@@ -1835,3 +1835,55 @@ func TestValidateKey(t *testing.T) {
18351835 _ , err = jws .Verify (signed , jws .WithKey (jwa .RS256 , pubKey ), jws .WithValidateKey (true ))
18361836 require .NoError (t , err , `jws.Verify should succeed` )
18371837}
1838+
1839+ func TestEmptyProtectedField (t * testing.T ) {
1840+ // MEMO: this was the only test case from the original report
1841+ // This passes. It should produce an invalid JWS message, but
1842+ // that's not `jws.Parse`'s problem.
1843+ _ , err := jws .Parse ([]byte (`{"signature": ""}` ))
1844+ require .NoError (t , err , `jws.Parse should fail` )
1845+
1846+ // Also test that non-flattened serialization passes.
1847+ _ , err = jws .Parse ([]byte (`{"signatures": [{}]}` ))
1848+ require .NoError (t , err , `jws.Parse should fail` )
1849+
1850+ // MEMO: rest of the cases are present to be extra pedantic about it
1851+
1852+ privKey , err := jwxtest .GenerateRsaJwk ()
1853+ require .NoError (t , err , `jwxtest.GenerateRsaJwk should succeed` )
1854+
1855+ // This fails. `jws.Parse` works, but the subsequent verification
1856+ // workflow fails to verify anything without the presense of a signature or
1857+ // a protected header.
1858+ _ , err = jws .Verify ([]byte (`{"signature": ""}` ), jws .WithKey (jwa .RS256 , privKey ))
1859+ require .Error (t , err , `jws.Parse should fail` )
1860+
1861+ // Create a valid signatre.
1862+ signed , err := jws .Sign ([]byte ("Lorem Ipsum" ), jws .WithKey (jwa .RS256 , privKey ))
1863+ require .NoError (t , err , `jws.Sign should succeed` )
1864+
1865+ _ , payload , signature , err := jws .SplitCompact (signed )
1866+ require .NoError (t , err , `jws.SplitCompact should succeed` )
1867+
1868+ // This fails as well. we have a valid signature and a valid
1869+ // key to verify it, but no protected headers
1870+ _ , err = jws .Verify (
1871+ []byte (fmt .Sprintf (`{"signature": "%s"}` , signature )),
1872+ jws .WithKey (jwa .RS256 , privKey ),
1873+ )
1874+ require .Error (t , err , `jws.Verify should fail` )
1875+
1876+ // Test for cases when we have an incomplete compact form JWS
1877+ var buf bytes.Buffer
1878+ buf .WriteRune ('.' )
1879+ buf .Write (payload )
1880+ buf .WriteRune ('.' )
1881+ buf .Write (signature )
1882+ invalidMessage := buf .Bytes ()
1883+
1884+ // This is an error because the format is simply wrong.
1885+ // Whereas in the other JSON-based JWS's case the lack of protected field
1886+ // is not a SYNTAX error, this one is, and therefore we barf.
1887+ _ , err = jws .Parse (invalidMessage )
1888+ require .Error (t , err , `jws.Parse should fail` )
1889+ }
0 commit comments