior: Token verification using the private key should fail, as the private key is meant for signing, not verification.

Actual Behavior: Token verification using the private key surprisingly succeeds, which contradicts the expected behavior.

Environment:

Node.js version: v16.19.0 jsonwebtoken library version: 9.0.1/8.5.1 -> In these versions I have checked. Operating System: Windows 10

Additional Information: I've verified this behavior in multiple environments to ensure accuracy. It's important to clarify that this behavior goes against established best practices for token verification. I would appreciate assistance in understanding if this is an issue or if there's a valid explanation for this behavior.

[ArielPrevu3D]

This behavior should be better documented. This library simply uses createPublicKey which detects the key type and automatically derives the public key from private keys.

I would not consider this to be a security issue since the key derivation only occurs when the key material is known to represent a private key.

[AbdullahSoomroOfficial]

Thank you for the guidance. @ArielPrevu3D

[guda-art]

Until now, I cannot understand the advantages of using private key signature and public key verification for the use of jwt can you tell me thanks ! @AbdullahSoomroOfficial

[AbdullahSoomroOfficial]

@guda-art Public/Private key(Public key cryptography) is one of the way we can use to do two things:

1. To encrypt data
2. To create digital signature

For example In a web app if we use jwt for authentication. In that case we do not want to encrypt any data. But instead we want to sign a token(To create digital signature) to ensure data integrity and authenticity. For that we first hash the data and sign it with our private key and issue it to client. Later on the client side we can verify the token using our public key. From verification we will get two surities:

1. Issuer of the token is the one who it says it is.
2. Data is tempered or not.

So by using public/private key we can securely transmit any data over http

[guda-art]

Thank you very much. I think I understand because my project does not require client-side verification of server information, so I feel confused. This way, I understand @AbdullahSoomroOfficial

[AbdullahSoomroOfficial]

@guda-art What is your project about. May be I could help and learn more from you.

[guda-art]

@AbdullahSoomroOfficial Yes, the requirement for my project is to send the signed information from the server to the client, and then the server will perform a verification when it is brought back by the client. There is no need for the client to participate in the verification, so I only need a key, which is symmetric encryption. thanks.