1

I was trying to decode the JWT payload in java but this payload is compressed/deflated

"zip": "DEF"

java.util.zip.DataFormatException: incorrect header check

private static byte[] decompress(byte[] value) throws DataFormatException {
        ByteArrayOutputStream bos = new ByteArrayOutputStream(value.length);
        Inflater decompressor = new Inflater();
        try {
          decompressor.setInput(value);
          final byte[] buf = new byte[1024];
          while (!decompressor.finished()) {
            int count = decompressor.inflate(buf);
            bos.write(buf, 0, count);
          }
        } finally {
          decompressor.end();
        }
        return bos.toByteArray();
      }




public static void main(String[] args) throws Exception {
        
        
        String payload = "7VPbjtMwEP2X4TUXO9CumjdYkFghoZVaFiHUB9eZNka-RLYTUVb5d8ZuKxW09AuQ8jL2mTPnHGeeYZLQPkM8Dgjtd-hjHEJb18EIH3sUOvaVFL4Lr6SbVMdXUNzAnIoyFTdxypjRql8iKmdhW4D02KGNSuj1uPuBMiZJ-175J_QhYVp4U7GKE2k6fTfaTmPCeAxu9BI3WT6cL4qzHZBOa2JLDAXQAH8kj8Q8av3FawJc-ltGgEvxAvEjSaV-Allh8EQijNLEB-vN280HujmoCW3K8OvHh_Wnb7CdydlOkfX3IiYSvlqxkr2mD-a5eFEGvy3j4Tq3AkIUcQzZpxk0RkypT0JKZfHedZlBuk7ZQ1YcjiGiIXh6GHqXXt9Vzh_qFGkdVFfL6ScRyNwJDbuDeTsXMJy9Zzl79GiTtuvoEgj93nmDPk8SMjqfGjoVBi1SSvdP68deeCPkkdxTMk7K0WeyFM9GmdPQhpdsWTZLEqJd_DyaXeIE_s_Imv-RnSJb_BUZS5ltZ8oNlCAtfNks2HLBOKe_eLf_80CFcHaZN1ZFXopBVXIKl8V15nqR64nXec3n3w";
       
         byte[] byt = Base64.getUrlDecoder().decode(new String(payload).getBytes("UTF-8"));
        
        byte[] b =  decompress(byt);
        String s = new String(b, StandardCharsets.UTF_8);
    }

Some other folks in other programming language was able to crack this out using this, wondering how will I accomplish this in java?

const decompressedCard = zlib.inflateRawSync(decodedPayload);
const card = JSON.parse(decompressedCard.toString());
Rohit Sharma
  • 13
  • 1
  • 4
  • 1
    try `Inflater decompressor = new Inflater(true);` (setting the nowrap parameter to true to decomress raw (without header) data. That should be equal tò inflateRaw` – jps Jul 21 '21 at 12:31
  • My base64 decoder says that string is "Invalid input" – g00se Jul 21 '21 at 12:33
  • @g00se that's base64url encoded data – jps Jul 21 '21 at 12:37
  • >@g00se that's base64url encoded data < I am aware of that, but my base64 decoder might beg to differ ;) – g00se Jul 21 '21 at 12:49
  • Interestingly, I made my own payload and compressed it with gzip. I then tried it with your code and it fell over. It was OK when I used `GZIPInputStream` though – g00se Jul 21 '21 at 13:44
  • *Is* your data compressed with gzip? – g00se Jul 21 '21 at 13:49

2 Answers2

3

Ususally compressed payload is used in encrypted JWTs (JWE), but SMART Health Cards also use it in signed tokens (JWS). In both cases, the DEFLATE format as defined in RFC1951 is used. For Zlib (as shown in the example on the bottom of the question) you have to use deflateRaw/inflateRaw (DEFLATE without any Zlib or gz headers).

In case of the java.util.zip.Inflater, initializing the inflater with

Inflater decompressor = new Inflater(true);

is setting the nowrap parameter to true to decompress in raw mode (without header) data,
which is equal to using inflateRaw in Node.js.

(see also https://docs.oracle.com/javase/7/docs/api/java/util/zip/Inflater.html)

With this setting, the code in the question works fine and the given example data can be inflated to a JSON.

jps
  • 20,041
  • 15
  • 75
  • 79
-1

The thing about nowrap is correct I think, but nonetheless, I wasn't able to get your code working until I fixed the corrupt input (mentioned above) and did this:

import java.util.Base64;
import java.util.zip.GZIPInputStream;
import java.io.ByteArrayOutputStream;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.nio.charset.StandardCharsets;

public class Decomp2 {

    public static byte[] gunzip(byte[] value) throws IOException {
        byte[] result = null;
        ByteArrayOutputStream out = new ByteArrayOutputStream();
        byte[] buf = new byte[1024];
        int numRead = -1;
        try (GZIPInputStream in = new GZIPInputStream(new ByteArrayInputStream(value))) {
            while ((numRead = in.read(buf)) > -1) {
                out.write(buf, 0, numRead);
            }
            result = out.toByteArray();
        }
        return result;
    }

    public static void main(String[] args) throws Exception {

        // Data gzipped and b64url-encoded
        String payload = "H4sIAKow-GAAA-1Ty27bMBC89zO2Vz1ItXZg3dokQIICRQC7CYrCB5paWwxIUSApoW6gf--StgG3SPwFAXRZcnZ2Zqh9gVFC_QJh3yPUv6ANofd1WXojXGhR6NAWUrjGf5R2VA1fQHYBcyjyWFzEKWOGTv0RQdkO1hlIhw12QQm9HDbPKEOUtG2Ve0TnI6aGzwUrOJHG069D12iMGIfeDk7iKsmH40V2tAPSak1skSEDGuD25JGYB61_OE2AU3_NCHAqXiF-IKnUT6BOGDyQCKM08cFy9WV1Szc7NWIXM3y6u19--wnriZxtFFm_ESGS8MWC5ewTfTBN2asy-GUZ9-e5ZeCDCINPPk2vMWBMfRRSqg6vbZMYpG1Ut0uK_d4HNASPD0Pv0uqrwrpdGSMtvWpKOf4mApk6oWJXMK2nDPqj9yRniw67qO08ughCt7XOoEuThAzWxYZG-V6LmNL14_KhFc4IuSf3lIyVcnCJLMazUuYwtOI5m-fVnIRoG74PZhM5gb8ZWfUe2SGy2X-RsZjZeqLcQAnSwufVjM1njHP6izfbfw-U90eXaWNV4LnoVSFHf1pca84XuRx5mdZ8-vAX5R6TWUMEAAA=";
        byte[] byt = Base64.getUrlDecoder().decode(payload.getBytes("UTF-8"));
        byte[] b = gunzip(byt);
        String s = new String(b, StandardCharsets.UTF_8);
        System.out.println(s);
    }
}
g00se
  • 3,207
  • 2
  • 5
  • 9