parent 4dbb9a7

author Steve Lasker <stevenlasker@hotmail.com> 1674848151 -0800 committer Steve Lasker <stevenlasker@hotmail.com> 1676501778 -0800 gpgsig -----BEGIN PGP SIGNATURE----- iQJNBAABCgA3FiEEhq1fE1ajEbAM5+4Y+K0yn4Ipqz4FAmPtYxIZHHN0ZXZlbmxh c2tlckBob3RtYWlsLmNvbQAKCRD4rTKfgimrPiFGEACyEqM5Z1HTcwjDce9iHE8e l85yMpIebd2KlWpAYClMTw3pneZZ8KbLsd8E8IfAGd28tDhKRmdpzDlTjh0gwpdq Nv0omy8VfP/uhGlNKe3SnPdZQU4nz5zjRXXJsGSD7CRfsfPN7b/EmanD1G/k8wzB bNoomTehpkqZbILPa4yrmfc7pyBc/EwTkyzPwXhGEyyciqJvtPjRN/fxYsUZSrYr WqWLhSJkdn9S3IB84ryqbwBBsU0u2ZcFp1wt4ysukSi13WvXwIxZxMqIRmF21Wxj TnU5KJ5AvAU72k1PZr1O1B4O6Ahfo/UTTyoRaIvMRRuQ5EdcjAqNb4fk+zIES6FZ zUxZdMdUMCI1QK/0JzHggS1C7W5eSd5cnfq7nrJ4JwATiF2zyxM5n8cnInY4BYhC YrIVFDECtuz85AFgOc/zDaPVpbZO5Crw0oX6BMp8qFklg0zmaKr3dwzyPlrMvyMY REJb33lcjcG71+vNn7jnmF1Lf8IKzHiI4FhQkETVwjBNh3o8J9msbV9E/tAINoew D4GHLEIqff5JGWxaGaDU4uG7+HS+JDV0V21pW04fXfQYw7+5tbJBYtT0VZ58mnCd 7vlrhDpISjyTRVpRbyHhOGbz6lzSvtLsEUEQu5gBrSRJ2bJaHfD/2VXeOOPfLRyF +AMCRKGexVDrghurbyD9oA== =cbrx -----END PGP SIGNATURE----- parent 4dbb9a7 author Steve Lasker <stevenlasker@hotmail.com> 1674848151 -0800 committer Steve Lasker <stevenlasker@hotmail.com> 1676501439 -0800 gpgsig -----BEGIN PGP SIGNATURE----- iQJNBAABCgA3FiEEhq1fE1ajEbAM5+4Y+K0yn4Ipqz4FAmPtYb8ZHHN0ZXZlbmxh c2tlckBob3RtYWlsLmNvbQAKCRD4rTKfgimrPiT5D/9THqSLPbaKQPBxxGAF3WCk SJRKhU5c0c/bZiloCbRqSRE6Dg0BDO8tk2qqHjxoo8I4k916MVycGghdku+hW0XD QepeXJLe1++DXrWOXaqVgPquoiSm8RxisQ1k6AATsXzTtg5JtaXUQzbGN/kS6WY/ srBjq9XeXwIE5aVU7VVfkkLjj/R6XcuKf34HNKEY98E4VUC8iWzX/x76jSxSkG1x PUpYKM9PEIqzdad3aA5+S17iGKEE5IfNJBOljXex7w6HXVpfJUumr3T4300dTpVV kuAYGoPMhNPHBjrX+YyHxpXJENZXmlov6A4j6dmTdNs1C/WGRpbz2SQS7/kKtJEp QeMsHlVgFmeOvY2Cfoowbw9sVOGtO/rbZvwgBh6jkcfeeqBOEy99ZvjuFomfa9xk L2wWFg2V8StvlzgJgAoly3Ya2ui0Be8GyCU2QKKpREn+++bqS7fAPZIin/xck8K+ QpQBdrogX4T2Fn+PGMuqiWf0nUE3RXaC+v3eCQWrigC0k0SuE/P+Sg08myPAgCgZ uZBClB1hk5JUegEOTqvSRwfqUjMSEGCKVFNk4leNdDdpc8STRT5kN8lr50hFvDAr 4a6y0NngUqJuBTvejmqc1mYBzpLBbFhXROJjCfrawGmPkehbxYbALDQtX6bV3x1P qFc9qc4SrSRG1nKRF1YPjQ== =49O0 -----END PGP SIGNATURE----- Add community and governance content Signed-off-by: Steve Lasker <stevenlasker@hotmail.com> markdown format Signed-off-by: Steve Lasker <stevenlasker@hotmail.com> PR Feedback Signed-off-by: Steve Lasker <stevenlasker@hotmail.com> Remove zombied code of conduct Signed-off-by: Steve Lasker <stevenlasker@hotmail.com> PR Feedback Signed-off-by: Steve Lasker <stevenlasker@hotmail.com> Merge conflicts Signed-off-by: Steve Lasker <stevenlasker@hotmail.com> Update references to v1.0.0 (veraison#129) Signed-off-by: Lachlan Evenson <lachlan.evenson@microsoft.com> Update Code of Conduct (veraison#128) Signed-off-by: Lachlan Evenson <lachlan.evenson@microsoft.com> Correct return error code when key cannot be decoded (veraison#130) Check EC point is on curve at Verifier instantiation (veraison#116) Signed-off-by: Thomas Fossati <thomas.fossati@arm.com> Remove zombied code of conduct Signed-off-by: Steve Lasker <stevenlasker@hotmail.com> PR Feedback Signed-off-by: Steve Lasker <stevenlasker@hotmail.com> Merge conflicts Signed-off-by: Steve Lasker <stevenlasker@hotmail.com> Update references to v1.0.0 (veraison#129) Signed-off-by: Lachlan Evenson <lachlan.evenson@microsoft.com> Correct return error code when key cannot be decoded (veraison#130)
SteveLasker · Feb 15, 2023 · b9fb1a2 · b9fb1a2
1 parent 4dbb9a7
commit b9fb1a2
Show file tree

Hide file tree

Showing 8 changed files with 69 additions and 33 deletions.
diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md
diff --git a/README.md b/README.md
@@ -8,12 +8,31 @@ A golang library for the [COSE specification][cose-spec]
 
 ## Project Status
 
-**Current Release**: [go-cose rc 1][release-rc-1] 
+**Current Release**: [go-cose v1.0.0][current-release]
 
 The project was *initially* forked from the  upstream [mozilla-services/go-cose][mozilla-go-cose] project, however the Veraison and Mozilla maintainers have agreed to retire the mozilla-services/go-cose project and focus on [veraison/go-cose][veraison-go-cose] as the active project.
 
 We thank the [Mozilla maintainers and contributors][mozilla-contributors] for their great work that formed the base of the [veraison/go-cose][veraison-go-cose] project.
 
+## Community
+
+The [veraison/go-cose](https://github.com/veraison/go-cose) project is an open source community effort.
+
+You can reach the go-cose community via::
+
+- [Mailing List](veraison-project@confidentialcomputing.io)
+- Bi-weekly meetings: 08:00-09:00 Pacific
+  - [Zoom meeting link](https://us02web.zoom.us/j/81054434992?pwd=YjNBU21seU5VcGdtVXY3VHVjS251Zz09)
+  - [Calendar ics link](https://zoom.us/meeting/tZUtcu2srT8jE9YFubXn-lC9upuwUiiev52G/ics)
+- [Meeting Notes](https://veraison.zulipchat.com/#narrow/stream/317999-go-cose-meetings)
+- [Meeting Recordings](https://www.youtube.com/@go-cose-community3000)
+
+Participation in the go-cose community is governed by the Veraison [CODE_OF_CONDUCT.md](https://github.com/veraison/.github/blob/main/CODE_OF_CONDUCT.md) and [GOVERNANCE.md](https://github.com/veraison/community/blob/main/GOVERNANCE.md)
+
+## Code of Conduct
+
+This project has adopted the [Contributor Covenant Code of Conduct](https://github.com/veraison/.github/blob/main/CODE_OF_CONDUCT.md).
+
 ## Installation
 
 go-cose is compatible with modern Go releases in module mode, with Go installed:
@@ -188,4 +207,4 @@ go test -fuzz=FuzzSign1
 [mozilla-contributors]: https://github.com/mozilla-services/go-cose/graphs/contributors
 [mozilla-go-cose]:      http://github.com/mozilla-services/go-cose
 [veraison-go-cose]:     https://github.com/veraison/go-cose
-[release-rc-1]:      https://github.com/veraison/go-cose/releases/tag/v1.0.0-rc.1
+[current-release]:      https://github.com/veraison/go-cose/releases/tag/v1.0.0
diff --git a/SECURITY.md b/SECURITY.md
@@ -4,11 +4,11 @@ This document provides the details on the veraison/go-cose security policy and d
 
 ## Supported Versions
 
-[go-cose][go-cose] is currently is in active development, moving to a [1.0.0 release][v1.0.0-milestone]. The latest pre-release will be supported until 1.0.0 is released. As 1.0.0 is released, pre-release references will need to be redirected to 1.0.0.
+The current stable release of [go-cose][go-cose] is [v1.0.0][v1.0.0-release]. Please upgrade to [v1.0.0][v1.0.0-release] if you are using a pre-release version.
 
 | Version | Supported          |
 | ------- | ------------------ |
-| [v1.0.0-rc1][v1.0.0-rc1-release]  | Yes |
+| [v1.0.0][v1.0.0-release]  | Yes |
 
 ## Report A Vulnerability
 
@@ -23,7 +23,7 @@ To make a report please email the private security list at <a href="mailto:go-co
 [TO:]:     go-cose-security@googlegroups.com
 [SUBJECT]: go-cose Security Notification
 [BODY]:
-Release: v1.0.0-rc.1
+Release: v1.0.0
 
 Summary:
 A quick summary of the issue
@@ -85,6 +85,5 @@ Disclosures will be published on the same day as a release fixing the vulnerabil
 
 [go-cose]:                https://github.com/veraison/go-cose
 [security-advisories]:    https://github.com/veraison/go-cose/security/advisories
-[v1.0.0-rc1-release]:  https://github.com/veraison/go-cose/releases/tag/v1.0.0-rc.1
-[v1.0.0-milestone]:       https://github.com/veraison/go-cose/milestone/2
-[go-cose-maintainers]:    https://github.com/veraison/community/blob/main/OWNERS
+[v1.0.0-release]:  https://github.com/veraison/go-cose/releases/tag/v1.0.0
+[go-cose-maintainers]:    https://github.com/veraison/community/blob/main/OWNERS
diff --git a/errors.go b/errors.go
@@ -13,4 +13,5 @@ var (
 	ErrNoSignatures          = errors.New("no signatures attached")
 	ErrUnavailableHashFunc   = errors.New("hash function is not available")
 	ErrVerification          = errors.New("verification error")
+	ErrInvalidPubKey         = errors.New("invalid public key")
 )
diff --git a/signer.go b/signer.go
@@ -41,7 +41,7 @@ func NewSigner(alg Algorithm, key crypto.Signer) (Signer, error) {
 	case AlgorithmPS256, AlgorithmPS384, AlgorithmPS512:
 		vk, ok := key.Public().(*rsa.PublicKey)
 		if !ok {
-			return nil, fmt.Errorf("%v: %w", alg, ErrAlgorithmMismatch)
+			return nil, fmt.Errorf("%v: %w", alg, ErrInvalidPubKey)
 		}
 		// RFC 8230 6.1 requires RSA keys having a minimum size of 2048 bits.
 		// Reference: https://www.rfc-editor.org/rfc/rfc8230.html#section-6.1
@@ -55,7 +55,7 @@ func NewSigner(alg Algorithm, key crypto.Signer) (Signer, error) {
 	case AlgorithmES256, AlgorithmES384, AlgorithmES512:
 		vk, ok := key.Public().(*ecdsa.PublicKey)
 		if !ok {
-			return nil, fmt.Errorf("%v: %w", alg, ErrAlgorithmMismatch)
+			return nil, fmt.Errorf("%v: %w", alg, ErrInvalidPubKey)
 		}
 		if sk, ok := key.(*ecdsa.PrivateKey); ok {
 			return &ecdsaKeySigner{
@@ -70,7 +70,7 @@ func NewSigner(alg Algorithm, key crypto.Signer) (Signer, error) {
 		}, nil
 	case AlgorithmEd25519:
 		if _, ok := key.Public().(ed25519.PublicKey); !ok {
-			return nil, fmt.Errorf("%v: %w", alg, ErrAlgorithmMismatch)
+			return nil, fmt.Errorf("%v: %w", alg, ErrInvalidPubKey)
 		}
 		return &ed25519Signer{
 			key: key,

diff --git a/testdata/sign1-sign-0000.json b/testdata/sign1-sign-0000.json
@@ -5,9 +5,9 @@
   "key": {
     "kty": "EC",
     "crv": "P-256",
-    "x": "usWxHK2PmfnHKwXPS54m0kTcGJ90UiglWiGahtagnv8",
-    "y": "IBOL-C3BttVivg-lSreASjpkttcsz-1rb7btKLv8EX4",
-    "d": "V8kgd2ZBRuh2dgyVINBUqpPDr7BOMGcF22CQMIUHtNM"
+    "x": "f83OJ3D2xF1Bg8vub9tLe1gHMzV76e8Tus9uPHvRVEU",
+    "y": "x_FEzRu9m36HLN_tue659LNpXW6pCyStikYjKIWI5a0",
+    "d": "jpsQnnGQmL-YBIffH1136cspYG6-0iY7X1fCE9-E9LI"
   },
   "alg": "ES256",
   "sign1::sign": {
@@ -32,4 +32,4 @@
     },
     "fixedOutputLength": 32
   }
-}
+}
diff --git a/verifier.go b/verifier.go
@@ -30,7 +30,7 @@ func NewVerifier(alg Algorithm, key crypto.PublicKey) (Verifier, error) {
 	case AlgorithmPS256, AlgorithmPS384, AlgorithmPS512:
 		vk, ok := key.(*rsa.PublicKey)
 		if !ok {
-			return nil, fmt.Errorf("%v: %w", alg, ErrAlgorithmMismatch)
+			return nil, fmt.Errorf("%v: %w", alg, ErrInvalidPubKey)
 		}
 		// RFC 8230 6.1 requires RSA keys having a minimun size of 2048 bits.
 		// Reference: https://www.rfc-editor.org/rfc/rfc8230.html#section-6.1
@@ -44,7 +44,10 @@ func NewVerifier(alg Algorithm, key crypto.PublicKey) (Verifier, error) {
 	case AlgorithmES256, AlgorithmES384, AlgorithmES512:
 		vk, ok := key.(*ecdsa.PublicKey)
 		if !ok {
-			return nil, fmt.Errorf("%v: %w", alg, ErrAlgorithmMismatch)
+			return nil, fmt.Errorf("%v: %w", alg, ErrInvalidPubKey)
+		}
+		if !vk.Curve.IsOnCurve(vk.X, vk.Y) {
+			return nil, errors.New("public key point is not on curve")
 		}
 		return &ecdsaVerifier{
 			alg: alg,
@@ -53,7 +56,7 @@ func NewVerifier(alg Algorithm, key crypto.PublicKey) (Verifier, error) {
 	case AlgorithmEd25519:
 		vk, ok := key.(ed25519.PublicKey)
 		if !ok {
-			return nil, fmt.Errorf("%v: %w", alg, ErrAlgorithmMismatch)
+			return nil, fmt.Errorf("%v: %w", alg, ErrInvalidPubKey)
 		}
 		return &ed25519Verifier{
 			key: vk,

diff --git a/verifier_test.go b/verifier_test.go
@@ -3,12 +3,32 @@ package cose
 import (
 	"crypto"
 	"crypto/ecdsa"
+	"crypto/elliptic"
 	"crypto/rand"
 	"crypto/rsa"
+	"encoding/base64"
+	"math/big"
 	"reflect"
 	"testing"
 )
 
+func mustBase64ToBigInt(s string) *big.Int {
+	val, err := base64.RawURLEncoding.DecodeString(s)
+	if err != nil {
+		panic(err)
+	}
+	return new(big.Int).SetBytes(val)
+}
+
+func generateBogusECKey() *ecdsa.PublicKey {
+	return &ecdsa.PublicKey{
+		Curve: elliptic.P256(),
+		// x-coord is not on curve p-256
+		X: mustBase64ToBigInt("MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqx7D4"),
+		Y: mustBase64ToBigInt("4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM"),
+	}
+}
+
 func TestNewVerifier(t *testing.T) {
 	// generate ecdsa key
 	ecdsaKey := generateTestECDSAKey(t).Public().(*ecdsa.PublicKey)
@@ -25,6 +45,9 @@ func TestNewVerifier(t *testing.T) {
 		rsaKeyLowEntropy = &key.PublicKey
 	}
 
+	// craft an EC public key with the x-coord not on curve
+	ecdsaKeyPointNotOnCurve := generateBogusECKey()
+
 	// run tests
 	tests := []struct {
 		name    string
@@ -88,6 +111,12 @@ func TestNewVerifier(t *testing.T) {
 			alg:     0,
 			wantErr: true,
 		},
+		{
+			name:    "bogus ecdsa public key (point not on curve)",
+			alg:     AlgorithmES256,
+			key:     ecdsaKeyPointNotOnCurve,
+			wantErr: true,
+		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {