New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add checks for octet length of X, Y, and D #210

merged 4 commits into from Dec 5, 2018


3 participants

jsha commented Dec 5, 2018

The JWK spec says these fields in EC keys MUST be a fixed length, but go-jose wasn't
checking their length on input. I got a report from the Let's Encrypt forums that this
caused some confusion with certain software that was generating invalid JWKs. Boulder
(using go-jose) ingested those keys just fine, but output a different (valid) encoding.

This change enforces the correct length on parsing. It also changes some t.Errorf to
t.Fatalf that I noticed during testing. The t.Fatalf checks are for failures that prevent
the test from meaningfully continuing.


This comment has been minimized.

CLAassistant commented Dec 5, 2018

CLA assistant check
All committers have signed the CLA.


csstaub approved these changes Dec 5, 2018


This comment has been minimized.


csstaub commented Dec 5, 2018

This looks good to me. Thank you @jsha!

@csstaub csstaub merged commit 7241509 into square:v2 Dec 5, 2018

2 checks passed

continuous-integration/travis-ci/pr The Travis CI build passed
license/cla Contributor License Agreement is signed.

This comment has been minimized.


csstaub commented Dec 5, 2018

(I'll release this in a v2.2.1 later today)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment