# Improper Verification of Cryptographic Signature (CWE-347) The product does not verify, or incorrectly verifies, the cryptographic signature for data. **Stack:** JavaScript - Prevalence: 높음 자주 악용됨 - Impact: 치명적 1개의 치명적 심각도 규칙 - Prevention: 문서화됨 4개의 수정 예시 **OWASP:** Cryptographic Failures (A02:2021-Cryptographic Failures) - #2 ## Description Cryptographic signatures are used to verify the authenticity and integrity of data. When signature verification is missing or incorrectly implemented, attackers can forge or tamper with data. ## Prevention 1개의 Shoulder 탐지 규칙을 기반으로 한 Improper Signature Verification 예방 전략. ### Key Practices - Use of jwt ### JavaScript Use jwt.verify() instead of jwt.decode() to validate token signatures ## Warning Signs - [HIGH] use of jwt ## Consequences - 보호 메커니즘 우회 - 승인되지 않은 코드 실행 - 애플리케이션 데이터 수정 ## Mitigations - 데이터를 신뢰하기 전에 항상 서명을 검증하세요 - 서명 검증에는 충분히 검증된 암호 라이브러리를 사용하세요 - JWT는 서명을 항상 검증하고 알고리즘도 검증하세요 ## Detection - Total rules: 4 - Critical: 1 - Languages: python, go, javascript, typescript ## Rules by Language ### Javascript (1 rules) - **JWT Decode Without Verification** [HIGH]: Detects use of jwt.decode() without proper verification, leading to authentication bypass. jwt.decode() decodes a JWT token WITHOUT verifying its signature. This means an attacker can create a token with any payload they want, and the application will trust it. Common mistakes: - Using jwt.decode() instead of jwt.verify() - Decoding token for inspection then trusting the payload - Using decoded payload for authorization decisions The decoded payload should NEVER be trusted for security decisi - Remediation: Use jwt.verify() instead of jwt.decode() to validate the signature: ```javascript const jwt = require('jsonwebtoken'); app.post('/api/auth/verify', (req, res) => { const { token } = req.body; try { const decoded = jwt.verify(token, process.env.JWT_SECRET, { algorithms: ['RS256'] }); res.json({ user: decoded }); } catch (error) { res.status(401).json({ error: 'Invalid token' }); } }); ``` Learn more: https://shoulder.dev/learn/javascript/cwe-347/jwt-decode-without-verify ### Typescript (1 rules) - **JWT Decode Without Verification** [HIGH]: Detects use of jwt.decode() without proper verification, leading to authentication bypass. jwt.decode() decodes a JWT token WITHOUT verifying its signature. This means an attacker can create a token with any payload they want, and the application will trust it. Common mistakes: - Using jwt.decode() instead of jwt.verify() - Decoding token for inspection then trusting the payload - Using decoded payload for authorization decisions The decoded payload should NEVER be trusted for security decisi - Remediation: Use jwt.verify() instead of jwt.decode() to validate the signature: ```javascript const jwt = require('jsonwebtoken'); app.post('/api/auth/verify', (req, res) => { const { token } = req.body; try { const decoded = jwt.verify(token, process.env.JWT_SECRET, { algorithms: ['RS256'] }); res.json({ user: decoded }); } catch (error) { res.status(401).json({ error: 'Invalid token' }); } }); ``` Learn more: https://shoulder.dev/learn/javascript/cwe-347/jwt-decode-without-verify