Mirror
/
CyberChef
mirror of https://github.com/gchq/CyberChef.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch '1073-jwt-verify' of https://github.com/mt3571/CyberChef into mt3571-1073-jwt-verify

This commit is contained in:
n1474335 2021-02-09 14:02:21 +00:00
parent 3ae2e2e2c8 887ea0cf06
commit 5bc523aeff
3 changed files with 33 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
src/core/lib/JWT.mjs Normal file
View File

@ -0,0 +1,24 @@
/**
* JWT resources
*
* @author mt3571 [mt3571@protonmail.com]
* @copyright Crown Copyright 2020
* @license Apache-2.0
*/
/**
* List of the JWT algorithms that can be used
*/
export const JWT_ALGORITHMS = [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512",
"None"
];

16
src/core/operations/JWTSign.mjs
View File

@ -8,6 +8,9 @@ import Operation from "../Operation.mjs";
import jwt from "jsonwebtoken"; import jwt from "jsonwebtoken";
import OperationError from "../errors/OperationError.mjs"; import OperationError from "../errors/OperationError.mjs";
import {JWT_ALGORITHMS} from "../lib/JWT.mjs";
/** /**
* JWT Sign operation * JWT Sign operation
*/ */
@ -34,18 +37,7 @@ class JWTSign extends Operation {
{ {
name: "Signing algorithm", name: "Signing algorithm",
type: "option", type: "option",
value: [ value: JWT_ALGORITHMS
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512",
"None"
]
} }
]; ];
} }

11
src/core/operations/JWTVerify.mjs
View File

@ -8,6 +8,9 @@ import Operation from "../Operation.mjs";
import jwt from "jsonwebtoken"; import jwt from "jsonwebtoken";
import OperationError from "../errors/OperationError.mjs"; import OperationError from "../errors/OperationError.mjs";
import {JWT_ALGORITHMS} from "../lib/JWT.mjs";
/** /**
* JWT Verify operation * JWT Verify operation
*/ */
@ -43,12 +46,8 @@ class JWTVerify extends Operation {
const [key] = args; const [key] = args;
try { try {
const verified = jwt.verify(input, key, { algorithms: [ const verified = jwt.verify(input, key, { algorithms: JWT_ALGORITHMS});
"HS256",
"HS384",
"HS512",
"none"
]});
if (Object.prototype.hasOwnProperty.call(verified, "name") && verified.name === "JsonWebTokenError") { if (Object.prototype.hasOwnProperty.call(verified, "name") && verified.name === "JsonWebTokenError") {
throw new OperationError(verified.message); throw new OperationError(verified.message);