P-521 Coordinates (x,y) are expected to be the same length and equal which is not always true

[mehmetg]

when decoding JWT tokens issued by keycloak I have come across x and y coordinate lengths 65 and 66 respectively and when this happens pyjwt throws this error.

raise InvalidKeyError("Coords should be 66 bytes for curve P-521")

Expected Result

It should allow coordinate lengths in [64, 66]
Ref: https://stackoverflow.com/questions/50002149/why-p-521-public-key-x-y-some-time-is-65-bytes-some-time-is-66-bytes

Actual Result

The library raised an invalid key error

Reproduction Steps

This example pointing to an internal keycloak deployment.

import jwt
from jwt import PyJWKClient
token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ik5FRTFRVVJCT1RNNE16STVSa0ZETlRZeE9UVTFNRGcyT0Rnd1EwVXpNVGsxUWpZeVJrUkZRdyJ9.eyJpc3MiOiJodHRwczovL2Rldi04N2V2eDlydS5hdXRoMC5jb20vIiwic3ViIjoiYVc0Q2NhNzl4UmVMV1V6MGFFMkg2a0QwTzNjWEJWdENAY2xpZW50cyIsImF1ZCI6Imh0dHBzOi8vZXhwZW5zZXMtYXBpIiwiaWF0IjoxNTcyMDA2OTU0LCJleHAiOjE1NzIwMDY5NjQsImF6cCI6ImFXNENjYTc5eFJlTFdVejBhRTJINmtEME8zY1hCVnRDIiwiZ3R5IjoiY2xpZW50LWNyZWRlbnRpYWxzIn0.PUxE7xn52aTCohGiWoSdMBZGiYAHwE5FYie0Y1qUT68IHSTXwXVd6hn02HTah6epvHHVKA2FqcFZ4GGv5VTHEvYpeggiiZMgbxFrmTEY0csL6VNkX1eaJGcuehwQCRBKRLL3zKmA5IKGy5GeUnIbpPHLHDxr-GXvgFzsdsyWlVQvPX2xjeaQ217r2PtxDeqjlf66UYl6oY6AqNS8DH3iryCvIfCcybRZkc_hdy-6ZMoKT6Piijvk_aXdm7-QQqKJFHLuEqrVSOuBqqiNfVrG27QzAPuPOxvfXTVLXL2jek5meH6n-VWgrBdoMFH93QEszEDowDAEhQPHVs0xj7SIzA"
kid = "NEE1QURBOTM4MzI5RkFDNTYxOTU1MDg2ODgwQ0UzMTk1QjYyRkRFQw"
url = "https://dev-87evx9ru.auth0.com/.well-known/jwks.json"
jwks_client = PyJWKClient(url)
signing_key = jwks_client.get_signing_key_from_jwt(token)
data = jwt.decode(token, signing_key.key, algorithms=["RS256"], audience="https://expenses-api", options={"verify_exp": False},)
print(data)

System Information

$ python -m jwt.help

{
  "cryptography": {
    "version": "35.0.0"
  },
  "implementation": {
    "name": "CPython",
    "version": "3.9.7"
  },
  "platform": {
    "release": "20.6.0",
    "system": "Darwin"
  },
  "pyjwt": {
    "version": "2.3.0"
  }
}

This command is only available on PyJWT v1.6.3 and greater. Otherwise,
please provide some basic information about your system.

[github-actions]

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days

[DylanYoung]

This looks like a valid issue to me.

[DylanYoung]

Seems like the proper fix is in to_jwk, not the validation.

[mehmetg]

Can we reopen?

[DylanYoung]

In case it helps, here's a rouch sketch of how I solved it for to_jwk. I'm not sure if there's anywhere else it needs to be fixed, but the JWK standard does specify that it should be 66 bytes, so if validation of another library's implementation is failing, I think that's an issue with those libraries:

ES_CURVES_MINIMUM_PARAMETER_LENGTH = {
    'P-521': 66,
}

def bytes_from_int(val: int, min_length=None) -> bytes:
    remaining = val
    byte_length = 0

    while remaining != 0:
        remaining >>= 8
        byte_length += 1

    if min_length and byte_length < min_length:
        byte_length = min_length

    return val.to_bytes(byte_length, "big", signed=False)


def to_base64url_uint(val: int, min_length=None) -> bytes:
    # See https://github.com/jpadilla/pyjwt/issues/709
    if val < 0:
        raise ValueError("Must be a positive integer")

    int_bytes = bytes_from_int(val, min_length=min_length)

    if len(int_bytes) == 0:
        int_bytes = b"\x00"

    return jwt.utils.base64url_encode(int_bytes)


class ECAlgorithm(with_metaclass(MonkeyPatchMeta, jwt.algorithms.ECAlgorithm)):
    @staticmethod
    def to_jwk(public_key):
        ...
        min_length = ES_CURVES_MINIMUM_PARAMETER_LENGTH.get(curve)

        return json.dumps({
            "crv": curve,
            "x": to_base64url_uint(numbers.x, min_length=min_length).decode("utf-8"),
            "y": to_base64url_uint(numbers.y, min_length=min_length).decode("utf-8"),
            "kty": "EC",
        })

[github-actions]

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days