Significance of setRelaxVerificationKeyValidation() in JwtConsumerBuilder() while validating the JWT

Question

    val jwtConsumer = JwtConsumerBuilder()
        .setVerificationKey(getPublicKeyFromPEMString(publicKeyAuth)) // verify the signature with the public key
        .setRelaxVerificationKeyValidation() // needed if the key is smaller than 256 bits
        .setJwsAlgorithmConstraints( // only allow the expected signature algorithm(s) in the given context
            AlgorithmConstraints.ConstraintType.PERMIT,
            AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256
        )
        .build()

I am using jose4j 0.7.9 for verification.

where, I created a JWT with ES256 header and secp256k1 curve key using fusionAuth library. So while validating the jwt with the public key in key pair.

It gets successful only when this flag (setRelaxVerificationKeyValidation) value is set to false.

Can anyone please tell me, what relaxation it is doing? I tried with a wrong key to test, but it failed as expected. Please shed some light.

Brian Campbell · Accepted Answer · 2023-02-23T00:09:57.470

1

JwtConsumerBuilder.setRelaxVerificationKeyValidation() will set setDoKeyValidation(false) on the JsonWebSignature instance the JwtConsumer is using the process the JWS and verify its signature.

In general setting setDoKeyValidation(false) will skip some extra type checks and minimum key length checks with RSA and HMAC. With ECDSA it's not doing a lot - just skipping this check https://bitbucket.org/b_c/jose4j/src/1ec20f8716436857a3929f60e644d4de1e40bfd9/src/main/java/org/jose4j/jws/EcdsaUsingShaAlgorithm.java#lines-243

I honestly don't know why that would cause issues with a key/token created with the fusionAuth library.

But wait, secp256k1 is the JWS ES256K alg. Jose4j only really supports that as of https://bitbucket.org/b_c/jose4j/wiki/Release%20Notes 0.8.0. So something is off here...

edited Feb 23 '23 at 00:09

answered Feb 23 '23 at 00:01

Brian Campbell

2,293
12
13

Thanks for the answer @Brian Exactly this is the error we got. JWT processing failed. Additional details: [[17] Unable to process JOSE object (cause: org.jose4j.lang.InvalidKeyException: ES256/SHA256withECDSA expects a key using P-256 but was null): May I know why it was null? because since the key is k1 it tries to get curve name which is not there in map? And yes I read rfc8518 about using es256k only for secp256k1, but in our case, the iot device we are using might send r1 or k1 keys with es256 header. so need that flexibility. – Benjamin Feb 23 '23 at 11:27
1

Yes, it's null because the curveToName map in EllipticCurves doesn't have an entry for secp256k1 (prior to v 0.8.0). – Brian Campbell Feb 23 '23 at 14:54
ok, other than that, if we use this flag, secp256k1 key validation in this jwt is happening correctly right? – Benjamin Feb 23 '23 at 15:02
1

Well, alg:ES256 with a secp256k1 key isn't valid. When using that flag, it basically just accidentally allows it to work by letting java validate the signature using "SHA256withECDSA" and the secp256k1 key. – Brian Campbell Feb 24 '23 at 00:43
Thanks a lot, one last question, does fusionAuth supports es256k with secp256k1 ? – Benjamin Feb 24 '23 at 14:35
1

I don't know about fusionAuth. – Brian Campbell Feb 24 '23 at 14:56

Significance of setRelaxVerificationKeyValidation() in JwtConsumerBuilder() while validating the JWT

1 Answers1