Skip to content

fix: plaintextLength must be enforced #213

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 4 commits into from
Sep 19, 2019
Merged

fix: plaintextLength must be enforced #213

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
a3a41f6
fix: plaintextLength must be enforced
seebees Aug 20, 2019
b7a8c1e
Merge branch 'master' into plaintext_length
seebees Sep 18, 2019
06f559c
comment and constant name
seebees Sep 19, 2019
d8880ca
Merge branch 'master' into plaintext_length
seebees Sep 19, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
comment and constant name
  • Loading branch information
@seebees
seebees committed Sep 19, 2019
commit 06f559cdfe346d90a3fa2367be9939241d25955b
6 changes: 3 additions & 3 deletions modules/encrypt-node/src/framed_encrypt_stream.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -55,11 +55,11 @@ export function getFramedEncryptStream (getCipher: GetCipher, messageHeader: Mes
let pathologicalDrain: Function = noop
const { frameLength } = messageHeader

/* Precondition: plaintextLength must be withing bounds.
* The Maximum.BYTES_PER_CACHED_KEY_LIMIT is set to be within Number.MAX_SAFE_INTEGER
/* Precondition: plaintextLength must be within bounds.
* The Maximum.BYTES_PER_MESSAGE is set to be within Number.MAX_SAFE_INTEGER
* See serialize/identifiers.ts enum Maximum for more details.
*/
needs(!plaintextLength || (plaintextLength >= 0 && Maximum.BYTES_PER_CACHED_KEY_LIMIT >= plaintextLength), 'plaintextLength out of bounds.')
needs(!plaintextLength || (plaintextLength >= 0 && Maximum.BYTES_PER_MESSAGE >= plaintextLength), 'plaintextLength out of bounds.')

/* Keeping the messageHeader, accumulatingFrame and pathologicalDrain private is the intention here.
* It is already unlikely that these values could be touched in the current composition of streams,
Expand Down
2 changes: 1 addition & 1 deletion modules/encrypt-node/test/framed_encrypt_stream.test.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ describe('getFramedEncryptStream', () => {
expect(test._transform).is.a('function')
})

it('Precondition: plaintextLength must be withing bounds.', () => {
it('Precondition: plaintextLength must be within bounds.', () => {
const getCipher: any = () => {}
expect(() => getFramedEncryptStream(getCipher, {} as any, () => {}, -1)).to.throw(Error, 'plaintextLength out of bounds.')
expect(() => getFramedEncryptStream(getCipher, {} as any, () => {}, Number.MAX_SAFE_INTEGER + 1)).to.throw(Error, 'plaintextLength out of bounds.')
Expand Down
6 changes: 6 additions & 0 deletions modules/serialize/src/identifiers.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -80,6 +80,12 @@ export enum Maximum {
* or some value larger 2 ** 63.
*/
BYTES_PER_CACHED_KEY_LIMIT = 2 ** 53 - 1, // eslint-disable-line no-unused-vars
/* This value should be Maximum.FRAME_COUNT * Maximum.FRAME_SIZE.
* However this would be ~ 2 ** 64, much larger than Number.MAX_SAFE_INTEGER.
* For the same reasons outlined above in BYTES_PER_CACHED_KEY_LIMIT
* this value is set to 2 ** 53 - 1.
*/
BYTES_PER_MESSAGE = 2 ** 53 - 1, // eslint-disable-line no-unused-vars
// Maximum number of frames allowed in one message as defined in specification
FRAME_COUNT = 2 ** 32 - 1, // eslint-disable-line no-unused-vars
// Maximum bytes allowed in a single frame as defined in specification
Expand Down