From 935e920d29d242e0446d365b1e4f0449d144c23c Mon Sep 17 00:00:00 2001
From: Lee Boynton <lee@lboynton.com>
Date: Fri, 1 Sep 2023 14:35:09 +0100
Subject: [PATCH] refactor: catch type error when decoding base64url signature
 (#569)

Co-authored-by: Filip Skokan <panva.ip@gmail.com>
---
 src/jws/flattened/verify.ts | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/jws/flattened/verify.ts b/src/jws/flattened/verify.ts
index 4de99b77df..19fbd34487 100644
--- a/src/jws/flattened/verify.ts
+++ b/src/jws/flattened/verify.ts
@@ -169,7 +169,12 @@ export async function flattenedVerify(
     encoder.encode('.'),
     typeof jws.payload === 'string' ? encoder.encode(jws.payload) : jws.payload,
   )
-  const signature = base64url(jws.signature)
+  let signature: Uint8Array
+  try {
+    signature = base64url(jws.signature)
+  } catch {
+    throw new JWSInvalid('Failed to parse the base64url encoded signature')
+  }
   const verified = await verify(alg, key, signature, data)
 
   if (!verified) {