Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix crash with libsodium 1.0.15 #33

Closed
wants to merge 2 commits into from
Closed

fix crash with libsodium 1.0.15 #33

wants to merge 2 commits into from

Conversation

xc19
Copy link

@xc19 xc19 commented Oct 11, 2017

No description provided.

@xc19 xc19 changed the title fix SecretBox bugs with libsodium 1.0.15 fix SecretBox bugs crash libsodium 1.0.15 Oct 11, 2017
@xc19 xc19 changed the title fix SecretBox bugs crash libsodium 1.0.15 fix SecretBox crash libsodium 1.0.15 Oct 11, 2017
@xc19 xc19 changed the title fix SecretBox crash libsodium 1.0.15 fix SecretBox crash with libsodium 1.0.15 Oct 11, 2017
@xc19 xc19 changed the title fix SecretBox crash with libsodium 1.0.15 fix crash with libsodium 1.0.15 Oct 11, 2017
@redragonx
Copy link
Contributor

Can @jedisct1 look at this fix? Is it the proper way to go about fixing this crash?

@silkeh
Copy link
Contributor

silkeh commented Oct 23, 2017
edited

@xc19 could you provide a detailed description of the issue this should solve?

As an aside: I have submitted #34, which works with 1.0.15 and shouldn't suffer from the issues CryptoBox currently has.

silkeh
silkeh suggested changes Oct 23, 2017
View reviewed changes
cryptobox/crypto_box_easy.go
@@ -71,9 +71,11 @@ func CryptoBoxEasy(m []byte, n []byte, pk []byte, sk []byte) ([]byte, int) {
}

func CryptoBoxOpenDetachedAfterNm(c []byte, mac []byte, n []byte, k []byte) ([]byte, int) {
support.CheckSizeMin(c, CryptoBoxMacBytes(), "msg")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think the lack of this check is what is wrong here: Because this is detached encryption, the length of c can be 0 (implying that the length of the original message is 0).

The problems, as I see them, are:

  • m := make([]byte, len(c)-CryptoBoxMacBytes()) should be m := make([]byte, len(c))
  • &m[0] should be support.BytePointer(m)
  • &c[0] should be support.BytePointer(m)
    The problem is below: &c[0] should be support.BytePointer(c).

cryptobox/crypto_box_easy.go
@@ -87,6 +89,7 @@ func CryptoBoxOpenDetachedAfterNm(c []byte, mac []byte, n []byte, k []byte) ([]b
}

func CryptoBoxOpenDetached(c []byte, mac []byte, n []byte, pk []byte, sk []byte) ([]byte, int) {
support.CheckSizeMin(c, CryptoBoxMacBytes(), "msg")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See comment on CryptoBoxOpenDetachedAfterNm

cryptobox/crypto_box_easy.go
@@ -105,6 +108,7 @@ func CryptoBoxOpenDetached(c []byte, mac []byte, n []byte, pk []byte, sk []byte)
}

func CryptoBoxOpenEasyAfterNm(c []byte, n []byte, k []byte) ([]byte, int) {
support.CheckSizeMin(c, CryptoBoxMacBytes(), "msg")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would use "ciphertext" because c is the ciphertext, not the message. It would also be great if you could change the &m[0] below to support.BytePointer(m).

cryptobox/crypto_box_easy.go
@@ -119,6 +123,7 @@ func CryptoBoxOpenEasyAfterNm(c []byte, n []byte, k []byte) ([]byte, int) {
}

func CryptoBoxOpenEasy(c []byte, n []byte, pk []byte, sk []byte) ([]byte, int) {
support.CheckSizeMin(c, CryptoBoxMacBytes(), "msg")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See comment on CryptoBoxOpenEasyAfterNm

cryptobox/crypto_box_seal.go
@@ -19,6 +19,7 @@ func CryptoBoxSeal(m []byte, pk []byte) ([]byte, int) {
}

func CryptoBoxSealOpen(c []byte, pk []byte, sk []byte) ([]byte, int) {
support.CheckSizeMin(c, CryptoBoxSealBytes(), "msg")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See comment on CryptoBoxOpenEasyAfterNm

cryptosecretbox/crypto_secretbox.go
@@ -45,8 +45,10 @@ func CryptoSecretBox(m []byte, n []byte, k []byte) ([]byte, int) {
}

func CryptoSecretBoxOpen(c []byte, n []byte, k []byte) ([]byte, int) {
support.CheckSizeMin(c, CryptoSecretBoxMacBytes(), "msg")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See comment on CryptoBoxOpenEasyAfterNm

cryptosecretbox/crypto_secretbox_easy.go
@@ -48,13 +48,15 @@ func CryptoSecretBoxEasy(m []byte, n []byte, k []byte) ([]byte, int) {
(C.ulonglong)(len(m)),
(*C.uchar)(&n[0]),
(*C.uchar)(&k[0])))

return c, exit
nonceAndEncrypted := support.BytesCombine(n, c)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This seems a change in functionality: a developer can combine the nonce and ciphertext if that's required.

Also: why doesn't append(n, c...) suffice?

cryptosecretbox/crypto_secretbox_easy.go
}

func CryptoSecretBoxOpenEasy(c []byte, n []byte, k []byte) ([]byte, int) {
support.CheckSizeMin(c, CryptoSecretBoxMacBytes(), "msg")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See comment on CryptoBoxOpenEasyAfterNm

@xc19 xc19 closed this Jan 11, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@silkeh silkeh silkeh requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@xc19 @redragonx @silkeh