xmidt-org / cjwt Goto Github PK

Also have to change references to the branch in .travis.yml, README, and CONTRIBUTING. Double check any other markdown files as well - sometimes links have the branch name in them.

Getting the error, fallback must contain exactly two items.

The Meson build system
Version: 0.53.2
Source dir: /home/isecl-ami2/setup/cjwt
Build dir: /home/isecl-ami2/setup/cjwt/build
Build type: native build
Project name: cjwt
Project version: 2.1.0
C compiler for the host machine: cc (gcc 9.4.0 "cc (Ubuntu 9.4.0-1ubuntu1~20.04.1) 9.4.0")
C linker for the host machine: cc ld.bfd 2.34
Host machine cpu family: x86_64
Host machine cpu: x86_64
Configuring cjwtver.h using configuration
Found pkg-config: /usr/bin/pkg-config (0.29.1)
Run-time dependency openssl found: YES 1.1.1f

meson.build:35:0: ERROR: Fallback info must have exactly two items.

A full log can be found at /home/isecl-ami2/setup/cjwt/build/meson-logs/meson-log.txt

After adding, two items in fallback manually. Getting the following error eventhough trewor package is installed.

trower-base64 not found and it shows dependency not satisfied during build.

When trying to build as part of a bundle, cjwt always downloads trower-base64 and cJSON and uses a fixed version.

In the case of trying to have cjwt as a dependency from a bigger project the project will have to link trower-base64 and cJSON too, so it will need to install them. When trying to compile like this, it would be beneficial to look for libraries in the same prefix cjwt will be installed in.

Is that completed?

meson setup --warnlevel 3 --werror build
The Meson build system
Version: 0.61.5
Source dir: /home/isecl-ami/vijay/cjwt/cjwt
Build dir: /home/isecl-ami/vijay/cjwt/cjwt/build
Build type: native build
Project name: cjwt
Project version: 2.1.0
C compiler for the host machine: cc (gcc 7.5.0 "cc (Ubuntu 7.5.0-3ubuntu1~18.04) 7.5.0")
C linker for the host machine: cc ld.bfd 2.30
Host machine cpu family: x86_64
Host machine cpu: x86_64
Configuring cjwtver.h using configuration
Found pkg-config: /usr/bin/pkg-config (0.29.1)
Run-time dependency openssl found: YES 1.1.1
Run-time dependency libcjson found: YES 1.7.15
Found CMake: /usr/bin/cmake (3.10.2)
Run-time dependency trower-base64 found: NO (tried pkgconfig and cmake)
Looking for a fallback subproject for the dependency trower-base64

Executing subproject trower-base64

trower-base64| Project name: trower-base64
trower-base64| Project version: 1.2.7
trower-base64| C compiler for the host machine: cc (gcc 7.5.0 "cc (Ubuntu 7.5.0-3ubuntu1~18.04) 7.5.0")
trower-base64| C linker for the host machine: cc ld.bfd 2.30
trower-base64| Configuring ver.h using configuration
trower-base64| Program reuse found: NO
trower-base64| Build targets in project: 1
trower-base64| Subproject trower-base64 finished.

Dependency trower-base64 found: YES 1.2.7 (overridden)
Run-time dependency cunit found: YES 2.1-3
Program reuse found: NO
Build targets in project: 11

cjwt 2.1.0

Subprojects
trower-base64: YES

User defined options
warning_level: 3
werror : True

Found ninja-1.8.2 at /usr/bin/ninja
WARNING: Need gcovr or lcov/genhtml to generate any coverage reports
NOTICE: You are using Python 3.6 which is EOL. Starting with v0.62.0, Meson will require Python 3.7 or newer

I added the following tests to validate that the aud field is working & found it is not working.

diff --git a/tests/test_cjwt.c b/tests/test_cjwt.c
index 0f64984..a3c163b 100644
--- a/tests/test_cjwt.c
+++ b/tests/test_cjwt.c
@@ -228,12 +228,74 @@ void test_cjwt (void)
     test_case (i);
 }
 
+void simple_jwt( void )
+{
+    const char *jwt = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJleGFtcGxlLWlzc3VlciIsInN1YiI6ImV4YW1wbGUtc3ViIiwianRpIjoiZXhhbXBsZS1qdGkiLCJleHAiOjEyMzQ1LCJuYmYiOjEyMywiaWF0IjoxMjQsImF1ZCI6InNpbmdsZSJ9.4r0-KNnU99qVGTuSiDDey0JhP_Oy6lz4BLe4cpkP7QA";
+    const char *pw = "testing";
+    int result;
+    cjwt_t *got;
+
+    result = cjwt_decode( jwt, 0, &got, (const uint8_t *)pw, strlen(pw) );
+    CU_ASSERT( 0 == result );
+
+    CU_ASSERT_STRING_EQUAL( "example-issuer", got->iss );
+    CU_ASSERT_STRING_EQUAL( "example-sub",    got->sub );
+    CU_ASSERT_STRING_EQUAL( "example-jti",    got->jti );
+
+    CU_ASSERT( 12345 == got->exp.tv_sec  );
+    CU_ASSERT(     0 == got->exp.tv_nsec );
+
+    CU_ASSERT( 123 == got->nbf.tv_sec  );
+    CU_ASSERT(   0 == got->nbf.tv_nsec );
+
+    CU_ASSERT( 124 == got->iat.tv_sec  );
+    CU_ASSERT(   0 == got->iat.tv_nsec );
+
+    CU_ASSERT_FATAL( NULL != got->aud );
+    CU_ASSERT( 1 == got->aud->count );
+    CU_ASSERT_STRING_EQUAL( "single", got->aud->names[0] );
+
+    cjwt_destroy( &got );
+}
+
+void simple_array_jwt( void )
+{
+    const char *jwt = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJhbHBoYSIsInN1YiI6ImJldGEiLCJqdGkiOiJnYW1tYSIsImV4cCI6MTIzNDUuMywibmJmIjoxMjMsImlhdCI6MTI0LjksImF1ZCI6WyJvbmUiLCJ0d28iXX0.MNhlfkWsAaiZSZF6VIpsMhzPDZrRLQ9x5Ywl08TZoVg";
+    const char *pw = "testing";
+    int result;
+    cjwt_t *got;
+
+    result = cjwt_decode( jwt, 0, &got, (const uint8_t *)pw, strlen(pw) );
+    CU_ASSERT( 0 == result );
+
+    CU_ASSERT_STRING_EQUAL( "alpha", got->iss );
+    CU_ASSERT_STRING_EQUAL( "beta",  got->sub );
+    CU_ASSERT_STRING_EQUAL( "gamma", got->jti );
+
+    CU_ASSERT( 12345 == got->exp.tv_sec  );
+    CU_ASSERT(     0 == got->exp.tv_nsec );
+
+    CU_ASSERT( 123 == got->nbf.tv_sec  );
+    CU_ASSERT(   0 == got->nbf.tv_nsec );
+
+    CU_ASSERT( 124 == got->iat.tv_sec  );
+    CU_ASSERT(   0 == got->iat.tv_nsec );
+
+    CU_ASSERT_FATAL( NULL != got->aud );
+    CU_ASSERT( 2 == got->aud->count );
+    CU_ASSERT_STRING_EQUAL( "one", got->aud->names[0] );
+    CU_ASSERT_STRING_EQUAL( "two", got->aud->names[1] );
+
+    cjwt_destroy( &got );
+}
 
 void add_suites( CU_pSuite *suite )
 {
     printf ("--------Start of Test Cases Execution ---------\n");
     *suite = CU_add_suite( "tests", NULL, NULL );
     CU_add_test( *suite, "Test cjwt", test_cjwt );
+    CU_add_test( *suite, "Validate a simple jwt with aud", simple_jwt );
+    CU_add_test( *suite, "Validate a simple jwt with aud array", simple_array_jwt );
 }
 
 /*----------------------------------------------------------------------------*/

Why do you expect the JWT token header should only have alg and type? It can also contain additional fields right?

    cJSON_DeleteItemFromObjectCaseSensitive(json, "alg");
    cJSON_DeleteItemFromObjectCaseSensitive(json, "typ");

     if (json->next || json->prev || json->child) {
        return CJWTE_HEADER_UNSUPPORTED_UNKNOWN;
    }

This statement piece should be removed I guess. Please do review this piece and update it.

Sample header :

{
"alg": "PS384",
"url": "some-url",
"kid": "1234",
"typ": "JWT"
}

This is failing in your code. But it should not.

Could you please provide me the sample for PS384 like,
https://github.com/xmidt-org/cjwt/blob/main/examples/basic/rs_example.c

I tried using this same code but made only one change,

My public key header is ""-----BEGIN RSA PUBLIC KEY-----" instead of "-----BEGIN PUBLIC KEY-----". So I made change in /src/jws_evp_openssl.c --> in verify_rsa() function, --> replaced PEM_read_bio_RSA_PUBKEY( ) with PEM_read_bio_RSAPublicKey( ).

now getting error in EVP_DigestVerifyFinal( ), this function returns 0 instead of 1.

Can you provide the sample for this?

Hello:

I am using this library to validate a JWT token.

The problem I have is that I start from a JWK token:

 {
   "kty": "RSA",
   "e": "AQAB",
   "use": "next",
   "kid": "xxxxxxx",
   "alg": "RS256",
   "n": "xxxxxx......"
 }

The library allows you to validate the JWT token from a public key:

const char *rs_pub_key =
"-----BEGIN PUBLIC KEY-----\n"
.....
"-----END PUBLIC KEY-----";

i'm not sure how to convert the JWK token to public key in the c language. I have tried his online converter:

https://8gwifi.org/jwkconvertfunctions.jsp

and the JWT converted to public key works well with the library.

Could you give me some guidance to convert JWK to public key?

thanks.