Add 'JWS JSON Serialization Overview' according to RFC7515 #32
Comments
|
What would you hope an implementation would look like? |
|
The RFC states it as 'protected' JSON property. The obviously one would be: const signature = jws.sign({
header: { alg: 'HS256' },
protected: { secret: 'my secret'},
payload: 'h. jon benjamin',
secret: 'has a van',
});Verify can stay the same. The 'decode' part is somehow tricky. If the JSON object contains the protected header field the obviously return would be a 'protected' field alongside with the 'header' field. const signature = jws.sign({
header: { alg: 'HS256', is_admin: 'false' },
payload: 'h. jon benjamin',
secret: 'has a van',
});
const parts = jws.decode(signature);
// Value of is_admin = false
const is_admin = parts.header.is_admin;
const signature2 = jws.sign({
header: { alg: 'HS256', is_admin: 'true' },
protected: { is_admin: 'false' }
payload: 'h. jon benjamin',
secret: 'has a van',
});
const parts2 = jws.decode(signature2);
// Value of is_admin2 = true
const is_admin2 = parts.header.is_admin;The only way to mitigate this security risk is to add a BC break and renaming the header property to protected_header or something similar. |
|
@dol Well, during serialization they're separate, but the RFC describes them being merged into a "JOSE Header", at which point duplicates across the header parts is a "MUST NOT". So, a returned header could just be the "jose header". It would be nice to differentiate between fields that came protected/unprotected for sure (although, in your specific example, |
|
+1. I'm posting signed messages to another endpoint. It's much nicer to debug when the main message is available in plaintext. I can also use application/json as mime-type. |
The header informations can be separated in protected and not protected parts. Defined in RFC7515 Section 3.2.
The text was updated successfully, but these errors were encountered: