From 023b88f445c9e5be167f074018b0482f9d07dcfb Mon Sep 17 00:00:00 2001 From: lestrrat <49281+lestrrat@users.noreply.github.com> Date: Sun, 3 Dec 2023 16:14:10 +0900 Subject: [PATCH] Fix p2c (#1025) * Fix p2c handling * Update Changes --- Changes | 8 +++++++- jwe/message.go | 5 +++++ 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/Changes b/Changes index 14c01d5ee..0f06ccb2b 100644 --- a/Changes +++ b/Changes @@ -2,7 +2,13 @@ Changes ======= v1.2.27 - UNRELEASED -[Buf xies] +[Security] + * [jwe] A large number in p2c parameter for PBKDF2 based encryptions could cause a DoS attack, + similar to https://nvd.nist.gov/vuln/detail/CVE-2022-36083. All users should upgrade, as + unlike v2, v1 attempts to decrypt JWEs on JWTs by default. + [GHSA-7f9x-gw85-8grf] + +[Bug xies] * [jwk] jwk.Set(jwk.KeyOpsKey, ) now works (previously, either Set(.., ) or Set(..., []jwk.KeyOperation{...}) worked, but not a single jwk.KeyOperation diff --git a/jwe/message.go b/jwe/message.go index 6609a6924..9559877e3 100644 --- a/jwe/message.go +++ b/jwe/message.go @@ -612,6 +612,11 @@ func doDecryptCtx(dctx *decryptCtx) ([]byte, error) { if !ok { return nil, errors.Errorf("unexpected type for 'p2c': %T", count) } + // in v1, this number is hardcoded to 10000. Use v2 if you need to + // finetune this value + if countFlt > 10000 { + return nil, errors.Errorf("invalid value for 'p2c'") + } salt, err := base64.DecodeString(saltB64Str) if err != nil { return nil, errors.Wrap(err, "failed to b64-decode 'salt'")