Skip to content
This repository has been archived by the owner on Feb 27, 2023. It is now read-only.

Commit

Permalink
Merge pull request #282 from square/cs/jws-panic
Browse files Browse the repository at this point in the history
Better error handling around invalid headers
  • Loading branch information
csstaub authored Dec 16, 2019
2 parents f518123 + 363171a commit 4ef0f1b
Show file tree
Hide file tree
Showing 3 changed files with 52 additions and 5 deletions.
6 changes: 3 additions & 3 deletions jws.go
Original file line number Diff line number Diff line change
Expand Up @@ -102,14 +102,14 @@ func (sig Signature) mergedHeaders() rawHeader {
}

// Compute data to be signed
func (obj JSONWebSignature) computeAuthData(payload []byte, signature *Signature) []byte {
func (obj JSONWebSignature) computeAuthData(payload []byte, signature *Signature) ([]byte, error) {
var authData bytes.Buffer

protectedHeader := new(rawHeader)

if signature.original != nil && signature.original.Protected != nil {
if err := json.Unmarshal(signature.original.Protected.bytes(), protectedHeader); err != nil {
panic(err)
return nil, err
}
authData.WriteString(signature.original.Protected.base64())
} else if signature.protected != nil {
Expand All @@ -134,7 +134,7 @@ func (obj JSONWebSignature) computeAuthData(payload []byte, signature *Signature
authData.Write(payload)
}

return authData.Bytes()
return authData.Bytes(), nil
}

// parseSignedFull parses a message in full format.
Expand Down
39 changes: 39 additions & 0 deletions jws_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,8 +18,11 @@ package jose

import (
"crypto/x509"
"encoding/base64"
"strings"
"testing"

"github.com/stretchr/testify/assert"
)

const trustedCA = `
Expand Down Expand Up @@ -647,3 +650,39 @@ func TestDetachedCompactSerialization(t *testing.T) {
t.Fatalf("got '%s', expected '%s'", ser, msg)
}
}

func TestJWSComputeAuthDataBase64(t *testing.T) {
jws := JSONWebSignature{}

_, err := jws.computeAuthData([]byte{0x01}, &Signature{
original: &rawSignatureInfo{
Protected: newBuffer([]byte("{!invalid-json}")),
},
})
// Invalid header, should return error
assert.NotNil(t, err)

payload := []byte{0x01}
encodedPayload := base64.RawURLEncoding.EncodeToString(payload)

b64TrueHeader := newBuffer([]byte(`{"alg":"RSA-OAEP","enc":"A256GCM","b64":true}`))
b64FalseHeader := newBuffer([]byte(`{"alg":"RSA-OAEP","enc":"A256GCM","b64":false}`))

data, err := jws.computeAuthData(payload, &Signature{
original: &rawSignatureInfo{
Protected: b64TrueHeader,
},
})
assert.Nil(t, err)
// Payload should be b64 encoded
assert.Len(t, data, len(b64TrueHeader.base64())+len(encodedPayload)+1)

data, err = jws.computeAuthData(payload, &Signature{
original: &rawSignatureInfo{
Protected: b64FalseHeader,
},
})
assert.Nil(t, err)
// Payload should *not* be b64 encoded
assert.Len(t, data, len(b64FalseHeader.base64())+len(payload)+1)
}
12 changes: 10 additions & 2 deletions signing.go
Original file line number Diff line number Diff line change
Expand Up @@ -370,7 +370,11 @@ func (obj JSONWebSignature) DetachedVerify(payload []byte, verificationKey inter
}
}

input := obj.computeAuthData(payload, &signature)
input, err := obj.computeAuthData(payload, &signature)
if err != nil {
return ErrCryptoFailure
}

alg := headers.getSignatureAlgorithm()
err = verifier.verifyPayload(input, signature.Signature, alg)
if err == nil {
Expand Down Expand Up @@ -421,7 +425,11 @@ outer:
}
}

input := obj.computeAuthData(payload, &signature)
input, err := obj.computeAuthData(payload, &signature)
if err != nil {
continue
}

alg := headers.getSignatureAlgorithm()
err = verifier.verifyPayload(input, signature.Signature, alg)
if err == nil {
Expand Down

0 comments on commit 4ef0f1b

Please sign in to comment.