OXIESEC PANEL

Name	Size	Modified	Perms
📁 ..	-	08/12/2024 10:34:18 AM	rwxr-xr-x
📄 ES512TokenTest.php	6.42 KB	08/12/2024 10:34:18 AM	rw-r--r--
📄 EcdsaTokenTest.php	8.64 KB	08/12/2024 10:34:18 AM	rw-r--r--
📄 HmacTokenTest.php	6.12 KB	08/12/2024 10:34:18 AM	rw-r--r--
📄 MaliciousTamperingPreventionTest.php	4.41 KB	08/12/2024 10:34:18 AM	rw-r--r--
📄 RFC6978VectorTest.php	5.26 KB	08/12/2024 10:34:18 AM	rw-r--r--
📄 RsaTokenTest.php	7.2 KB	08/12/2024 10:34:18 AM	rw-r--r--
📄 TimeFractionPrecisionTest.php	3.67 KB	08/12/2024 10:34:18 AM	rw-r--r--
📄 UnsignedTokenTest.php	5.44 KB	08/12/2024 10:34:18 AM	rw-r--r--

Editing: MaliciousTamperingPreventionTest.php

<?php
declare(strict_types=1);

namespace Lcobucci\JWT\FunctionalTests;

use Lcobucci\JWT\Configuration;
use Lcobucci\JWT\Encoding\JoseEncoder;
use Lcobucci\JWT\Keys;
use Lcobucci\JWT\Signer\Ecdsa\Sha512 as ES512;
use Lcobucci\JWT\Signer\Hmac\Sha256 as HS512;
use Lcobucci\JWT\Signer\Key\InMemory;
use Lcobucci\JWT\Token\Plain;
use Lcobucci\JWT\Validation\Constraint\SignedWith;
use PHPUnit\Framework\TestCase;

use function assert;
use function explode;
use function hash_hmac;
use function implode;

use const PHP_EOL;

final class MaliciousTamperingPreventionTest extends TestCase
{
    use Keys;

private Configuration $config;

/** @before */
    public function createConfiguration(): void
    {
        $this->config = Configuration::forAsymmetricSigner(
            ES512::create(),
            InMemory::plainText('my-private-key'),
            InMemory::plainText(
                '-----BEGIN PUBLIC KEY-----' . PHP_EOL
                . 'MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAcpkss6wI7PPlxj3t7A1RqMH3nvL4' . PHP_EOL
                . 'L5Tzxze/XeeYZnHqxiX+gle70DlGRMqqOq+PJ6RYX7vK0PJFdiAIXlyPQq0B3KaU' . PHP_EOL
                . 'e86IvFeQSFrJdCc0K8NfiH2G1loIk3fiR+YLqlXk6FAeKtpXJKxR1pCQCAM+vBCs' . PHP_EOL
                . 'mZudf1zCUZ8/4eodlHU=' . PHP_EOL
                . '-----END PUBLIC KEY-----'
            )
        );
    }

/**
     * @test
     *
     * @covers \Lcobucci\JWT\Configuration
     * @covers \Lcobucci\JWT\Encoding\JoseEncoder
     * @covers \Lcobucci\JWT\Token\Builder
     * @covers \Lcobucci\JWT\Token\Parser
     * @covers \Lcobucci\JWT\Token\Plain
     * @covers \Lcobucci\JWT\Token\DataSet
     * @covers \Lcobucci\JWT\Token\Signature
     * @covers \Lcobucci\JWT\Signer\Key\InMemory
     * @covers \Lcobucci\JWT\Signer\Ecdsa
     * @covers \Lcobucci\JWT\Signer\Ecdsa\MultibyteStringConverter
     * @covers \Lcobucci\JWT\Signer\Ecdsa\Sha512
     * @covers \Lcobucci\JWT\Signer\Hmac
     * @covers \Lcobucci\JWT\Signer\Hmac\Sha256
     * @covers \Lcobucci\JWT\Signer\Hmac\Sha512
     * @covers \Lcobucci\JWT\Validation\Constraint\SignedWith
     * @covers \Lcobucci\JWT\Validation\Validator
     */
    public function preventRegressionsThatAllowsMaliciousTampering(): void
    {
        $data = 'eyJhbGciOiJFUzUxMiIsInR5cCI6IkpXVCJ9.eyJoZWxsbyI6IndvcmxkIn0.'
            . 'AQx1MqdTni6KuzfOoedg2-7NUiwe-b88SWbdmviz40GTwrM0Mybp1i1tVtm'
            . 'TSQ91oEXGXBdtwsN6yalzP9J-sp2YATX_Tv4h-BednbdSvYxZsYnUoZ--ZU'
            . 'dL10t7g8Yt3y9hdY_diOjIptcha6ajX8yzkDGYG42iSe3f5LywSuD6FO5c';

// Let's let the attacker tamper with our message!
        $bad = $this->createMaliciousToken($data);

/**
         * At this point, we have our forged message in $bad for testing...
         *
         * Now, if we allow the attacker to dictate what Signer we use
         * (e.g. HMAC-SHA512 instead of ECDSA), they can forge messages!
         */

$token = $this->config->parser()->parse($bad);
        assert($token instanceof Plain);

self::assertEquals('world', $token->claims()->get('hello'), 'The claim content should not be modified');

$validator = $this->config->validator();

self::assertFalse(
            $validator->validate($token, new SignedWith(new HS512(), $this->config->verificationKey())),
            'Using the attackers signer should make things unsafe'
        );

self::assertFalse(
            $validator->validate(
                $token,
                new SignedWith(
                    $this->config->signer(),
                    $this->config->verificationKey()
                )
            ),
            'But we know which Signer should be used so the attack fails'
        );
    }

private function createMaliciousToken(string $token): string
    {
        $dec     = new JoseEncoder();
        $asplode = explode('.', $token);

// The user is lying; we insist that we're using HMAC-SHA512, with the
        // public key as the HMAC secret key. This just builds a forged message:
        $asplode[0] = $dec->base64UrlEncode('{"alg":"HS512","typ":"JWT"}');

$hmac = hash_hmac(
            'sha512',
            $asplode[0] . '.' . $asplode[1],
            $this->config->verificationKey()->contents(),
            true
        );

$asplode[2] = $dec->base64UrlEncode($hmac);

return implode('.', $asplode);
    }
}