Improved order comparison

auth0 · May 3, 2022 · 208d7b6 · 208d7b6
1 parent 3135ba7
commit 208d7b6
Show file tree

Hide file tree

Showing 2 changed files with 25 additions and 3 deletions.
diff --git a/lib/src/main/java/com/auth0/jwt/algorithms/ECDSAAlgorithm.java b/lib/src/main/java/com/auth0/jwt/algorithms/ECDSAAlgorithm.java
@@ -191,8 +191,12 @@ void validateSignatureStructure(byte[] joseSignature, ECPublicKey publicKey) thr
         BigInteger order = publicKey.getParams().getOrder();
 
         // R and S must be less than N
-        if (order.compareTo(r) < 1 || order.compareTo(s) < 1) {
-            throw new SignatureException("The difference between R or S value and order should be greater than one.");
+        if (order.compareTo(r) < 1) {
+            throw new SignatureException("The difference between R value and order should be greater than one.");
+        }
+
+        if (order.compareTo(s) < 1){
+            throw new SignatureException("The difference between S value and order should be greater than one.");
         }
     }
 

diff --git a/lib/src/test/java/com/auth0/jwt/algorithms/ECDSAAlgorithmTest.java b/lib/src/test/java/com/auth0/jwt/algorithms/ECDSAAlgorithmTest.java
@@ -1429,7 +1429,7 @@ public void signatureWithSZeroShouldFail() throws Exception {
     }
 
     @Test
-    public void signatureWithRSValueNotLessThanOrderShouldFail() throws Exception {
+    public void signatureWithRValueNotLessThanOrderShouldFail() throws Exception {
         exception.expect(SignatureException.class);
 
         ECPublicKey publicKey = (ECPublicKey) readPublicKeyFromFile(PUBLIC_KEY_FILE_256, "EC");
@@ -1444,4 +1444,22 @@ public void signatureWithRSValueNotLessThanOrderShouldFail() throws Exception {
         ECDSAAlgorithm algorithm256 = (ECDSAAlgorithm) Algorithm.ECDSA256(publicKey, privateKey);
         algorithm256.validateSignatureStructure(invalidSignature, publicKey);
     }
+
+    @Test
+    public void signatureWithSValueNotLessThanOrderShouldFail() throws Exception {
+        exception.expect(SignatureException.class);
+
+        ECPublicKey publicKey = (ECPublicKey) readPublicKeyFromFile(PUBLIC_KEY_FILE_256, "EC");
+        ECPrivateKey privateKey = (ECPrivateKey) readPrivateKeyFromFile(PRIVATE_KEY_FILE_256, "EC");
+
+        String signedJwt = JWT.create().sign(Algorithm.ECDSA256(publicKey, privateKey));
+        String jwtWithInvalidSig = signedJwt.substring(0, signedJwt.lastIndexOf('.') + 1) + "_____wAAAAD__________7zm-q2nF56E87nKwvxjJVH_____AAAAAP__________vOb6racXnoTzucrC_GMlUQ";
+
+        String[] chunks = jwtWithInvalidSig.split("\\.");
+        byte[] invalidSignature = Base64.getUrlDecoder().decode(chunks[2]);
+        invalidSignature[0] = Byte.MAX_VALUE;
+
+        ECDSAAlgorithm algorithm256 = (ECDSAAlgorithm) Algorithm.ECDSA256(publicKey, privateKey);
+        algorithm256.validateSignatureStructure(invalidSignature, publicKey);
+    }
 }