From 96a7660f2906c8012326eb955eb77f810feed80e Mon Sep 17 00:00:00 2001 From: Stephan Renatus Date: Thu, 6 Oct 2022 12:48:38 +0200 Subject: [PATCH] topdown/tokens: protect against nistec panics With Golang 1.19, the code used in crypto/elliptic has switched to nistec, and this introduced new panics where there hadn't been any before. To play along with this, we're adding defer/recover constructs. It's only about bad inputs; none of those offending points could ever be valid. Signed-off-by: Stephan Renatus --- topdown/tokens.go | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/topdown/tokens.go b/topdown/tokens.go index 9e39d0978c..5309cd0be6 100644 --- a/topdown/tokens.go +++ b/topdown/tokens.go @@ -254,7 +254,12 @@ func builtinJWTVerifyES512(bctx BuiltinContext, args []*ast.Term, iter func(*ast return err } -func verifyES(publicKey interface{}, digest []byte, signature []byte) error { +func verifyES(publicKey interface{}, digest []byte, signature []byte) (err error) { + defer func() { + if r := recover(); r != nil { + err = fmt.Errorf("ECDSA signature verification error: %v", r) + } + }() publicKeyEcdsa, ok := publicKey.(*ecdsa.PublicKey) if !ok { return fmt.Errorf("incorrect public key type") @@ -783,7 +788,12 @@ func verifyRSAPSS(key interface{}, hash crypto.Hash, digest []byte, signature [] return nil } -func verifyECDSA(key interface{}, hash crypto.Hash, digest []byte, signature []byte) error { +func verifyECDSA(key interface{}, hash crypto.Hash, digest []byte, signature []byte) (err error) { + defer func() { + if r := recover(); r != nil { + err = fmt.Errorf("ECDSA signature verification error: %v", r) + } + }() publicKeyEcdsa, ok := key.(*ecdsa.PublicKey) if !ok { return fmt.Errorf("incorrect public key type")