# Improper Verification of Cryptographic Signature (CWE-347) The product does not verify, or incorrectly verifies, the cryptographic signature for data. **Stack:** JavaScript - Prevalence: 高 频繁被利用 - Impact: 关键 1 条严重级别为关键的规则 - Prevention: 已记录 4 个修复示例 **OWASP:** Cryptographic Failures (A02:2021-Cryptographic Failures) - #2 ## Description Cryptographic signatures are used to verify the authenticity and integrity of data. When signature verification is missing or incorrectly implemented, attackers can forge or tamper with data. ## Prevention 基于 1 条 Shoulder 检测规则的 Improper Signature Verification 预防策略。 ### Key Practices - Use of jwt ### JavaScript Use jwt.verify() instead of jwt.decode() to validate token signatures ## Warning Signs - [HIGH] use of jwt ## Consequences - 绕过保护机制 - 执行未授权代码 - 修改应用程序数据 ## Mitigations - 在信任数据之前始终验证签名 - 对签名验证使用经过充分测试的加密库 - 对 JWT,始终验证签名并校验算法 ## Detection - Total rules: 4 - Critical: 1 - Languages: python, go, javascript, typescript ## Rules by Language ### Javascript (1 rules) - **JWT Decode Without Verification** [HIGH]: Detects use of jwt.decode() without proper verification, leading to authentication bypass. jwt.decode() decodes a JWT token WITHOUT verifying its signature. This means an attacker can create a token with any payload they want, and the application will trust it. Common mistakes: - Using jwt.decode() instead of jwt.verify() - Decoding token for inspection then trusting the payload - Using decoded payload for authorization decisions The decoded payload should NEVER be trusted for security decisi - Remediation: Use jwt.verify() instead of jwt.decode() to validate the signature: ```javascript const jwt = require('jsonwebtoken'); app.post('/api/auth/verify', (req, res) => { const { token } = req.body; try { const decoded = jwt.verify(token, process.env.JWT_SECRET, { algorithms: ['RS256'] }); res.json({ user: decoded }); } catch (error) { res.status(401).json({ error: 'Invalid token' }); } }); ``` Learn more: https://shoulder.dev/learn/javascript/cwe-347/jwt-decode-without-verify ### Typescript (1 rules) - **JWT Decode Without Verification** [HIGH]: Detects use of jwt.decode() without proper verification, leading to authentication bypass. jwt.decode() decodes a JWT token WITHOUT verifying its signature. This means an attacker can create a token with any payload they want, and the application will trust it. Common mistakes: - Using jwt.decode() instead of jwt.verify() - Decoding token for inspection then trusting the payload - Using decoded payload for authorization decisions The decoded payload should NEVER be trusted for security decisi - Remediation: Use jwt.verify() instead of jwt.decode() to validate the signature: ```javascript const jwt = require('jsonwebtoken'); app.post('/api/auth/verify', (req, res) => { const { token } = req.body; try { const decoded = jwt.verify(token, process.env.JWT_SECRET, { algorithms: ['RS256'] }); res.json({ user: decoded }); } catch (error) { res.status(401).json({ error: 'Invalid token' }); } }); ``` Learn more: https://shoulder.dev/learn/javascript/cwe-347/jwt-decode-without-verify