From e7bfb40a324c806c350f4c87cd41e3b83033377e Mon Sep 17 00:00:00 2001
From: Matthew Wild <mwild1@gmail.com>
Date: Fri, 30 Sep 2022 20:38:31 +0100
Subject: util.jwt: More robust ECDSA signature parsing, fail early on
 unexpected length

---
 util/jwt.lua | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'util')

diff --git a/util/jwt.lua b/util/jwt.lua
index 0c878efb..42a9f7f2 100644
--- a/util/jwt.lua
+++ b/util/jwt.lua
@@ -141,8 +141,12 @@ local function new_ecdsa_algorithm(name, c_sign, c_verify, sig_bytes)
 		return r..s;
 	end
 
+	local expected_sig_length = sig_bytes*2;
 	local function decode_ecdsa_sig(jwk_sig)
-		return crypto.build_ecdsa_signature(jwk_sig:sub(1, sig_bytes), jwk_sig:sub(sig_bytes+1, sig_bytes*2));
+		if #jwk_sig ~= expected_sig_length then
+			return nil;
+		end
+		return crypto.build_ecdsa_signature(jwk_sig:sub(1, sig_bytes), jwk_sig:sub(sig_bytes+1));
 	end
 	return new_crypto_algorithm(name, "id-ecPublicKey", c_sign, c_verify, encode_ecdsa_sig, decode_ecdsa_sig);
 end
-- 
cgit v1.2.3