Skip to content
This repository has been archived by the owner on Jul 13, 2023. It is now read-only.

Commit

Permalink
feat: Use cryptography based JWT parser for increased speed
Browse files Browse the repository at this point in the history
Switches to using python cryptography library instead of jose/jwt
(which relied on python ecdsa library). Also discovered lots of fun
discrepencies between how ecdsa and libssl sign things.

closes #785
  • Loading branch information
jrconlin committed Mar 29, 2017
1 parent 4128d94 commit 2b9da7b
Show file tree
Hide file tree
Showing 2 changed files with 94 additions and 25 deletions.
89 changes: 89 additions & 0 deletions autopush/jwt.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,89 @@
"""Why hand roll?
Most python JWT libraries either use a python elliptic curve library directly,
or call one that does, or is abandoned, or a dozen other reasons.
After spending half a day looking for reasonable replacements, I decided to
just write the functions we need directly.
THIS IS NOT A FULL JWT REPLACEMENT.
"""

import base64
import binascii
import json
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives.asymmetric import ec, utils
from cryptography.hazmat.primitives import hashes


def repad(string):
# type: (str) -> str
"""Adds padding to strings for base64 decoding"""
if len(string) % 4:
string += '===='[len(string) % 4:]
return string


class VerifyJWT(object):

@staticmethod
def extract_signature(auth):
# type: (str) -> tuple()
"""Fix the JWT auth token.
The `ecdsa` library signs using a raw, 32octet pair of values (r,s).
Cryptography, which uses OpenSSL, uses a DER sequence of (s, r).
This function converts the raw ecdsa to DER.
"""
payload, asig = auth.rsplit(".", 1)
sig = base64.urlsafe_b64decode(repad(asig).encode('utf8'))
if len(sig) != 64:
return payload, sig

# ecdsa and openssl transpose the "r" and "s" values of the signatures.
# for ecdsa signature is (r, s)
# for openssl, signature is (s, r)
# It's ok, though, because neither label them, even though openssl
# uses namedtypes, with the names set to ""
#
# Oh frabjous day!
encoded = utils.encode_dss_signature(
r=int(binascii.hexlify(sig[:32]), 16),
s=int(binascii.hexlify(sig[32:]), 16)
)
return payload, encoded

@staticmethod
def decode(token, key=None, *args, **kwargs):
# type (cls, str, str) -> dict()
"""Decode a web token into a assertion dictionary.
This attempts to rectify both ecdsa and openssl generated
signatures. We use the built-in cryptography library since it wraps
libssl and is faster than the python only approach.
This raises an InvalidSignature exception if the signature fails.
"""
# convert the signature if needed.
sig_material, signature = VerifyJWT.extract_signature(token)
pkey = ec.EllipticCurvePublicNumbers.from_encoded_point(
ec.SECP256R1(),
key
).public_key(default_backend())
# NOTE: verify() will take any string as the signature. It appears
# to be doing lazy verification and matching strings rather than
# comparing content values. If the signatures start failing for
# some unknown reason in the future, decode the signature and
# make sure it matches how we're reconstructing it.
# This will raise an InvalidSignature exception if failure.
# It will be captured externally.
pkey.verify(
signature,
sig_material.encode('utf8'),
ec.ECDSA(hashes.SHA256()))
return json.loads(
base64.urlsafe_b64decode(
repad(sig_material.split('.')[1]).encode('utf8')))
30 changes: 5 additions & 25 deletions autopush/utils.py
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@
import time
import uuid

import ecdsa
import requests
from attr import (
Factory,
Expand All @@ -16,7 +15,6 @@
)
from boto.dynamodb2.items import Item # noqa
from cryptography.fernet import Fernet # noqa
from jose import jwt
from typing import ( # noqa
Any,
Dict,
Expand All @@ -27,6 +25,7 @@
from ua_parser import user_agent_parser

from autopush.exceptions import InvalidTokenException
from autopush.jwt import repad, VerifyJWT as jwt


# Remove trailing padding characters from complex header items like
Expand Down Expand Up @@ -122,14 +121,6 @@ def base64url_encode(string):
return base64.urlsafe_b64encode(string).strip('=')


def repad(string):
# type: (str) -> str
"""Adds padding to strings for base64 decoding"""
if len(string) % 4:
string += '===='[len(string) % 4:]
return string


def base64url_decode(string):
# type: (str) -> str
"""Decodes a Base64 URL-encoded string per RFC 7515.
Expand Down Expand Up @@ -171,11 +162,11 @@ def decipher_public_key(key_data):
# key data is actually a raw coordinate pair
key_data = base64url_decode(key_data)
key_len = len(key_data)
if key_len == 64:
if key_len == 65 and key_data[0] == '\x04':
return key_data
# Key format is "raw"
if key_len == 65 and key_data[0] == '\x04':
return key_data[-64:]
if key_len == 64:
return '\04' + key_data
# key format is "spki"
if key_len == 88 and key_data[:3] == '0V0':
return key_data[-64:]
Expand All @@ -188,18 +179,7 @@ def extract_jwt(token, crypto_key):
# first split and convert the jwt.
if not token or not crypto_key:
return {}

key = decipher_public_key(crypto_key)
vk = ecdsa.VerifyingKey.from_string(key, curve=ecdsa.NIST256p)
# jose offers jwt.decode(token, vk, ...) which does a full check
# on the JWT object. Vapid is a bit more creative in how it
# stores data into a JWT and breaks expectations. We would have to
# turn off most of the validation in order for it to be useful.
return jwt.decode(token, dict(keys=[vk]), options=dict(
verify_aud=False,
verify_sub=False,
verify_exp=False,
))
return jwt.decode(token, decipher_public_key(crypto_key))


def parse_user_agent(agent_string):
Expand Down

0 comments on commit 2b9da7b

Please sign in to comment.