Fix for CVE-2017-11424

sirosen · sirosen · commit 8a1e5362ba7b · 2017-09-01T10:11:48.000-04:00
Add "RSA PUBLIC KEY" to the forbidden key strings in HMAC. Prevents the use of PKCS1 keys, cited by this CVE as exposing a key-confusion attack. Also add a test case for it, doing the obvious thing. Closes #62
diff --git a/jose/jwk.py b/jose/jwk.py
@@ -105,6 +105,7 @@ def __init__(self, key, algorithm):
 
         invalid_strings = [
             b'-----BEGIN PUBLIC KEY-----',
+            b'-----BEGIN RSA PUBLIC KEY-----',
             b'-----BEGIN CERTIFICATE-----',
             b'ssh-rsa'
         ]
diff --git a/tests/algorithms/test_HMAC.py b/tests/algorithms/test_HMAC.py
@@ -17,6 +17,10 @@ def test_RSA_key(self):
         with pytest.raises(JOSEError):
             HMACKey(key, ALGORITHMS.HS256)
 
+        key = "-----BEGIN RSA PUBLIC KEY-----"
+        with pytest.raises(JOSEError):
+            HMACKey(key, ALGORITHMS.HS256)
+
         key = "-----BEGIN CERTIFICATE-----"
         with pytest.raises(JOSEError):
             HMACKey(key, ALGORITHMS.HS256)

Original file line number	Diff line number	Diff line change
`@@ -105,6 +105,7 @@ def __init__(self, key, algorithm):`
`105`	`105`
`106`	`106`	`invalid_strings = [`
`107`	`107`	`b'-----BEGIN PUBLIC KEY-----',`
	`108`	`+ b'-----BEGIN RSA PUBLIC KEY-----',`
`108`	`109`	`b'-----BEGIN CERTIFICATE-----',`
`109`	`110`	`b'ssh-rsa'`
`110`	`111`	`]`