packages/cryptacular
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
cryptacular/backport-CVE-2020-7226-2.patch

82 lines
3.4 KiB
Diff
Raw Blame History

From 132f15ead532d78d4c19d2bcb39ec8f319ad6945 Mon Sep 17 00:00:00 2001
From: "Marvin S. Addison" <serac@vt.edu>
Date: Mon, 27 Jan 2020 14:39:35 -0500
Subject: [PATCH] Address code review feedback points.
---
src/main/java/org/cryptacular/CiphertextHeader.java | 6 +++---
.../java/org/cryptacular/CiphertextHeaderV2.java | 12 +++++++-----
src/main/java/org/cryptacular/util/CipherUtil.java | 1 -
3 files changed, 10 insertions(+), 9 deletions(-)
diff --git a/src/main/java/org/cryptacular/CiphertextHeader.java b/src/main/java/org/cryptacular/CiphertextHeader.java
index c17e735..d43bf9a 100644
--- a/src/main/java/org/cryptacular/CiphertextHeader.java
+++ b/src/main/java/org/cryptacular/CiphertextHeader.java
@@ -75,12 +75,12 @@ public CiphertextHeader(final byte[] nonce)
*/
public CiphertextHeader(final byte[] nonce, final String keyName)
{
- if (nonce.length > 255) {
- throw new IllegalArgumentException("Nonce exceeds size limit in bytes (255)");
+ if (nonce.length > MAX_NONCE_LEN) {
+ throw new IllegalArgumentException("Nonce exceeds size limit in bytes (" + MAX_NONCE_LEN + ")");
}
if (keyName != null) {
if (ByteUtil.toBytes(keyName).length > MAX_KEYNAME_LEN) {
- throw new IllegalArgumentException("Key name exceeds size limit in bytes (500)");
+ throw new IllegalArgumentException("Key name exceeds size limit in bytes (" + MAX_KEYNAME_LEN + ")");
}
}
this.nonce = nonce;
diff --git a/src/main/java/org/cryptacular/CiphertextHeaderV2.java b/src/main/java/org/cryptacular/CiphertextHeaderV2.java
index 8119f4e..1fe095b 100644
--- a/src/main/java/org/cryptacular/CiphertextHeaderV2.java
+++ b/src/main/java/org/cryptacular/CiphertextHeaderV2.java
@@ -102,6 +102,9 @@ public void setKeyLookup(final Function<String, SecretKey> keyLookup)
*/
public byte[] encode(final SecretKey hmacKey)
{
+ if (hmacKey == null) {
+ throw new IllegalArgumentException("Secret key cannot be null");
+ }
final ByteBuffer bb = ByteBuffer.allocate(length);
bb.order(ByteOrder.BIG_ENDIAN);
bb.putInt(VERSION);
@@ -109,10 +112,7 @@ public void setKeyLookup(final Function<String, SecretKey> keyLookup)
bb.put((byte) 0);
bb.put(ByteUtil.toUnsignedByte(nonce.length));
bb.put(nonce);
- if (hmacKey != null) {
- final byte[] hmac = hmac(bb.array(), 0, bb.limit() - HMAC_SIZE);
- bb.put(hmac);
- }
+ bb.put(hmac(bb.array(), 0, bb.limit() - HMAC_SIZE));
return bb.array();
}
@@ -253,8 +253,10 @@ public static CiphertextHeaderV2 decode(final InputStream input, final Function<
*
* @param input Input stream.
* @param output Output buffer.
+ *
+ * @throws StreamException on stream IO errors.
*/
- private static void readInto(final InputStream input, final byte[] output)
+ private static void readInto(final InputStream input, final byte[] output) throws StreamException
{
try {
input.read(output);
diff --git a/src/main/java/org/cryptacular/util/CipherUtil.java b/src/main/java/org/cryptacular/util/CipherUtil.java
index cdbac0d..40ef4d1 100644
--- a/src/main/java/org/cryptacular/util/CipherUtil.java
+++ b/src/main/java/org/cryptacular/util/CipherUtil.java
@@ -376,7 +376,6 @@ private static void process(final BlockCipherAdapter cipher, final InputStream i
}
-
/**
* Writes a ciphertext header to the output stream.
*
Reference in New Issue View Git Blame Copy Permalink