aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorpukkamustard <pukkamustard@posteo.net>2020-11-17 18:34:58 +0100
committerpukkamustard <pukkamustard@posteo.net>2020-11-17 18:34:58 +0100
commit405dc1406e437042d68568618a0a01c323aa7333 (patch)
tree31a9b2f2242fadb64787ead09e6cd51e15e67be9
parentd8f2484b77dbc4c876e331ab5238dd802bb507c3 (diff)
ERIS.Decode: gracefully handle a wrong key
-rw-r--r--lib/eris/crypto.ex13
-rw-r--r--lib/eris/decode.ex10
-rw-r--r--test/eris_test.exs7
3 files changed, 18 insertions, 12 deletions
diff --git a/lib/eris/crypto.ex b/lib/eris/crypto.ex
index 996b96a..841adb3 100644
--- a/lib/eris/crypto.ex
+++ b/lib/eris/crypto.ex
@@ -46,8 +46,8 @@ defmodule ERIS.Crypto do
case binary_part(data, data_size, -1) do
<<0x00>> -> unpad_loop(binary_part(data, 0, data_size - 1))
- <<0x80>> -> binary_part(data, 0, data_size - 1)
- _ -> raise("invalid padding")
+ <<0x80>> -> {:ok, binary_part(data, 0, data_size - 1)}
+ _ -> {:error, :invalid_padding}
end
end
@@ -57,9 +57,10 @@ defmodule ERIS.Crypto do
def unpad(data, block_size: block_size) do
data_size = byte_size(data)
- if data_size < block_size or rem(data_size, block_size) != 0 or block_size <= 0,
- do: raise("argument error")
-
- unpad_loop(data)
+ if data_size < block_size or rem(data_size, block_size) != 0 or block_size <= 0 do
+ {:error, :invalid_padding}
+ else
+ unpad_loop(data)
+ end
end
end
diff --git a/lib/eris/decode.ex b/lib/eris/decode.ex
index 5cd445d..6d26cf3 100644
--- a/lib/eris/decode.ex
+++ b/lib/eris/decode.ex
@@ -116,12 +116,10 @@ defmodule ERIS.Decode do
block_storage,
block_size
) do
- with {:ok, block} <- BlockStorage.get(block_storage, reference) do
- {[
- block
- |> Crypto.chacha20(key: key)
- |> Crypto.unpad(block_size: block_size)
- ], Node.right(node)}
+ with {:ok, block} <- BlockStorage.get(block_storage, reference),
+ decrypted <- Crypto.chacha20(block, key: key),
+ {:ok, unpadded} <- Crypto.unpad(decrypted, block_size: block_size) do
+ {[unpadded], Node.right(node)}
end
end
diff --git a/test/eris_test.exs b/test/eris_test.exs
index d6eb500..3976ff5 100644
--- a/test/eris_test.exs
+++ b/test/eris_test.exs
@@ -67,4 +67,11 @@ defmodule ERISTest do
assert {:error, :not_found} = ERIS.decode(read_capability, %{})
end
end
+
+ test "gracefully handle wrong encryption key" do
+ with {read_capability, blocks} <- ERIS.encode("Hello!", %{}),
+ read_capability <- %{read_capability | key: <<0::256>>} do
+ assert {:error, :invalid_padding} = ERIS.decode(read_capability, blocks)
+ end
+ end
end