Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

v2.0.18 #1022

Merged
merged 12 commits into from
Dec 3, 2023
9 changes: 9 additions & 0 deletions Changes
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,15 @@ Changes
v2 has many incompatibilities with v1. To see the full list of differences between
v1 and v2, please read the Changes-v2.md file (https://github.com/lestrrat-go/jwx/blob/develop/v2/Changes-v2.md)

v2.0.18 03 Dec 2023
[Security Fixes]
* [jwe] A large number in p2c parameter for PBKDF2 based encryptions could cause a DoS attack,
similar to https://nvd.nist.gov/vuln/detail/CVE-2022-36083. All users who use JWE via this
package should upgrade. While the JOSE spec allows for encryption using JWE on JWTs, users of
the `jwt` package are not immediately susceptible unless they explicitly try to decrypt
JWTs -- by default the `jwt` package verifies signatures, but does not decrypt messages.
[GHSA-7f9x-gw85-8grf]

v2.0.17 20 Nov 2023
[Bug Fixes]
* [jws] Previously, `jws.UnregisterSigner` did not remove the previous signer instance when
Expand Down
12 changes: 6 additions & 6 deletions deps.bzl
Original file line number Diff line number Diff line change
Expand Up @@ -122,8 +122,8 @@ def go_dependencies():
name = "org_golang_x_crypto",
build_file_proto_mode = "disable_global",
importpath = "golang.org/x/crypto",
sum = "h1:frVn1TEaCEaZcn3Tmd7Y2b5KKPaZ+I32Q2OA3kYp5TA=",
version = "v0.15.0",
sum = "h1:mMMrFzRSCF0GvB7Ne27XVtVAaXLrPmgPC7/v0tkwHaY=",
version = "v0.16.0",
)
go_repository(
name = "org_golang_x_mod",
Expand Down Expand Up @@ -152,15 +152,15 @@ def go_dependencies():
name = "org_golang_x_sys",
build_file_proto_mode = "disable_global",
importpath = "golang.org/x/sys",
sum = "h1:Vz7Qs629MkJkGyHxUlRHizWJRG2j8fbQKjELVSNhy7Q=",
version = "v0.14.0",
sum = "h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=",
version = "v0.15.0",
)
go_repository(
name = "org_golang_x_term",
build_file_proto_mode = "disable_global",
importpath = "golang.org/x/term",
sum = "h1:LGK9IlZ8T9jvdy6cTdfKUCltatMFOehAQo9SRC46UQ8=",
version = "v0.14.0",
sum = "h1:y/Oo/a/q3IXu26lQgl04j/gjuBDOBlx7X6Om1j2CPW4=",
version = "v0.15.0",
)

go_repository(
Expand Down
11 changes: 6 additions & 5 deletions examples/go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -36,8 +36,8 @@ github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5t
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
golang.org/x/crypto v0.3.1-0.20221117191849-2c476679df9a/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4=
golang.org/x/crypto v0.15.0 h1:frVn1TEaCEaZcn3Tmd7Y2b5KKPaZ+I32Q2OA3kYp5TA=
golang.org/x/crypto v0.15.0/go.mod h1:4ChreQoLWfG3xLDer1WdlH5NdlQ3+mwnQq1YTKY+72g=
golang.org/x/crypto v0.16.0 h1:mMMrFzRSCF0GvB7Ne27XVtVAaXLrPmgPC7/v0tkwHaY=
golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
Expand All @@ -59,21 +59,22 @@ golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.14.0 h1:Vz7Qs629MkJkGyHxUlRHizWJRG2j8fbQKjELVSNhy7Q=
golang.org/x/sys v0.14.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc=
golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo=
golang.org/x/term v0.14.0/go.mod h1:TySc+nGkYR6qt8km8wUhuFRTVSMIX3XPR58y2lC8vww=
golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
Expand Down
2 changes: 1 addition & 1 deletion go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -11,5 +11,5 @@ require (
github.com/lestrrat-go/option v1.0.1
github.com/segmentio/asm v1.2.0
github.com/stretchr/testify v1.8.4
golang.org/x/crypto v0.15.0
golang.org/x/crypto v0.16.0
)
11 changes: 6 additions & 5 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -32,8 +32,8 @@ github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXl
github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
golang.org/x/crypto v0.15.0 h1:frVn1TEaCEaZcn3Tmd7Y2b5KKPaZ+I32Q2OA3kYp5TA=
golang.org/x/crypto v0.15.0/go.mod h1:4ChreQoLWfG3xLDer1WdlH5NdlQ3+mwnQq1YTKY+72g=
golang.org/x/crypto v0.16.0 h1:mMMrFzRSCF0GvB7Ne27XVtVAaXLrPmgPC7/v0tkwHaY=
golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
Expand All @@ -52,19 +52,20 @@ golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBc
golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.14.0 h1:Vz7Qs629MkJkGyHxUlRHizWJRG2j8fbQKjELVSNhy7Q=
golang.org/x/sys v0.14.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo=
golang.org/x/term v0.14.0/go.mod h1:TySc+nGkYR6qt8km8wUhuFRTVSMIX3XPR58y2lC8vww=
golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
Expand Down
22 changes: 22 additions & 0 deletions jwe/jwe.go
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@
"crypto/rsa"
"fmt"
"io"
"sync"

"github.com/lestrrat-go/blackmagic"
"github.com/lestrrat-go/jwx/v2/internal/base64"
Expand All @@ -24,6 +25,21 @@
"github.com/lestrrat-go/jwx/v2/x25519"
)

var muSettings sync.RWMutex
var maxPBES2Count = 10000

func Settings(options ...GlobalOption) {
muSettings.Lock()
defer muSettings.Unlock()
//nolint:forcetypeassert
for _, option := range options {
switch option.Ident() {
case identMaxPBES2Count{}:
maxPBES2Count = option.Value().(int)
}
}
}

const (
fmtInvalid = iota
fmtCompact
Expand All @@ -48,8 +64,8 @@
func (w *keyEncrypterWrapper) EncryptKey(cek []byte) (keygen.ByteSource, error) {
encrypted, err := w.encrypter.EncryptKey(cek)
if err != nil {
return nil, err
}

Check warning on line 68 in jwe/jwe.go

View check run for this annotation

Codecov / codecov/patch

jwe/jwe.go#L67-L68

Added lines #L67 - L68 were not covered by tests
return keygen.ByteKey(encrypted), nil
}

Expand All @@ -69,8 +85,8 @@
if ke, ok := b.key.(KeyEncrypter); ok {
enc = &keyEncrypterWrapper{encrypter: ke}
if kider, ok := enc.(KeyIDer); ok {
keyID = kider.KeyID()
}

Check warning on line 89 in jwe/jwe.go

View check run for this annotation

Codecov / codecov/patch

jwe/jwe.go#L88-L89

Added lines #L88 - L89 were not covered by tests
} else if jwkKey, ok := b.key.(jwk.Key); ok {
// Meanwhile, grab the kid as well
keyID = jwkKey.KeyID()
Expand All @@ -88,23 +104,23 @@
case jwa.RSA1_5:
var pubkey rsa.PublicKey
if err := keyconv.RSAPublicKey(&pubkey, rawKey); err != nil {
return nil, nil, fmt.Errorf(`failed to generate public key from key (%T): %w`, rawKey, err)
}

Check warning on line 108 in jwe/jwe.go

View check run for this annotation

Codecov / codecov/patch

jwe/jwe.go#L107-L108

Added lines #L107 - L108 were not covered by tests

v, err := keyenc.NewRSAPKCSEncrypt(b.alg, &pubkey)
if err != nil {
return nil, nil, fmt.Errorf(`failed to create RSA PKCS encrypter: %w`, err)

Check warning on line 112 in jwe/jwe.go

View check run for this annotation

Codecov / codecov/patch

jwe/jwe.go#L112

Added line #L112 was not covered by tests
}
enc = v
case jwa.RSA_OAEP, jwa.RSA_OAEP_256:
var pubkey rsa.PublicKey
if err := keyconv.RSAPublicKey(&pubkey, rawKey); err != nil {
return nil, nil, fmt.Errorf(`failed to generate public key from key (%T): %w`, rawKey, err)

Check warning on line 118 in jwe/jwe.go

View check run for this annotation

Codecov / codecov/patch

jwe/jwe.go#L118

Added line #L118 was not covered by tests
}

v, err := keyenc.NewRSAOAEPEncrypt(b.alg, &pubkey)
if err != nil {
return nil, nil, fmt.Errorf(`failed to create RSA OAEP encrypter: %w`, err)

Check warning on line 123 in jwe/jwe.go

View check run for this annotation

Codecov / codecov/patch

jwe/jwe.go#L123

Added line #L123 was not covered by tests
}
enc = v
case jwa.A128KW, jwa.A192KW, jwa.A256KW,
Expand All @@ -112,8 +128,8 @@
jwa.PBES2_HS256_A128KW, jwa.PBES2_HS384_A192KW, jwa.PBES2_HS512_A256KW:
sharedkey, ok := rawKey.([]byte)
if !ok {
return nil, nil, fmt.Errorf(`invalid key: []byte required (%T)`, rawKey)
}

Check warning on line 132 in jwe/jwe.go

View check run for this annotation

Codecov / codecov/patch

jwe/jwe.go#L131-L132

Added lines #L131 - L132 were not covered by tests

var err error
switch b.alg {
Expand All @@ -125,8 +141,8 @@
enc, err = keyenc.NewAESGCMEncrypt(b.alg, sharedkey)
}
if err != nil {
return nil, nil, fmt.Errorf(`failed to create key wrap encrypter: %w`, err)
}

Check warning on line 145 in jwe/jwe.go

View check run for this annotation

Codecov / codecov/patch

jwe/jwe.go#L144-L145

Added lines #L144 - L145 were not covered by tests
// NOTE: there was formerly a restriction, introduced
// in PR #26, which disallowed certain key/content
// algorithm combinations. This seemed bogus, and
Expand All @@ -151,20 +167,20 @@
case x25519.PublicKey:
var apu, apv []byte
if hdrs := b.headers; hdrs != nil {
apu = hdrs.AgreementPartyUInfo()
apv = hdrs.AgreementPartyVInfo()
}

Check warning on line 172 in jwe/jwe.go

View check run for this annotation

Codecov / codecov/patch

jwe/jwe.go#L170-L172

Added lines #L170 - L172 were not covered by tests

v, err := keyenc.NewECDHESEncrypt(b.alg, calg, keysize, rawKey, apu, apv)
if err != nil {
return nil, nil, fmt.Errorf(`failed to create ECDHS key wrap encrypter: %w`, err)
}

Check warning on line 177 in jwe/jwe.go

View check run for this annotation

Codecov / codecov/patch

jwe/jwe.go#L176-L177

Added lines #L176 - L177 were not covered by tests
enc = v
default:
var pubkey ecdsa.PublicKey
if err := keyconv.ECDSAPublicKey(&pubkey, rawKey); err != nil {
return nil, nil, fmt.Errorf(`failed to generate public key from key (%T): %w`, key, err)
}

Check warning on line 183 in jwe/jwe.go

View check run for this annotation

Codecov / codecov/patch

jwe/jwe.go#L182-L183

Added lines #L182 - L183 were not covered by tests

var apu, apv []byte
if hdrs := b.headers; hdrs != nil {
Expand All @@ -174,18 +190,18 @@

v, err := keyenc.NewECDHESEncrypt(b.alg, calg, keysize, &pubkey, apu, apv)
if err != nil {
return nil, nil, fmt.Errorf(`failed to create ECDHS key wrap encrypter: %w`, err)
}

Check warning on line 194 in jwe/jwe.go

View check run for this annotation

Codecov / codecov/patch

jwe/jwe.go#L193-L194

Added lines #L193 - L194 were not covered by tests
enc = v
}
case jwa.DIRECT:
sharedkey, ok := rawKey.([]byte)
if !ok {
return nil, nil, fmt.Errorf("invalid key: []byte required")
}

Check warning on line 201 in jwe/jwe.go

View check run for this annotation

Codecov / codecov/patch

jwe/jwe.go#L200-L201

Added lines #L200 - L201 were not covered by tests
enc, _ = keyenc.NewNoop(b.alg, sharedkey)
default:
return nil, nil, fmt.Errorf(`invalid key encryption algorithm (%s)`, b.alg)

Check warning on line 204 in jwe/jwe.go

View check run for this annotation

Codecov / codecov/patch

jwe/jwe.go#L203-L204

Added lines #L203 - L204 were not covered by tests
}
}

Expand Down Expand Up @@ -354,8 +370,8 @@
generator := keygen.NewRandom(contentcrypt.KeySize())
bk, err := generator.Generate()
if err != nil {
return nil, fmt.Errorf(`jwe.Encrypt: failed to generate key: %w`, err)
}

Check warning on line 374 in jwe/jwe.go

View check run for this annotation

Codecov / codecov/patch

jwe/jwe.go#L373-L374

Added lines #L373 - L374 were not covered by tests
cek = bk.Bytes()
}

Expand Down Expand Up @@ -590,8 +606,8 @@

if keyUsed != nil {
if err := blackmagic.AssignIfCompatible(keyUsed, key); err != nil {
return nil, fmt.Errorf(`failed to assign used key (%T) to %T: %w`, key, keyUsed, err)
}

Check warning on line 610 in jwe/jwe.go

View check run for this annotation

Codecov / codecov/patch

jwe/jwe.go#L609-L610

Added lines #L609 - L610 were not covered by tests
}
return decrypted, nil
}
Expand Down Expand Up @@ -664,24 +680,24 @@
if ok {
ivB64Str, ok := ivB64.(string)
if !ok {
return nil, fmt.Errorf("unexpected type for 'iv': %T", ivB64)
}

Check warning on line 684 in jwe/jwe.go

View check run for this annotation

Codecov / codecov/patch

jwe/jwe.go#L683-L684

Added lines #L683 - L684 were not covered by tests
iv, err := base64.DecodeString(ivB64Str)
if err != nil {
return nil, fmt.Errorf(`failed to b64-decode 'iv': %w`, err)
}

Check warning on line 688 in jwe/jwe.go

View check run for this annotation

Codecov / codecov/patch

jwe/jwe.go#L687-L688

Added lines #L687 - L688 were not covered by tests
dec.KeyInitializationVector(iv)
}
tagB64, ok := h2.Get(TagKey)
if ok {
tagB64Str, ok := tagB64.(string)
if !ok {
return nil, fmt.Errorf("unexpected type for 'tag': %T", tagB64)
}

Check warning on line 696 in jwe/jwe.go

View check run for this annotation

Codecov / codecov/patch

jwe/jwe.go#L695-L696

Added lines #L695 - L696 were not covered by tests
tag, err := base64.DecodeString(tagB64Str)
if err != nil {
return nil, fmt.Errorf(`failed to b64-decode 'tag': %w`, err)
}

Check warning on line 700 in jwe/jwe.go

View check run for this annotation

Codecov / codecov/patch

jwe/jwe.go#L699-L700

Added lines #L699 - L700 were not covered by tests
dec.KeyTag(tag)
}
case jwa.PBES2_HS256_A128KW, jwa.PBES2_HS384_A192KW, jwa.PBES2_HS512_A256KW:
Expand All @@ -702,6 +718,12 @@
if !ok {
return nil, fmt.Errorf("unexpected type for 'p2c': %T", count)
}
muSettings.RLock()
maxCount := maxPBES2Count
muSettings.RUnlock()
if countFlt > float64(maxCount) {
return nil, fmt.Errorf("invalid 'p2c' value")
}
salt, err := base64.DecodeString(saltB64Str)
if err != nil {
return nil, fmt.Errorf(`failed to b64-decode 'salt': %w`, err)
Expand Down
48 changes: 48 additions & 0 deletions jwe/jwe_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -911,3 +911,51 @@ func TestGH1001(t *testing.T) {
require.Equal(t, "Lorem Ipsum", string(decrypted), `decrypted message should match`)
require.NotNil(t, cek, `cek should not be nil`)
}

func TestGHSA_7f9x_gw85_8grf(t *testing.T) {
token := []byte("eyJhbGciOiJQQkVTMi1IUzI1NitBMTI4S1ciLCJlbmMiOiJBMjU2R0NNIiwicDJjIjoyMDAwMDAwMDAwLCJwMnMiOiJNNzczSnlmV2xlX2FsSXNrc0NOTU9BIn0=.S8B1kXdIR7BM6i_TaGsgqEOxU-1Sgdakp4mHq7UVhn-_REzOiGz2gg.gU_LfzhBXtQdwYjh.9QUIS-RWkLc.m9TudmzUoCzDhHsGGfzmCA")
key, err := jwk.FromRaw([]byte(`abcdefg`))
require.NoError(t, err, `jwk.FromRaw should succeed`)

{
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
defer cancel()

done := make(chan struct{})
go func(t *testing.T, done chan struct{}) {
_, err := jwe.Decrypt(token, jwe.WithKey(jwa.PBES2_HS256_A128KW, key))
require.Error(t, err, `jwe.Decrypt should fail`)
close(done)
}(t, done)

select {
case <-done:
case <-ctx.Done():
require.Fail(t, "jwe.Decrypt should not block")
}
}

// NOTE: HAS GLOBAL EFFECT
// Should allow for timeout to occur
jwe.Settings(jwe.WithMaxPBES2Count(100000000000000000))

// put it back to normal after the test
defer jwe.Settings(jwe.WithMaxPBES2Count(10000))
{
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
defer cancel()

done := make(chan struct{})
go func(done chan struct{}) {
_, _ = jwe.Decrypt(token, jwe.WithKey(jwa.PBES2_HS256_A128KW, key))
close(done)
}(done)

select {
case <-done:
require.Fail(t, "jwe.Decrypt should block")
case <-ctx.Done():
// timeout occurred as it should
}
}
}
10 changes: 10 additions & 0 deletions jwe/options.yaml
Original file line number Diff line number Diff line change
@@ -1,6 +1,9 @@
package_name: jwe
output: jwe/options_gen.go
interfaces:
- name: GlobalOption
comment: |
GlobalOption describes options that changes global settings for this package
- name: CompactOption
comment: |
CompactOption describes options that can be passed to `jwe.Compact`
Expand Down Expand Up @@ -129,3 +132,10 @@ options:

This option is currently considered EXPERIMENTAL, and is subject to
future changes across minor/micro versions.
- ident: MaxPBES2Count
interface: GlobalOption
argument_type: int
comment: |
WithMaxPBES2Count specifies the maximum number of PBES2 iterations
to use when decrypting a message. If not specified, the default
value of 10,000 is used.
24 changes: 24 additions & 0 deletions jwe/options_gen.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions jwe/options_gen_test.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading