Skip to content

Fix/jwt verify decode jose#2648

Open
alleria173 wants to merge 5 commits into
gchq:masterfrom
alleria173:fix/jwt-verify-decode-jose
Open

Fix/jwt verify decode jose#2648
alleria173 wants to merge 5 commits into
gchq:masterfrom
alleria173:fix/jwt-verify-decode-jose

Conversation

@alleria173

Copy link
Copy Markdown
Contributor

Description
Replaces the remaining uses of jsonwebtoken (JWT Verify and JWT Decode) with the jose library, and removes the jsonwebtoken dependency, completing the migration started by #2473 for JWT Sign.

  • JWT Decode now uses jose's decodeJwt. Malformed tokens produce a clear error instead of an unhandled TypeError.
  • JWT Verify now uses jose's jwtVerify. The key is detected by its PEM header: SPKI public keys, PKCS#1 RSA public keys (converted to SPKI via a new pkcs1ToSpki helper in lib/RSA.mjs, mirroring Fix jwt sign #2473's pkcs1ToPkcs8), X.509 certificates, or an HMAC secret. The algorithm is taken from the token header and checked against the supported list.
  • Also fixes a latent bug: the old Verify mutated the shared JWT_ALGORITHMS array exported from lib/JWT.mjs, replacing "None" with "none" in JWT Sign's dropdown list.

Behaviour changes to be aware of, both inherited from jose's stricter security posture:

  • Unsigned tokens ("alg": "none") are no longer accepted by JWT Verify. They now produce an error directing the user to JWT Decode. The old behaviour (any unsigned token "verifies" against any key) is a well-known JWT attack vector.
  • RSA keys shorter than 2048 bits are rejected (same limit Fix jwt sign #2473 applies to signing). The RS256 test fixtures were regenerated with a 2048-bit key pair; the old 1024-bit key is kept in a test asserting the rejection error.
  • exp and nbf claims are now validated during verification, with dedicated error messages.

This PR is blocked by #2473: it removes the jsonwebtoken dependency, which JWT Sign still imports until #2473 merges. CI will fail on the JWT Sign tests until then; once #2473 is merged I will rebase (the only overlaps are additive: both PRs append a helper to lib/RSA.mjs, enable a JWT line in tests/browser/02_ops.js, and add "jose": "^6.2.3" to package.json).

Existing Issue
Fixes #2472

Screenshots
N/A — no visual changes. The JWT Verify operation description text was updated to mention certificate support, claim validation, and the unsigned-token rejection.

AI disclosure
Used Claude Code (Anthropic) to help write this migration and the tests. I have reviewed the code myself and understand how it works.

Test Coverage

  • tests/operations/tests/JWTVerify.mjs: the existing HS256/RS256/ES256 verification tests are retained (RS256 regenerated with a 2048-bit key). New tests cover: PKCS#1 RSA public key input, sub-2048-bit RSA key rejection, wrong-key signature failure, expired token, and unsigned (alg: none) token rejection.
  • tests/operations/tests/JWTDecode.mjs: existing tests unchanged; added a malformed-token error test.
  • tests/browser/02_ops.js: enabled the previously commented-out sanity tests for JWT Decode and JWT Verify.
  • Full suite (npm test) and lint run locally on an integration branch with Fix jwt sign #2473 merged in, since this branch alone cannot pass while JWT Sign still needs jsonwebtoken.

…nse' label for cases where reviewer asks a question
Temporary: needed so pull_request_review/pull_request_target/issue_comment
triggers are recognised for the throwaway test PR. Revert this merge
commit once testing is done to keep main aligned with upstream/master.
jsonwebtoken is unmaintained and does not work correctly in the
browser at 9.x. Following the JWT Sign migration (gchq#2473), switch the
remaining two JWT operations to jose and remove the jsonwebtoken
dependency. Unsigned (alg:none) tokens are now rejected by Verify,
and PKCS#1 RSA public keys are converted to SPKI for WebCrypto.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Feature request: Replace jsonwebtoken library with the more modern jose.

1 participant