wfe: Separately handle badSignature at JWS parse time#8091
Merged
Conversation
cc85f6f to
15b93b8
Compare
15b93b8 to
bc4b205
Compare
Member
|
Thanks for taking the time to submit this PR. We're working on a PR to https://github.com/go-jose/go-jose that will make this detection considerably easier: go-jose/go-jose#181 |
Member
|
#8106 pulls in an exported error that you can unwrap in the WFE. |
f058524 to
6318381
Compare
beautifulentropy
requested changes
Apr 8, 2025
beautifulentropy
previously approved these changes
Apr 8, 2025
Member
|
Thanks for the contribution, I'll have another team member get their eyes on this code soon. |
Co-authored-by: Samantha Frank <hello@entropy.cat>
beautifulentropy
approved these changes
Apr 8, 2025
jprenken
approved these changes
Apr 8, 2025
jsha
approved these changes
Apr 8, 2025
jsha
left a comment
Contributor
There was a problem hiding this comment.
Sweet, thanks for spotting this and fixing it! 🎉
mcpherrinm
pushed a commit
to letsencrypt/pebble
that referenced
this pull request
May 7, 2025
Pebble didn't have badSignatureAlgorithm error, while RFC8555 section 6.2 mandates it. jws parse time check for bad algorithm is needed because same as jose.parsesigned refuese to parse without algolist(which is good thing) so error already thrown at that time and we need to catch this type of error there. see related boulder PR letsencrypt/boulder#8091 --------- Co-authored-by: Aaron Gable <aaron@aarongable.com>
sheurich
pushed a commit
to sheurich/boulder
that referenced
this pull request
Jun 13, 2025
solve letsencrypt#8088 RFC8555 6.2 requires badSignatureAlgorithm on unacceptable JWS signing algorithm, but current boulder return malform:failed to parse jws error instead Its because this only checks about JWS protected header's signature algorithm, current checkAlgorithm is while too late to catch parse time error but not redundant, as it checks against a key and signed message --------- Co-authored-by: Samantha Frank <hello@entropy.cat>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
solve #8088
RFC8555 6.2 requires badSignatureAlgorithm on unacceptable JWS signing algorithm, but current boulder return malform:failed to parse jws error instead
Its because this only checks about JWS protected header's signature algorithm, current checkAlgorithm is while too late to catch parse time error but not redundant, as it checks against a key and signed message