You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "A Mahats (JIRA)" <ji...@apache.org> on 2017/03/27 09:13:41 UTC

[jira] [Created] (CXF-7300) JWS verification issue

A Mahats created CXF-7300:
-----------------------------

             Summary: JWS verification issue
                 Key: CXF-7300
                 URL: https://issues.apache.org/jira/browse/CXF-7300
             Project: CXF
          Issue Type: Bug
    Affects Versions: 3.1.10
            Reporter: A Mahats
            Priority: Critical


The following JWS {"payload":"cGF5bG9hZA","protected":"eyJqd2siOnsia3R5IjoiUlNBIiwiYWxnIjoiUlMyNTYiLCJuIjoiZ05QSjhvbVBVZTFlTUlzYUw5NGM2SlVyX0wzQnlDWGZHcnhnTGVSUEhJOWEwZ0pBYmQwVXVwYVRrdmY4TzRIbENtc2ZTM2RrSWQ4d3VvZUE4VWdzMklHc3NuRjVKMl9wOVRZZ0tXRUJKMXNYeEJ5bHJieWh6bGFFY2hheENWa3RJaVo3ZUlpTGNQQ19mM0trNWhQVEtndkY5X0xpWFlLUUZTakJIUTVRUXlheW5pd1JMZmZJQmt0T0VnLVp0Zm1hdERERG9VWGw0TDBYOTFNbzZTWkEzUy1CVlZfMHNnQ19peTJpaXY1NXo1UDZra1kyeW5GMGJKak1MRXl6QUJrUG1VOXFsVEpiWjZoOGVZazAwdk4xYUpnRFFGUzNHR2V4VlJPV01nY3dkbmdyaDVacWhyQzZPdzlkdGZPWjZZbTBwWnFxcURtUllveHp3SGg0bmFmOUEyYmk4YzJWVmJCMXE2SFdMdlNVUTZGUFJVUy1ocld3UkFwWnlfczNSRlhCbVl0cGpqbUhHM1NjYTVPVi01OS1vdVNscHllRjhSQTR4SmxrUGRMSHJHbG1oMENaTm9WUXlMa2pGak9uWlJOV0haY2drMjNoQ2FaZHlPcEYyWl9NYVRLWUxueXdNUE9MbmFtSm1Mb1ZWRG1faUpQZUgtR1AxYkVNUEhZRzFYNTZETmJVbXVvLTdrSE1rUmNPNTdjUjlBaV83Y2VEYW5KNjJqaGpQMzdnd1dHc2FFdV9WRFpWQUhvX1pvbGJjVl9Rb2MyRHpPdUIxX1pBekZCVzRZR0NlUGdxWkZuZ0JINUhucy13X0UwVFNSRWx1WEhHNFZpX0FyOS1KVzcwRHJpa2hHYlJZb2hoemlSaUZza25JZG1ZYzVEZ0dhbklNbUszVm45WFAtR213bnMiLCJlIjoiQVFBQiJ9LCJhbGciOiJSUzI1NiJ9","signature":"fvybPw1_DPy5zEWaDj2KSj6vARjiMq4EeTQ22ndrNfqDd3rYhPdvqeKVuJbPekwZG3SkmCzf_xqxNXH9DXntku45tRYtNv3vMyqnKa_hAHLaS7DB-lnhZzYWV4-9nIJlyv652XlpS9C9UX1k9diItZnYezBpP3APHMtbtyJBXFcuUIeXtJNWoOtGWAjT68AqOi2Duxxe44dCgSY0hvQWCXvqwTnwOf7kWooN_e-qRBKdgQIAmBDXUUpUoGPejImF4Xk65Ogt4rTRcdozBF21IaAbL3Go2Pw5_EZgaGkYfr07dDr0U5qX9YA9_lBPyM7xVkX37jQs9kD_uXUFmavHd9iW_CcNqTahnqx_Q1nUzBNssCjWxelnP6Jq4p7mQHFy8K7WQwu_yz_wyqUM94uf15PXd_ChqDE7SNZ-Bi3xGpswOwPA8rXMV72VWMwlrZTQ_lsYk8SmDCXpPHIlOHeJGzBRDmKJohZXJh9HNOUqTKsm577w4vBMnEKbhxFkptVvl9H3VhQMpfGygdw7Yu20KbHrOQVeRXvX-i0GQwKjUG-7vOhlch7dTVIqLqICSwA1rkYsVsHWfQBmBnbHkvrBN3C-yL6Vi_SIX76gWzLY0_bEf7qL45aPOZ3Sc9I8szBtEL6Hv3RflIgTlljlDna09U5R8v93fgXsicsx-evno9c"} verification fails.


The public key before encoding it to jwk is 
BigInteger n = new BigInteger("525569531153621228164069013206963023039121751335221395180741421479892725873020691336158448746650762107595835214853154848690689690388676492845035336689071212598392647250006456699269064211751795416997490706154733531900406090420900752912819551122937814387303761212497642052729396865345942088190236391831574560935654148815673814517535941780340023556224072529306118783149589148262622268860151306096159642808944513667279470466463786691742759748690544367677266996776626992328063704923387697906199381467965420885014940643236821613375440936442000637091766604513238443996671624513087046247900512118346677821153907545073765068247179938484919159962066058375588059543574624283546151162925649987580839763809787286157381728046746195701379090229385044256199577462893041808211586472833072311111017436823238479770924262731975637655614252821893977838751831233362405829382657836868362022107055971007650986274290172957061768905054669462074011056141892784165813507235148683348014201150784998715061575093867666453332433607035581378251824779499939486011300724554679730858604331014533862095333079730162763179465097565929596106945215770540494686641434086043428665874725802069389719375237126155948350679342167596471110676954951640992376889874630989205394080379", 10);
BigInteger e = new BigInteger("65537", 10).bitLength();

When the public key is recreated from jwk header from JWS it becomes negative, precisely because this condition  is true org.apache.cxf.rt.security.crypto.CryptoUtils#toBigInteger line 283
        if (bytes[0] == -128) {
            return new BigInteger(bytes);
        } 
It seems this specification https://tools.ietf.org/html/rfc7518#section-6.3.1.1 and RSA standard in 3.1 section (https://www.emc.com/collateral/white-papers/h11300-pkcs-1v2-2-rsa-cryptography-standard-wp.pdf) say that we could evaluate n always as positive.
as the else clause to the above if

else {
            return new BigInteger(1, bytes);
        }




--
This message was sent by Atlassian JIRA
(v6.3.15#6346)