search

babelouest / rhonabwy

Javascript Object Signing and Encryption (JOSE) library - JWK, JWKS, JWS, JWE and JWT
https://babelouest.github.io/rhonabwy/
GNU Lesser General Public License v2.1
45 stars 21 forks source link

Question: is my code safe against `alg: null`? #35

Closed spaceone closed 9 months ago

spaceone commented 9 months ago

I have a short question and just want to be sure that my assumptions are correct:

The docstring for r_jwt_verify_signature says:

 * Verifies the signature of the JWT
 * The JWT must contain a signature
 * or the JWT must have alg: none

(https://babelouest.github.io/rhonabwy/group__jwt.html#ga2ab2ec575660117efec3e576f189fa67)

and I see no flag to prevent this.

But the use of r_jwt_parse() already ensures that alg: null causes an error, right? but r_jwt_parse_unsecure() would allow this?

my code looks like:

if (r_jwt_parse(jwt, msg, 0) == RHN_OK) {
    if ((error = r_jwt_verify_signature(jwt, jwk, 0)) != RHN_OK)
        return error;
}
babelouest commented 9 months ago

Hello @spaceone ,

Using r_jwt_verify_signature with a unsigned jwt will return RHN_ERROR_INVALID.

There is an old typo in the documentation. Thanks for pointing out!

babelouest commented 9 months ago

I've updated the documentation to remove the mention to alg:none: https://babelouest.github.io/rhonabwy/group__jws.html#ga2f4b76d9600759ef920c0d389ae19fda

spaceone commented 9 months ago

Thanks. See also #11