Verified Commit f0607f4b authored by Romain's avatar Romain

P2P: check incoming ciphertext size

Co-Authored-By: vbot's avatarvbot <[email protected]>
Co-Authored-By: Benjamin Canou's avatarBenjamin Canou <[email protected]>
Co-Authored-By: Pierre Boutillier's avatarPierre Boutillier <[email protected]>
parent 06398944
Pipeline #143501003 passed with stage
in 8 minutes and 28 seconds
......@@ -46,6 +46,8 @@ type error += Decipher_error
type error += Invalid_message_size
type error += Invalid_incoming_ciphertext_size
type error += Encoding_error
type error += Rejected_socket_connection
......@@ -85,6 +87,19 @@ let () =
Data_encoding.empty
(function Invalid_message_size -> Some () | _ -> None)
(fun () -> Invalid_message_size) ;
(* Invalid incoming ciphertext size *)
register_error_kind
`Permanent
~id:"node.p2p_socket.invalid_incoming_ciphertext_size"
~title:"Invalid incoming ciphertext size"
~description:"The announced size for the incoming ciphertext is invalid."
~pp:(fun ppf () ->
Format.fprintf
ppf
"The announced size for the incoming ciphertext is invalid.")
Data_encoding.empty
(function Invalid_incoming_ciphertext_size -> Some () | _ -> None)
(fun () -> Invalid_incoming_ciphertext_size) ;
(* Encoding error *)
register_error_kind
`Permanent
......
......@@ -33,6 +33,8 @@ type error += Decipher_error
type error += Invalid_message_size
type error += Invalid_incoming_ciphertext_size
type error += Encoding_error
type error += Rejected_socket_connection
......
......@@ -77,6 +77,11 @@ module Crypto = struct
P2p_io_scheduler.read_full ?canceler ~len:header_length fd header_buf
>>=? fun () ->
let encrypted_length = TzEndian.get_uint16 header_buf 0 in
(* Ciphertexts have at least length 16. *)
fail_unless
(encrypted_length >= 16)
P2p_errors.Invalid_incoming_ciphertext_size
>>=? fun () ->
let buf_length = encrypted_length + Crypto_box.boxzerobytes in
let buf = Bytes.make buf_length '\x00' in
P2p_io_scheduler.read_full
......
......@@ -283,9 +283,13 @@ module Secretbox = struct
"ml_NaCl_crypto_secretbox_open_detached" [@@noalloc]
let box ~key ~nonce ~msg ~cmsg =
if Bigstring.length msg < 32 then
invalid_arg "Secretbox.box: msg must be at least 32 bytes long";
box cmsg msg nonce key
let box_open ~key ~nonce ~cmsg ~msg =
if Bigstring.length cmsg < 32 then
invalid_arg "Secretbox.box_open: cmsg must be at least 32 bytes long";
let mac = Bigstring.sub cmsg boxzerobytes boxzerobytes in
match box_open msg cmsg mac nonce key with
| 0 -> true
......@@ -386,6 +390,8 @@ module Box = struct
"ml_NaCl_crypto_box_easy_afternm" [@@noalloc]
let box ~k:(Ck k) ~nonce ~msg ~cmsg =
if Bigstring.length msg < 32 then
invalid_arg "Box.box: msg must be at least 32 bytes long";
box_easy_afternm cmsg msg nonce k
(* msg -> cmsg -> n -> k -> int *)
......@@ -394,6 +400,9 @@ module Box = struct
"ml_NaCl_crypto_box_open_easy_afternm" [@@noalloc]
let box_open ~k:(Ck k) ~nonce ~cmsg ~msg =
(* Ciphertext must contain 16 padding bytes + 16 hmac bytes. *)
if Bigstring.length cmsg < 32 then
invalid_arg "Box.box_open: cmsg must be at least 32 bytes long";
match box_open_easy_afternm msg cmsg nonce k with
| 0 -> true
| _ -> false
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment