hpke: Enforces passing a slice of exact size to UnmarshalBinary for KEM keys#489
Open
armfazh wants to merge 2 commits intocloudflare:mainfrom
Open
hpke: Enforces passing a slice of exact size to UnmarshalBinary for KEM keys#489armfazh wants to merge 2 commits intocloudflare:mainfrom
armfazh wants to merge 2 commits intocloudflare:mainfrom
Conversation
Member
|
Why should we accept a buffer that is too large? Wouldn't we miss certain bugs if we do? |
Contributor
Author
|
Agree, I have changed the code, so now, it enforces passing a slice of the exact size when unmarshaling keys. Otherwise, it returns an error instead of panic, which is the actual bug reported in #488 . |
armfazh
changed the title
|
I just shot myself in the foot with this. I assumed the key size is always checked (it is for other unmarshal methods). I had a flaw in parsing out a PEM key from a file and gave the unmarshal method the entire pem container, not just the raw bytes. No error, no nothing until I paired it up in prod with a Rust HPKE lib that rejected the crypto. That's when I found the unmarshal was doing junk all along. Would be very nice to get this in. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
hpke: Allows passing a larger buffer to
UnmarshalBinaryfor KEM keys.It checks data passed is in the right boundaries.
Also adds a test showing the issue.
Fixes #488