[sr-dev] [kamailio/kamailio] jwt_mod.c HS256 secret inside a file kdata.len is off by one (Issue #3282)

momoterraw Thu, 17 Nov 2022 19:26:58 -0800

In my use case I use HS256 so its a shared secret normally using a string with 
environment variable or something, not a key file. The jwt mod expects a file 
to load up the secret/key. So I just create a file with the secret inside the 
file, but I keep getting.
```
failed to decode jwt value
```


After digging into the source and trying to debug. It looks like when it's 
handing secret in a file the kdata.len is off by one.


This is the dirty fix for me.
```
diff --git a/src/modules/jwt/jwt_mod.c b/src/modules/jwt/jwt_mod.c
index 233a0709..a67d0b89 100644
--- a/src/modules/jwt/jwt_mod.c
+++ b/src/modules/jwt/jwt_mod.c
@@ -509,7 +509,7 @@ static int ki_jwt_verify(sip_msg_t* msg, str *key, str 
*alg, str *claims,
                }
        }

-       ret = jwt_decode(&jwt, jwtval->s, (unsigned char*)kdata.s, 
(size_t)kdata.len);
+       ret = jwt_decode(&jwt, jwtval->s, (unsigned char*)kdata.s, 
(size_t)kdata.len-1);
        if (ret!=0 || jwt==NULL) {
                LM_ERR("failed to decode jwt value\n");
                goto error;
```

-- 
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/3282
You are receiving this because you are subscribed to this thread.

Message ID: <kamailio/kamailio/issues/[email protected]>

_______________________________________________
Kamailio (SER) - Development Mailing List
[email protected]
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-dev

[sr-dev] [kamailio/kamailio] jwt_mod.c HS256 secret inside a file kdata.len is off by one (Issue #3282)

Reply via email to