Update signature tests for the protected-header "alg" requirement#651
Merged
Conversation
Following the algorithm-confusion fix (GHSA-jc38-x7x8-2xc8), JWSVerifier reads "alg" only from the integrity-protected header and rejects a JWS whose "alg" is absent from it. Three existing tests asserted the previous behaviour where "alg" could come from the unprotected header (RFC 7520 §4.7 / §4.8 examples); they now assert that such tokens are rejected, and the expected exception message is updated accordingly. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
wheakerd
pushed a commit
to wheakerd/jwt-framework
that referenced
this pull request
Jun 7, 2026
* 3.4.x: Update signature tests for the protected-header "alg" requirement (web-token#651) Merge commit from fork Merge commit from fork Merge commit from fork Merge commit from fork Add sodium support for Base64 URL safe encoding/decoding (web-token#644) Allow `psr/cache` v2 (web-token#620) Fix call function on null (web-token#596) Add RangeException to Base64UrlSafe (web-token#577) Add Base64UrlSafe utility and refactor code references (web-token#576) # Conflicts: # composer.json # phpstan-baseline.neon # src/Bundle/DataCollector/JWECollector.php # src/Experimental/KeyEncryption/AESCTR.php # src/Experimental/KeyEncryption/Chacha20Poly1305.php # src/Experimental/Signature/Blake2b.php # src/Library/Console/GeneratorCommand.php # src/Library/Core/JWK.php # src/Library/Core/Util/Base64UrlSafe.php # src/Library/Encryption/Algorithm/ContentEncryption/AESCBCHS.php # src/Library/Encryption/Algorithm/ContentEncryption/AESGCM.php # src/Library/Encryption/Algorithm/KeyEncryption/AESGCMKW.php # src/Library/Encryption/Algorithm/KeyEncryption/AESKW.php # src/Library/Encryption/Algorithm/KeyEncryption/AbstractECDH.php # src/Library/Encryption/Algorithm/KeyEncryption/Dir.php # src/Library/Encryption/Algorithm/KeyEncryption/PBES2AESKW.php # src/Library/Encryption/Algorithm/KeyEncryption/RSA15.php # src/Library/Encryption/Algorithm/KeyEncryption/Util/ConcatKDF.php # src/Library/Encryption/Algorithm/KeyEncryption/Util/RSACrypt.php # src/Library/Encryption/Serializer/CompactSerializer.php # src/Library/Encryption/Serializer/JSONFlattenedSerializer.php # src/Library/Encryption/Serializer/JSONGeneralSerializer.php # src/Library/KeyManagement/Analyzer/ESKeyAnalyzer.php # src/Library/KeyManagement/Analyzer/HSKeyAnalyzer.php # src/Library/KeyManagement/Analyzer/OctAnalyzer.php # src/Library/KeyManagement/Analyzer/RsaAnalyzer.php # src/Library/KeyManagement/Analyzer/ZxcvbnKeyAnalyzer.php # src/Library/Signature/Algorithm/EdDSA.php # src/Library/Signature/Algorithm/HMAC.php # src/Library/Signature/Serializer/CompactSerializer.php # src/Library/Signature/Serializer/JSONFlattenedSerializer.php # src/Library/Signature/Serializer/JSONGeneralSerializer.php # src/Library/composer.json # tests/Bundle/JoseFramework/Functional/Encryption/JWECollectorTest.php # tests/Bundle/JoseFramework/Functional/KeyManagement/JWKLoaderTest.php # tests/Component/Encryption/RFC7520/A128KWAndA128GCMEncryptionWithCompressionTest.php # tests/Component/KeyManagement/JWKFactoryTest.php
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Contexte
Le correctif GHSA-jc38-x7x8-2xc8 (algorithm confusion) a durci
JWSVerifier::getAlgorithm(): le paramètrealgest désormais lu uniquement dans le header protégé en intégrité (RFC 7515 §4.1.1), et un JWS dont lealgn'y figure pas est rejeté.Trois tests existants validaient l'ancien comportement (cas RFC 7520 §4.7 / §4.8 où
algprovient du header non protégé) et étaient donc rouges sur3.4.xdepuis le merge de l'advisory (release3.4.10).Changements
SignerTest::signAndLoadWithoutAlgParameterInTheHeader: message d'exception attendu mis à jour (No "alg" parameter set in the protected header.).HMACFromRFC7520Test::hS256WithoutProtectedHeader: la construction/sérialisation du token RFC §4.7 reste vérifiée ; la vérification d'unalgnon protégé est désormais attendue comme rejetée.MultipleSignaturesTest::multipleSignatures: les signatures avecalgprotégé (RS256, HS256) restent valides ; la signature ES512 (alg non protégé) est attendue comme rejetée.Aucun code de production modifié : seuls des tests sont mis à jour pour refléter le comportement sécurisé.
Validation
OK (111 tests, 313 assertions).