Hi. I decided to use itsdangerous for signing in some application. T

Changing character in signature base64 doesn't invalidate signature about itsdangerous HOT 5 CLOSED

pallets commented on August 23, 2024

Changing character in signature base64 doesn't invalidate signature

from itsdangerous.

Comments (5)

mitsuhiko commented on August 23, 2024

Hmm. Wondering if that is a problem or not. The only thing that you changed is the transport format, not the payload.

from itsdangerous.

fmarczin commented on August 23, 2024

I see the same thing, and I wonder if that's expected behaviour.

Here's my test case:

In [0]: import itsdangerous as its
        s = its.Signer('admin123')
        ssig = s.sign('My String')
        ssig

Out[0]: 'My String.PZm3orlKYIkiG7WgwPQcrKSwmRE'

In [1]: for lastchar in 'CDEFGHIJ':
            sig = ssig[:-1] + lastchar
            try:
                print('{}: {}'.format(sig, s.unsign(sig)))
            except its.BadSignature:
                print('{}: Bad'.format(sig))

My String.PZm3orlKYIkiG7WgwPQcrKSwmRC: Bad
My String.PZm3orlKYIkiG7WgwPQcrKSwmRD: Bad
My String.PZm3orlKYIkiG7WgwPQcrKSwmRE: My String
My String.PZm3orlKYIkiG7WgwPQcrKSwmRF: My String
My String.PZm3orlKYIkiG7WgwPQcrKSwmRG: My String
My String.PZm3orlKYIkiG7WgwPQcrKSwmRH: My String
My String.PZm3orlKYIkiG7WgwPQcrKSwmRI: Bad
My String.PZm3orlKYIkiG7WgwPQcrKSwmRJ: Bad

from itsdangerous.

baubie commented on August 23, 2024

I don't see this as a security issue as the whole point of itsdangerous is to verify a payload was not modified. We do this by creating a signature that, theoretically, only a trusted user can produce. In my mind, unless this makes it easier for an attacker to forge signatures or create new signatures based on existing ones, I don't see it as a security threat.

from itsdangerous.