DEX LDAP connector token signing - go

I am playing around with DEX and openldap. When I get a token back in my browser and put it into JWT debugger with the public key i generated, it doesn't verify the signature. I am trying to step through the code of DEX, but the debugging tools are not really working on my computer. I have resorted to log statements. I can't really find where I can observe the signing of the token to see if the program is using the keys i provided or not. Which function actually signs the token and how can I observe what key it uses to sign?

The key can be read from the DEX "keys" endpoint which can be obtained from:
http://your.dex.com/.well-known/openid-configuration
Typically, it would be something like:
http://your.dex.co/keys
After that, the public keys can be extracted using the following program:
https://play.golang.org/p/wVusucNGDI
One of those keys will be able to validate the token:
from jose import jwt
key = '''-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArT9AtIlC8MxhLYhz8ODH
...
+QIDAQAB
-----END PUBLIC KEY-----'''
encoded = 'eyJh...ocw'
audience = ''
if audience == "":
opts = {"verify_aud": False}
else:
opts = {}
opts['verify_at_hash'] = False
decoded = jwt.decode(encoded, key, audience=audience, options=opts)
print(decoded)

Related

Ruby creates HMAC signature which contains several elements

In my pure Ruby app one of the components to create a token for my request authentication to an external API is to create signature which is HMAC value that is created using the api_key and the secret_key. The signature contains the following elements that are each separated by a new line \n (except the last line) and are in the same order as below list:
ts = '1529342939277'
nonce = '883b170c-a768-41a1-ae6d-c626323aa128'
host = 'ws.idms.lexisnexis.com'
resource_path = '/restws/identity/v3/accounts/11111/workflows/rdp.test.workflow/conversations'
body_hash = 'fQoIAs0IO4vNleZVE9tcI3Ni7h+niT+GrrgEHsKZOyM='
API_KEY = '6njQLkz7uCiz1ZeJ1bFCWX4DFVTfKQXa'
SECRET_KEY = 'CcdaZEt7co647iJoEc5G29CHtlo7T9M3'
# create string signature separated by new line
signature = [ts, nonce, host, resource_path, body_hash].join("\n")
# create HMAC for signature
mac = Base64.strict_encode64(OpenSSL::HMAC.hexdigest('SHA256', API_KEY, signature))
2.7.0 :146 > mac
=> "ZDE4NDQxZDdiNmZkODNiODgyODI4Nzc2OTQ3OGFlMjVhZTMyNThhZTZlMTRiMjkxMzI0NmQ5NzljNDJkZWVhZg=="
According to the docs the signature should be Syb6i+sRygAGCgxLQJ4NwwKcT5Mnkh4r3QXgwZ3vmcE= but I'm getting ZDE4NDQxZDdiNmZkODNiODgyODI4Nzc2OTQ3OGFlMjVhZTMyNThhZTZlMTRiMjkxMzI0NmQ5NzljNDJkZWVhZg== instead. Where did I go wrong?
I've got an example how to do it in Java if something will be unclear: https://gist.github.com/mrmuscle1234/20c9d46d163fee66528449c0ea8419a7

how to handle ruby file with jwt for applestore connect api

I've been struggling to sign the jwt and I'm not familiar with the ruby file provided by apple on WWDC.. the code reads
require "base64"
require "jwt"
ISSUER_ID = "your-ID"
KEY_ID = "your-KeyID"
private_key = OpenSSL::PKey.read(File.read())
token = JWT.encode(
{
iss: ISSUER_ID,
exp: Time.now.to_i + 20 * 60,
aud: "appstoreconnect-v1"
},
private_key,
"ES256",
header_fields={
kid: KEY_ID }
)
puts token
the code keeps giving me this error when I run it on terminal.
enter image description here
my goal is simple, I just want to return some data from the GET api but am struggling with the 401 error on postman.
You have a syntax error in your code according to the screenshot you posted.
There's also what appears to be an error or misconfiguration in your code sample.
The gem most frequently used to encode/decode JWTs in ruby is here; this is the gem you're using in your example (via require "jwt") There are a number of examples on that page you can reference, but if you look thru the README you'll note they mention you can only use a kid with RSA and you're not using RSA in your example.
Try this:
token = JWT.encode(
{
iss: ISSUER_ID,
exp: Time.now.to_i + 20 * 60,
aud: "appstoreconnect-v1"
},
private_key,
"ES256"
)
Here's a link to using a JWK with the kid and the RSA algorithm.
Search for ecdsa_key on that same page for examples with ES256 (you'll find the one I posted above).
Seeing the original example from the WWDC docs might help provide additional context for the correct configuration but I'm not sure where to find that document. If it's public and you can link to it I can follow up.

Verify signed data vault offline

I'm sending to a client a public_key and a payload plus a signature.
I'm trying to verify the signature on the client using the public_key and payload but I can't find a way to get the data verified. Every time I receive false as a response regardless of what I'm doing.
I'm using vault to sign the payload
def sign(box_identifier, data) do
Vaultex.Client.write("transit/sign/#{box_identifier}",
%{
input: data,
hash_algorithm: "sha2-256"
},
#authentication_strategy,
{#token})
end
Vault.Transit.sign("coucou", Base.encode64("test"))
_____________________________________________________________
digest = OpenSSL::Digest::SHA256.new
key = OpenSSL::PKey::RSA.new File.read 'key.pem'
key.public_key.verify digest, signature, "test"
-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzj0qLxEc0Qu9g9nxdMRe
jBaUD0+GuQITiAPEDOrjScJTznJrR9hXqO14BqepuEmcz4irv4hEkBEBfqZ1XnP9
2fc9zG4A20lepqDRwPhkEdI4D71KRPSxv/a+O2HrAhTYH17NbsYDtpkFCdepC6FC
01aso679d3kAZiZ+GD2OLDWifreBVPE2aXacJYXZZ4kTkchsevY3PnAcOG4LmM6b
kUoF1qfP6tJ/VItJXyqSC2PI9Io28zFhwOf6cPLEQCBCTNCNwHunqHW8olcE/Xfn
b2toym0/UvW3kH/P4h+TE1ZoCV5FWwcx9hcAy1TC0zm4D5Xwt0/4Pgj1GiXFGOY4
WKGyuDK8gs7QsSDqu+B5p0xiDg7226bpplVxR/P87CohYTtYZj/lO03G2ZEj3pCr
/juxThdzTgO5xUcPV5GFbPjlK1TIIb5XVZZzW6+sviB6cYZ5T/Xp9dtbR8G9Zt9n
gLlaKU7U/DDQxRv2uiCZy5U/DUpfxY56r4Y73Ir2YgmZY1PKLC2a5/w3wScVZILN
fnxnVYOzSPPaKxAJWbZsZjxXJS0veE8RgGFHgWfe8+qPCEnx81Jf2NzupQHO1KIk
UnlYGcPESk/90psDNsmISSdtF2D6j4k28k0ncViTu2eMKBX81W8TgTeHtQa3zR0S
upN2o25b3Wi2oQU14kTdOCcCAwEAAQ==
-----END PUBLIC KEY-----
Am I even capable of validating the signature offline when its signed by vault ?
Yes, it's possible to verify the signature offline. My answer is going to mention some Ruby specifics, since I didn't notice this was Elixir until after I started researching a bit more.
By default, when signing with a RSA key, Vault uses the PSS algorithm for the signature. The verify method on OpenSSL::PKey::PKey is expecting PKCS #1 v1.5. Here's some useful info about the pros and cons of the two.
In addition to this algorithm difference, you need to strip off the vault:v1: from the returned signature from Vault.
Here's some sample Ruby code to sign and then verify the signature:
transit_key = "test_key"
message = "test"
# Returns something like:
# vault:v1:B3reNpf8e/WyAYzBzyWz3oSUM...
signature = Vault.logical.write(
"transit/sign/#{transit_key}/sha2-256",
input: Base64.encode64(message),
signature_algorithm: "pkcs1v15"
).data[:signature]
signature = signature.split(":")[2]
# Gives us the PEM encoded public key
# -----BEGIN PUBLIC KEY-----
# ...
public_key = Vault.logical.read("transit/keys/#{transit_key}").data[:keys][:"1"][:public_key]
public_key = OpenSSL::PKey::RSA.new(public_key)
digest = OpenSSL::Digest::SHA256.new
puts public_key.verify(digest, Base64.decode64(signature), message) # returns true
puts public_key.verify(digest, Base64.decode64(signature), message + "modified") # returns false
Looks like as of Ruby 2.5, there's a new verify_pss method on the OpenSSL::PKey::RSA class.
signature = Vault.logical.write(
"transit/sign/#{transit_key}/sha2-256",
input: Base64.encode64(message),
signature_algorithm: "pss"
).data[:signature].split(":")[2]
puts public_key.verify_pss(digest, Base64.decode64(signature), message, salt_length: :auto, mgf1_hash: "SHA256") # returns true
puts public_key.verify_pss(digest, Base64.decode64(signature), message + "modified", salt_length: :auto, mgf1_hash: "SHA256") # returns false

How to sign JWT?

I'm trying to secure a Sinatra API.
I'm using ruby-jwt to create the JWT, but I don't know exactly what to sign it with.
I'm trying to use the user's BCrypt password_digest, but every time password_digest is called it changes, making the signature invalid when I go to verify it.
Use any kind of application secret key, not a user's bcrypt password digest.
For example, use the dot env gem and a .env file, with an entry such as:
JWT_KEY=YOURSIGNINGKEYGOESHERE
I personally generate a key by using a simple random hex string:
SecureRandom.hex(64)
The hex string contains just 0-9 and a-f, so the string is URL safe.
For RS256 public and private key strategy you can use Ruby OpenSSL lib:
Generating keys:
key = OpenSSL::PKey::RSA.new 2048
open 'private_key.pem', 'w' do |io| io.write key.to_pem end
open 'public_key.pem', 'w' do |io| io.write key.public_key.to_pem end
Load key from .pem file to sign token:
priv_key = OpenSSL::PKey::RSA.new File.read 'private_key.pem'
token = JWT.encode payload, priv_key, 'RS256'
Load key from .pem file to Verify token(Create a middleware for this):
begin
# env.fetch gets http header
bearer = env.fetch('HTTP_AUTHORIZATION').slice(7..-1)
pub_key = OpenSSL::PKey::RSA.new File.read 'public_key.pem'
payload = JWT.decode bearer, pub_key, true, { algorithm: 'RS256'}
# access your payload here
#app.call env
rescue JWT::ExpiredSignature
[403, { 'Content-Type' => 'text/plain' }, ['The token has expired.']]
rescue JWT::DecodeError
[401, { 'Content-Type' => 'text/plain' }, ['A token must be passed.']]
rescue JWT::InvalidIssuerError
[403, { 'Content-Type' => 'text/plain' }, ['The token does not have a valid issuer.']]
rescue JWT::InvalidIatError
[403, { 'Content-Type' => 'text/plain' }, ['The token does not have a valid "issued at" time.']]
end
To use RSA key in your .env instead of loading a file, you will need to use gem 'dotenv' and import the key as a single line variable with the use of newline '\n'. check this question on how to do it. example:
PUBLIC_KEY="-----BEGIN PUBLIC KEY-----\nmineminemineminemine\nmineminemineminemine\nmineminemine...\n-----END PUBLIC KEY-----\n"
as an .env PUBLIC_KEY variable, loading the key will change to this:
key = OpenSSL::PKey::RSA.new ENV['PUBLIC_KEY']
According to wikipedia, a secret key used in cryptography is basically just that, a key to open the lock. The key should be consistent and reliable, but not easy to duplicate, just like a key you would use on your home.
As stated in this answer, secret keys should be randomly-generated. However, you still want the key to be retained for use across the application. By using the password digest from bcrypt, you are actually using a hashed key that was derived from a base secret key (the password). Because the hash is random, this is not a reliable secret key to use, as you stated.
The previous answer using SecureRandom.hex(64) is a great way to create an initial base application key. However, in a production system, you should be taking this in as a configuration variable and storing it for consistent use across multiple runs of your application (for example following a server reboot, you should not invalidate all of your user's JWTs) or across multiple distributed servers. This article gives an example of pulling in the secret key from an environment variable for rails.

Calculate an RFC 2104-compliant HMAC with the SHA256 hash algorithm in ruby

I was going through the Amazon Product Advertising API REST signature docs and I got stuck at #8
Calculate an RFC 2104-compliant HMAC with the SHA256 hash algorithm using the string above with our "dummy" Secret Access Key: 1234567890. For more information about this step, see documentation and code samples for your programming language.
I managed to get it on one more try with the help of Calculating a SHA hash with a string + secret key in python.
The following creates the correct signature:
require 'openssl'
secret_key = '1234567890'
query = 'AWSAccessKeyId=AKIAIOSFODNN7EXAMPLE&ItemId=0679722769&Operation=ItemLookup&ResponseGroup=ItemAttributes%2COffers%2CImages%2CReviews&Service=AWSECommerceService&Timestamp=2009-01-01T12%3A00%3A00Z&Version=2009-01-06'
data = ['GET', 'ecs.amazonaws.com', '/onca/xml', query].join("\n")
sha256 = OpenSSL::Digest::SHA256.new
sig = OpenSSL::HMAC.digest(sha256, secret_key, data)
signature = Base64.encode64(sig)
Adding to AJcodez answer:
I would do:
...
signature_raw = Base64.strict_encode64(sig)
signature = CGI::escape(signature_raw)
encode64adds a newline at the end, strict_encode64() does not.
https://stackoverflow.com/a/2621023/2760406
Amazon wants you to "URL encode the plus (+) and equal (=) characters in the signature" #9 - won't work now if you don't.
http://docs.aws.amazon.com/AWSECommerceService/latest/DG/rest-signature.html#rest_detailedexample
You can calculate a keyed-hash message authentication code (HMAC-SHA256) signature with your secret access key by using cryptoJs
First install cryptoJs locally in your system by typing
npm install crypto-js
to install it globally you node a flag -g to the above command. Then add this code and run it.
var CryptoJS = require("crypto-js");
// Calculate an RFC 2104-compliant HMAC with the SHA256 hash algorithm
var exampleString =
"GET\n" +
"webservices.amazon.com\n" +
"/onca/xml\n" +
"AWSAccessKeyId=AKIAIOSFODNN7EXAMPLE&AssociateTag=mytag-20&ItemId=0679722769&Operation=ItemLookup&ResponseGroup=Images%2CItemAttributes%2COffers%2CReviews&Service=AWSECommerceService&Timestamp=2014-08-18T12%3A00%3A00Z&Version=2013-08-01";
var signature = CryptoJS.HmacSHA256(exampleString, "1234567890");
console.log("test signature", signature.toString(CryptoJS.enc.Base64));

Resources