Header types are not validated #82
Assignees
Milestone
Comments
|
Agreeing to take as it makes it consistent with t_cose |
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Section 3.1 of RFC 8152 defines a number of common COSE header parameters and their associated value types. Applications using the go-cose library may rely on COSE-defined headers decoded by the library to be of a specified type. For example, the COSE specification defines the content-type header to be of type either text string or unsigned integer. The go-cose library currently only validates the alg and crit parameters.
An application using go-cose to verify and validate incoming COSE messages may for example use the content-type header to index a map, expecting the content type to be a valid string or integer. If that assumption is violated, a malicious message may cause a panic in the receiver.
The lack of validation also allows users to serialize messages that will be rejected by other conforming COSE libraries - for example https://github.com/laurencelundblade/t_cose rejects messages with incorrect header types.
The implementation should validate common header types, and/or clearly document which headers are validated.
The text was updated successfully, but these errors were encountered: