targets/jose-panva/server.js · JWT Differential Fuzzer

64 lines · javascript

const http = require("http");
const jose = require("jose");
 
const LIB_ID = "panva";
const LIB_VERSION = require("jose/package.json").version;
 
async function importKey(keyMaterial, algs) {
  if (typeof keyMaterial === "string" && keyMaterial.includes("BEGIN")) {
    const asymAlgs = algs.filter((a) => /^(RS|PS|ES|Ed)/.test(a));
    const tryAlg = asymAlgs[0] || algs[0];
    return await jose
      .importSPKI(keyMaterial, tryAlg)
      .catch(async () => jose.importX509(keyMaterial, tryAlg));
  }
  if (typeof keyMaterial === "object" && keyMaterial !== null) {
    const alg = algs[0];
    return await jose.importJWK(keyMaterial, alg);
  }
  return new TextEncoder().encode(keyMaterial);
}
 
async function verdict(payload) {
  const { token, key, algs } = payload;
  try {
    const k = await importKey(key, algs);
    const { payload: claims } = await jose.jwtVerify(token, k, {
      algorithms: algs,
    });
    return { valid: true, claims, error: null, lib: LIB_ID, version: LIB_VERSION };
  } catch (e) {
    return {
      valid: false,
      claims: null,
      error: `${e.code || e.name}: ${e.message}`,
      lib: LIB_ID,
      version: LIB_VERSION,
    };
  }
}
 
const server = http.createServer((req, res) => {
  if (req.method !== "POST" || req.url !== "/verify") {
    res.writeHead(404);
    return res.end();
  }
  let body = "";
  req.on("data", (c) => (body += c));
  req.on("end", async () => {
    let payload;
    try {
      payload = JSON.parse(body);
    } catch {
      res.writeHead(400, { "Content-Type": "application/json" });
      return res.end(JSON.stringify({ error: "bad json" }));
    }
    const out = await verdict(payload);
    res.writeHead(200, { "Content-Type": "application/json" });
    res.end(JSON.stringify(out));
  });
});
 
server.listen(7004, "0.0.0.0", () => {
  console.error(`[${LIB_ID} ${LIB_VERSION}] listening :7004`);
});

1	const http = require("http");
2	const jose = require("jose");
3
4	const LIB_ID = "panva";
5	const LIB_VERSION = require("jose/package.json").version;
6
7	async function importKey(keyMaterial, algs) {
8	if (typeof keyMaterial === "string" && keyMaterial.includes("BEGIN")) {
9	const asymAlgs = algs.filter((a) => /^(RS\|PS\|ES\|Ed)/.test(a));
10	const tryAlg = asymAlgs[0] \|\| algs[0];
11	return await jose
12	.importSPKI(keyMaterial, tryAlg)
13	.catch(async () => jose.importX509(keyMaterial, tryAlg));
14	}
15	if (typeof keyMaterial === "object" && keyMaterial !== null) {
16	const alg = algs[0];
17	return await jose.importJWK(keyMaterial, alg);
18	}
19	return new TextEncoder().encode(keyMaterial);
20	}
21
22	async function verdict(payload) {
23	const { token, key, algs } = payload;
24	try {
25	const k = await importKey(key, algs);
26	const { payload: claims } = await jose.jwtVerify(token, k, {
27	algorithms: algs,
28	});
29	return { valid: true, claims, error: null, lib: LIB_ID, version: LIB_VERSION };
30	} catch (e) {
31	return {
32	valid: false,
33	claims: null,
34	error: `${e.code \|\| e.name}: ${e.message}`,
35	lib: LIB_ID,
36	version: LIB_VERSION,
37	};
38	}
39	}
40
41	const server = http.createServer((req, res) => {
42	if (req.method !== "POST" \|\| req.url !== "/verify") {
43	res.writeHead(404);
44	return res.end();
45	}
46	let body = "";
47	req.on("data", (c) => (body += c));
48	req.on("end", async () => {
49	let payload;
50	try {
51	payload = JSON.parse(body);
52	} catch {
53	res.writeHead(400, { "Content-Type": "application/json" });
54	return res.end(JSON.stringify({ error: "bad json" }));
55	}
56	const out = await verdict(payload);
57	res.writeHead(200, { "Content-Type": "application/json" });
58	res.end(JSON.stringify(out));
59	});
60	});
61
62	server.listen(7004, "0.0.0.0", () => {
63	console.error(`[${LIB_ID} ${LIB_VERSION}] listening :7004`);
64	});