JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. This information can be verified and trusted through a digital signature. JWTs can be signed using a secret (with the HMAC algorithm) or a public/private key pair using RSA or ECDSA.

JWT Best Practices require human-memorizable passwords MUST NOT be directly used as the key to a keyed-MAC algorithm such as “HS256”. RFC 7518 recommends to use a password that is as large as (or larger than) the derived key length in JSON web algorithms. Common JWT signature algorithms are HS256, HS384, and HS512.

Popular JWT libraries offer a method to set signing key with a handy string argument in addition to the method with a byte array argument taking the binary cryptographic key. It is a common mistake that JWT users are confused by the method signature and attempted to use raw password strings as the key argument, which is almost always incorrect for cryptographic hashes and can produce insecure results.

Signature algorithms are vulnerable to brute force attack when a weak key of shorter length is used. This query detect uses of signature algorithms with a weak key of shorter length. It checks the following three scenarios with two popular JWT frameworks jjwt and jose4j:

• Weak keys allowed by jjwt builds before version 0.10.0 released on July 30, 2018 that are still being used by many GitHub repositories
• Weak keys explicitly enabled by jose4j through the method call of relaxing key validation
• Weak keys hashed to meet the length requirement but don't have have sufficient entropy

Please consider to merge the PR. Thanks.