str4d.xyz / atproto-devtool
CLI app for developers prototyping atproto functionality
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

fix(jwt): distinguish invalid-scalar from length errors

The verify_compact function mapped Signature::from_bytes errors to
SignatureLength, but the actual failure modes on a valid-length 64-byte
input are scalar validity errors (r or s is 0 or >= curve order). Add a
new InvalidSignatureScalar variant and map to it properly so error
messages accurately reflect the actual problem.

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>

authored by

Jack Grigg
Claude Haiku 4.5 and committed by
Tangled 779c07af 93522cfc

+8 -10
+8 -10
src/common/jwt.rs
··· 107 107 /// Actual length in bytes. 108 108 actual: usize, 109 109 }, 110 + /// Signature had the correct length but invalid scalar values (e.g., r or s 111 + /// is 0 or exceeds the curve order). 112 + #[error("signature has invalid scalar values")] 113 + InvalidSignatureScalar, 110 114 /// The algorithm identifier in the header is not recognized. 111 115 #[error("unsupported JWT alg `{alg}` (expected ES256 or ES256K)")] 112 116 UnsupportedAlg { ··· 209 213 let sig_array: [u8; 64] = sig_bytes.as_slice().try_into().expect("len checked above"); 210 214 let any_sig = match vkey { 211 215 AnyVerifyingKey::K256(_) => { 212 - let sig = k256::ecdsa::Signature::from_bytes(&sig_array.into()).map_err(|_| { 213 - JwtError::SignatureLength { 214 - actual: sig_bytes.len(), 215 - } 216 - })?; 216 + let sig = k256::ecdsa::Signature::from_bytes(&sig_array.into()) 217 + .map_err(|_| JwtError::InvalidSignatureScalar)?; 217 218 AnySignature::K256(sig) 218 219 } 219 220 AnyVerifyingKey::P256(_) => { 220 - let sig = p256::ecdsa::Signature::from_bytes(&sig_array.into()).map_err(|_| { 221 - JwtError::SignatureLength { 222 - actual: sig_bytes.len(), 223 - } 224 - })?; 221 + let sig = p256::ecdsa::Signature::from_bytes(&sig_array.into()) 222 + .map_err(|_| JwtError::InvalidSignatureScalar)?; 225 223 AnySignature::P256(sig) 226 224 } 227 225 };