Incorrect length P-521 X/Y values (expects 66 bytes)
Emyrk opened this issue · comments
Problem
P-521 X/Y values can be <66 bytes. Since it is 521 bits (1 bit more than 65 bytes), there is a high chance that the X OR Y value is <66 bytes. It's 50% chance for either, so there is a 75% chance that either X or Y is invalid according to this library in UnmarshalJSON
function.
https://github.com/go-jose/go-jose/blob/v3/jwk.go#L528-L537
I understand that the comments and RFC state the string must be 66 octets long
, however this detail is not helpful when identity providers like Keycloak do not adhere to this 😢. So the Keycloak returned keyset is failing to unmarshal from a single P-521 key in the set, rendering the rest of the keys unavailable as well (similar to #25).
Solution?
Can this library accept non 66 byte P-521 keys? Differ from the strict RFC slightly to allow integrating with platforms?
Playground to exercise the issue
If you write this in Golang, it is also very easy to make the mistake yourself.
I recognize the code is correct as per the RFC.
Keycloak actually fixed this on their end: keycloak/keycloak#14933