search

web-token / jwt-framework

JWT Framework
MIT License
888 stars 105 forks source link

alg dir serialized without payload #498

Closed Guervyl closed 9 months ago

Guervyl commented 9 months ago

Version(s) affected

3.2

Description

I want to generate a JWE with this header 

[
    "cty" => "JWT",
    "enc" => "A128CBC-HS256",
    "alg" => "dir"
];

But the serialized token does not have the payload.

How to reproduce

Create a key from shared secret $jwk = JWKFactory::createFromSecret($signKey); Create the algoritm objects

$keyAlgorithmManager = new AlgorithmManager([
    new \Jose\Component\Encryption\Algorithm\KeyEncryption\Dir(),
]);

$contentAlgorithmManager = new AlgorithmManager([
    new A128CBCHS256(),
]);

Build the JWE and serialize:

$jweBuilder = new JWEBuilder(
    $keyAlgorithmManager,
    $contentAlgorithmManager,
    new CompressionMethodManager()
);

$jwe = $jweBuilder
    ->create()
    ->withPayload($payload)
    ->withSharedProtectedHeader($header)
    ->addRecipient($jwk)
    ->build();

$serializer = new CompactSerializer(); // The serializer

$token = $serializer->serialize($jwe, 0);

The output does not have the payload: eyJjdHkiOiJKV1QiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2IiwiYWxnIjoiZGlyIn0..iiS7qwucotnyt0BEHofIFA.JavxFIAYYiWmafC0lVX5tMLjKN4eypP3xfGG2_pj_V4BVrM1nbtJo3AnuWEjf9tb3n3SzutELcc7BjP1dgwzSCO33KqR0MgKqBFrYVtjKpfvomQ-wXQYPsF1klB3lIPUkJHJO_5SIAQwVH1OgNBkNcTnSSIufOy8ZKNczRqwiq6rGRyyEjWL-vB8jM2O1b2_-EyTQPucoA0LthkG3IHIEl79mIVWTriOfvK4y6msMMebTU7y7CODrmCT_Hwc3WM33hDFc6rFZggunOcHGPCMr51y_rk1ft8sxjAcCBBSjgagG_9rw3nORhETbA59GrrvAKta4NrglOa3sMdtinzlEnFMNXNTq_KvVLCy9gwmK9Fg8Qf9CqzfetAJYa7vG_ONAvDYpco7hln1ukFUaqz44_i8ZjS_F-a3CkJs_yJZiobZjrQ4KHgpv7iOxOIr6op3OhoauFrycKLjYuz5eYlgQioKnBFvehcCcScozTg1n_OkxNn6652wpitaPUMTRtg03es6v-FOSesSSx_9KkVfLa6kn5MMQkaODvpFerrX5qmtF5XWtfAcDqRazXn_W5wBjSu2ZCqs_8bpQHxSvicqJNO7AzC0Gqe9zCTyq9OD5u4IuVN-om7F5my6OTn5UMep9HcQAnmNjYdJIu-DheroIXkUBmtrBGSSFaJPqU_TXbgPTWkpeP9pl9PvY3U0PZc9spQcJmTXbGDR2_7ZcD3Z-YceGMTPF3oDzDEp1KPfmDfPRjpAOG8RXayuwoEy5nBCfxJJFKMQ4L1K9UnnlRMPLdXHSYRhbVfAdCa4deiT_4ZYHgaM-Ut0wk9rI3I6dGfu6oIlW54T_OPsOvElZXN221thFDfeF1tfPHYmDkEdwT4-M6iPz4TLc9g1bAP9rGk9umqmLmR3W1BDDYrzkqPPChwVj0_LgA0WfbI9xlV9HpCYYBE175zb5jb6kTNLxAbV8o5xCXqrux8kOsGpB3GyXg.2lKPzTnpnJOmtGZDiEW-fg

When I change the Dir to A256KW I got the payload from the token.

Possible Solution

No response

Additional Context

No response

Spomky commented 9 months ago

Hi,

I do not understand the problem here. The cyphertext (encrypted payload) is clearly visible in the example you shared.

Guervyl commented 9 months ago

Hi, From this image you can see there is no payload. Its not well created comparing to other JWE.

From the generated token: eyJjdHkiOiJKV1QiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2IiwiYWxnIjoiZGlyIn0..iiS7qw you can see ... It was supposed to be eyJjdHkiOiJKV1QiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2IiwiYWxnIjoiZGlyIn0.**Payload here**.iiS7qw

image

Spomky commented 9 months ago

You are building an encrypted token (JWE), but jwt.io only supports signed tokens (JWS). With JWE, the ciphertext is located on the 4th part, not on the second one. The empty part here corresponds to the encrypted key that is empty with the dir algorithm.

Spomky commented 9 months ago

JWE => RFC7516 = [HEADER].[ENCRYPTED KEY].[IV].[CIPHERTEXT].[TAG] JWS => RFC7515 = [HEADER].[PAYLOAD].[SIGNATURE]

Guervyl commented 9 months ago

Thanks for your answers. I'm learning a little bit from your answers. My confusion now is from your JWE example, the generated token has a payload even if the algorithm is different from dir here https://web-token.spomky-labs.com/the-components/encrypted-tokens-jwe/jwe-creation.

Also is it possible to have the ENCRYPTED KEY in my token?

image

Spomky commented 9 months ago

I think you are mixing signed tokens (JWS) and encrypted ones (JWE). As you are referring to jwt.io, I guess what you really want is JWS. You should read this page instead of the one you mentioned.

Guervyl commented 9 months ago

What I need is JWE, I have read all the documentation. And I understand that JWt.io is not for JWE.

Is just from your JWE example the generated token has a different schema. it's [HEADER].[PAYLOAD].[SIGNATURE] instead of [HEADER].[ENCRYPTED KEY].[IV].[CIPHERTEXT].[TAG] here https://web-token.spomky-labs.com/the-components/encrypted-tokens-jwe/jwe-creation.

image

Also can I have the [ENCRYPTED KEY] from the JWE using the dir algorithm?

Spomky commented 9 months ago

What I need is JWE, I have read all the documentation. And I understand that JWt.io is not for JWE.

OK. Screenshots from jwt.io confused me.

Is just from your JWE example the generated token has a different schema.

The token has 5 parts separated by dots so it is a JWE with the correct structure.

Also can I have the [ENCRYPTED KEY] from the JWE using the dir algorithm?

It is not possible. With this algorithm the key is directly used for decrypting the token and there is no encrypted key. It is always an empty string. See https://datatracker.ietf.org/doc/html/rfc7518#section-4.5

An empty octet sequence is used as the JWE Encrypted Key value.

Guervyl commented 9 months ago

Great. Thanks for your answer. It's clear now.

github-actions[bot] commented 7 months ago

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.