On Thu, Oct 12, 2023 at 2:40 PM Les Hazlewood <[email protected]> wrote:
> Thanks for the reply Orie. I'm the primary author of JJWT: > https://github.com/jwtk/jjwt, so my question is grounded in > general-purpose library support and not protocol design/support. > > If you are building a library that has to support all / older protocols... >> I recommend taking an approach that clearly distinguishes decoding from >> verifying. >> > > I (very respectfully) disagree. Even just parsing untrusted payloads > before cryptographic verification - before a library even has a chance to > evaluate name/value pairs of a fully constructed JSON Object - can expose > an application to security vulnerabilities. Otherwise, yes, I'd agree that > once JSON is (safely) converted to Object instances, verification and > validation are separate concerns. > Yep, I agree with you but see my comments on "alg none" below. I'd be cautious to avoid exposing an interface that looked like: verify(jwt, publicKey)... but where the public key was ignored when the JWT had "alg none"... as this could result in exactly the type of security issues you are rightly concerned about. Make the developer choose to support "alg none" explicitly, for example: https://github.com/panva/jose/blob/b27d69539b4a0bebb74964d3f729f6607c5bd2b1/src/types.d.ts#L492 > > My question for the JOSE committee is whether payload parsing is even > allowed before signature verification. > https://datatracker.ietf.org/doc/html/rfc7519#section-6 ^ I think this answers your first question. And if it is, are there explicitly documented caveats? (e.g. with RFC 2119 > Notational Convention terminology, SHOULD, SHOULD NOT, etc)? > > I think this answers your second question: https://datatracker.ietf.org/doc/html/rfc7519#section-7.2 > Or is it more "it's not explicitly prevented, and you should avoid it if > possible, but feel free to support it if you want" ? > > My understanding is that it's (unfortunately) encouraged (by the use of MAY in section-6), and that it's also been a problem, see also search results for "alg none". Thanks again! > > Les > -- ORIE STEELE Chief Technology Officer www.transmute.industries <https://transmute.industries>
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
