-
Notifications
You must be signed in to change notification settings - Fork 26
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix crash with libsodium 1.0.15 #33
Conversation
Can @jedisct1 look at this fix? Is it the proper way to go about fixing this crash? |
@@ -71,9 +71,11 @@ func CryptoBoxEasy(m []byte, n []byte, pk []byte, sk []byte) ([]byte, int) { | |||
} | |||
|
|||
func CryptoBoxOpenDetachedAfterNm(c []byte, mac []byte, n []byte, k []byte) ([]byte, int) { | |||
support.CheckSizeMin(c, CryptoBoxMacBytes(), "msg") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think the lack of this check is what is wrong here: Because this is detached encryption, the length of c
can be 0 (implying that the length of the original message is 0).
The problems, as I see them, are:
m := make([]byte, len(c)-CryptoBoxMacBytes())
should bem := make([]byte, len(c))
&m[0]
should besupport.BytePointer(m)
&c[0]
should besupport.BytePointer(m)
The problem is below:&c[0]
should besupport.BytePointer(c)
.
@@ -87,6 +89,7 @@ func CryptoBoxOpenDetachedAfterNm(c []byte, mac []byte, n []byte, k []byte) ([]b | |||
} | |||
|
|||
func CryptoBoxOpenDetached(c []byte, mac []byte, n []byte, pk []byte, sk []byte) ([]byte, int) { | |||
support.CheckSizeMin(c, CryptoBoxMacBytes(), "msg") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
See comment on CryptoBoxOpenDetachedAfterNm
@@ -105,6 +108,7 @@ func CryptoBoxOpenDetached(c []byte, mac []byte, n []byte, pk []byte, sk []byte) | |||
} | |||
|
|||
func CryptoBoxOpenEasyAfterNm(c []byte, n []byte, k []byte) ([]byte, int) { | |||
support.CheckSizeMin(c, CryptoBoxMacBytes(), "msg") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would use "ciphertext"
because c
is the ciphertext, not the message. It would also be great if you could change the &m[0]
below to support.BytePointer(m)
.
@@ -119,6 +123,7 @@ func CryptoBoxOpenEasyAfterNm(c []byte, n []byte, k []byte) ([]byte, int) { | |||
} | |||
|
|||
func CryptoBoxOpenEasy(c []byte, n []byte, pk []byte, sk []byte) ([]byte, int) { | |||
support.CheckSizeMin(c, CryptoBoxMacBytes(), "msg") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
See comment on CryptoBoxOpenEasyAfterNm
@@ -19,6 +19,7 @@ func CryptoBoxSeal(m []byte, pk []byte) ([]byte, int) { | |||
} | |||
|
|||
func CryptoBoxSealOpen(c []byte, pk []byte, sk []byte) ([]byte, int) { | |||
support.CheckSizeMin(c, CryptoBoxSealBytes(), "msg") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
See comment on CryptoBoxOpenEasyAfterNm
@@ -45,8 +45,10 @@ func CryptoSecretBox(m []byte, n []byte, k []byte) ([]byte, int) { | |||
} | |||
|
|||
func CryptoSecretBoxOpen(c []byte, n []byte, k []byte) ([]byte, int) { | |||
support.CheckSizeMin(c, CryptoSecretBoxMacBytes(), "msg") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
See comment on CryptoBoxOpenEasyAfterNm
@@ -48,13 +48,15 @@ func CryptoSecretBoxEasy(m []byte, n []byte, k []byte) ([]byte, int) { | |||
(C.ulonglong)(len(m)), | |||
(*C.uchar)(&n[0]), | |||
(*C.uchar)(&k[0]))) | |||
|
|||
return c, exit | |||
nonceAndEncrypted := support.BytesCombine(n, c) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This seems a change in functionality: a developer can combine the nonce and ciphertext if that's required.
Also: why doesn't append(n, c...)
suffice?
} | ||
|
||
func CryptoSecretBoxOpenEasy(c []byte, n []byte, k []byte) ([]byte, int) { | ||
support.CheckSizeMin(c, CryptoSecretBoxMacBytes(), "msg") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
See comment on CryptoBoxOpenEasyAfterNm
No description provided.