ruby-jwt icon indicating copy to clipboard operation
ruby-jwt copied to clipboard

Published 20 hours ago verified publisher icon jwt

RSA JWK parsing

Open bellebaum opened this issue 2 years ago • 4 comments

This came up while reworking the JWK stuff for #520

The function create_rsa_key for OpenSSL version 3 looks like this:

https://github.com/jwt/ruby-jwt/blob/b4f9f1d483086054e812dc6ce5655466b6de3858/lib/jwt/jwk/rsa.rb#L93-L106

I like the approach of converting a JWK to DER, then feeding it into OpenSSL, since this is unlikely to change (in fact, wouldn't this work for other versions of OpenSSL, making all the "legacy" implementations unnecessary?)

Anyways, the code has a few problems.

Firstly, any subset of parameters specified in ASN1_SEQUENCE could be present in an illformed JWK, and the resulting DER can then probably not be parsed by any SSL library.

But secondly, there is an important missmatch between RFC 7518, Section 6.3.2

The parameter "d" is REQUIRED for RSA private keys. The others enable optimizations and SHOULD be included by producers of JWKs representing RSA private keys. If the producer includes any of the other private key parameters, then all of the others MUST be present, with the exception of "oth", which MUST only be present when more than two prime factors were used.

and RFC 3447, Appendix A.1.2, which only permits keys with all parameters present. This implies that valid JWKs containing exactly the kty specific keys kty, n, e, and d, are not guaranteed to be parseable this way.

One could try to calculate the missing values, but especially the step of finding p and q is not trivial at all...

bellebaum avatar Oct 11 '22 11:10 bellebaum

There are some good points here. I think we should extend the test suite for the JWKs for "incomplete" parameters.

Like how does OpenSSL 2 and 3 differ in behaviour. I would not yet be confident using the DER approach as the primary way to generate keys.

Are you planning doing something about this or should we take one challenge at a time and try to finish the JWK importing that is WIP?

anakinj avatar Oct 11 '22 14:10 anakinj

I was trying to do something briefly today, but decided that this will probably take more time than I can spend right now, so I am focussing on existing challenges and leaving this here as a reminder or for someone else to pick up in the meantime :)

bellebaum avatar Oct 11 '22 14:10 bellebaum

I will take a stab on trying to expand the test suite a little. Lets see if there are some differences in behaviours with the implementations.

anakinj avatar Oct 11 '22 16:10 anakinj

@anakinj I just wanted to say thank you for keeping up the work here :heart: . I get emailed whenever there is progress on the Ruby OpenSSL PR :)

bellebaum avatar Jan 09 '23 14:01 bellebaum