Use go-jose for JWS parsing#463
Closed
asweet-confluent wants to merge 1 commit into
Closed
Conversation
Collaborator
|
Thanks so much for brining this up! Thinking about this, if we're going to try to be resistant to pre-signature validation memory consumption, we probably want to reverse the order of operations and verify the JWT signature before checking claims. Currently we parse the JWT first to throw out bad values. As it stands, you can craft a payload that causes excessive memory allocation. Imagine some claims that look like the following. That'd have basically the same affect as the CVE you've linked to. Would you like to update this PR to do that? I'm happy to do that if not. |
Author
|
That's a good idea; please take it up if you have the time. |
ericchiang
added a commit
to ericchiang/go-oidc
that referenced
this pull request
Jul 30, 2025
This change updates the verification logic of this library to first validate the ID Token instead of parsing claims. This hopefully makes it harder for a malicious client to provide an invalid token for validation that's crafted to cause this package to over-allocate memory. See the associated bug and CVE-2025-27144. Fixes coreos#463
ericchiang
added a commit
to ericchiang/go-oidc
that referenced
this pull request
Jul 30, 2025
This change updates the verification logic of this library to first validate the ID Token instead of parsing claims. This hopefully makes it harder for a malicious client to provide an invalid token for validation that's crafted to cause this package to over-allocate memory. See the associated bug and CVE-2025-27144. Fixes coreos#463
Collaborator
|
I went ahead and tagged https://github.com/coreos/go-oidc/releases/tag/v3.15.0 Thanks so much for reporting! |
a4180p
pushed a commit
to a4180p/go-oidc
that referenced
this pull request
Aug 8, 2025
This change updates the verification logic of this library to first validate the ID Token instead of parsing claims. This hopefully makes it harder for a malicious client to provide an invalid token for validation that's crafted to cause this package to over-allocate memory. See the associated bug and CVE-2025-27144. Fixes coreos#463
yusing
pushed a commit
to godoxy-app/go-oidc
that referenced
this pull request
Feb 21, 2026
This change updates the verification logic of this library to first validate the ID Token instead of parsing claims. This hopefully makes it harder for a malicious client to provide an invalid token for validation that's crafted to cause this package to over-allocate memory. See the associated bug and CVE-2025-27144. Fixes coreos#463
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
go-oidc contains
parseJWT, which has the same vulnerability as go-jose: CVE-2025-27144. Instead of copying the updated code from go-jose, I opted to get rid ofparseJWTentirely and rely on go-jose for parsing. That led to a series of changes:unsigned token InsecureSkipSignatureCheckstarted failing because it was generating invalid JWSs that lacked the final.required for unsecured JWTs.unexpected signature algorithm "none"; expected ["RS256"]. I addressed that by explicitly enabling thenonealgorithm whenInsecureSkipSignatureCheckis set.This is technically a breaking change since
parseJWTrequired two or more.s in a JWS and would ignore the signature part, whereas go-jose is stricter about JWS correctness.