This is a security update that fixes broken JWT signature verification for tokens signed with Elliptic Curve keys.
Security
- fix Elliptic Curve signature verification on garbage input
Advisory
Basically everyone that communicates with a provider that uses Elliptic Curve keys to sign a JWT token should upgrade to 1.8.10.1. Such a provider could be:
- an OpenID Connect Provider using Elliptic Curve cryptography to sign ID tokens (esp. in the front channel), or
- an OAuth 2.0 Authorization Server that produces JWT based Access Tokens signed with Elliptic Curve keys.
Note that the default algorithm in OpenID Connect is RSA-based and typically OAuth 2.0 JWT-based Access Tokens use the same default so parties that use these defaults or variants of those are not affected.
Also, even when using Elliptic Curve cryptography for the ID tokens, when these are delivered over a backchannel, e.g. using the default Authorization Code grant, proper TLS server certificate verification would be in place to prevent any abuse: the ID token signature verification is merely optional in those cases.
In summary, directly affected are:
- OpenID Connect RPs using a front-channel flow ("
id_token", "code id_token", "token id_token") to receive an ID token that was signed with an Elliptic Curve key; they should upgrade or change to a backchannel flow - OAuth 2.0 Resource Servers using a JWT-based access token signed with an Elliptic Curve key; they should upgrade or change to a reference-style access token
Note that the last case can only happen when an RS uses the OIDCOAuthVerifyJwksUri capability of mod_auth_openidc since configuring Elliptic Curve keys statically is not possible today.