[zk-token-sdk] Limit max seed length for key derivations (#33700)
* limit max seed length for elgamal keypairs * limit max seed length for authenticated encryption keys * Apply suggestions from code review Co-authored-by: Jon Cinque <me@jonc.dev> * rename `SeedLengthTooLarge` to `SeedLengthTooLong` --------- Co-authored-by: Jon Cinque <me@jonc.dev>
This commit is contained in:
parent
a5c7c999e2
commit
dd2b1bb5a0
|
@ -50,6 +50,8 @@ pub enum AuthenticatedEncryptionError {
|
||||||
DerivationMethodNotSupported,
|
DerivationMethodNotSupported,
|
||||||
#[error("seed length too short for derivation")]
|
#[error("seed length too short for derivation")]
|
||||||
SeedLengthTooShort,
|
SeedLengthTooShort,
|
||||||
|
#[error("seed length too long for derivation")]
|
||||||
|
SeedLengthTooLong,
|
||||||
}
|
}
|
||||||
|
|
||||||
struct AuthenticatedEncryption;
|
struct AuthenticatedEncryption;
|
||||||
|
@ -172,10 +174,14 @@ impl EncodableKey for AeKey {
|
||||||
impl SeedDerivable for AeKey {
|
impl SeedDerivable for AeKey {
|
||||||
fn from_seed(seed: &[u8]) -> Result<Self, Box<dyn error::Error>> {
|
fn from_seed(seed: &[u8]) -> Result<Self, Box<dyn error::Error>> {
|
||||||
const MINIMUM_SEED_LEN: usize = AE_KEY_LEN;
|
const MINIMUM_SEED_LEN: usize = AE_KEY_LEN;
|
||||||
|
const MAXIMUM_SEED_LEN: usize = 65535;
|
||||||
|
|
||||||
if seed.len() < MINIMUM_SEED_LEN {
|
if seed.len() < MINIMUM_SEED_LEN {
|
||||||
return Err(AuthenticatedEncryptionError::SeedLengthTooShort.into());
|
return Err(AuthenticatedEncryptionError::SeedLengthTooShort.into());
|
||||||
}
|
}
|
||||||
|
if seed.len() > MAXIMUM_SEED_LEN {
|
||||||
|
return Err(AuthenticatedEncryptionError::SeedLengthTooLong.into());
|
||||||
|
}
|
||||||
|
|
||||||
let mut hasher = Sha3_512::new();
|
let mut hasher = Sha3_512::new();
|
||||||
hasher.update(seed);
|
hasher.update(seed);
|
||||||
|
@ -278,4 +284,16 @@ mod tests {
|
||||||
let null_signer = NullSigner::new(&Pubkey::default());
|
let null_signer = NullSigner::new(&Pubkey::default());
|
||||||
assert!(AeKey::new_from_signer(&null_signer, Pubkey::default().as_ref()).is_err());
|
assert!(AeKey::new_from_signer(&null_signer, Pubkey::default().as_ref()).is_err());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[test]
|
||||||
|
fn test_aes_key_from_seed() {
|
||||||
|
let good_seed = vec![0; 32];
|
||||||
|
assert!(AeKey::from_seed(&good_seed).is_ok());
|
||||||
|
|
||||||
|
let too_short_seed = vec![0; 15];
|
||||||
|
assert!(AeKey::from_seed(&too_short_seed).is_err());
|
||||||
|
|
||||||
|
let too_long_seed = vec![0; 65536];
|
||||||
|
assert!(AeKey::from_seed(&too_long_seed).is_err());
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -76,6 +76,8 @@ pub enum ElGamalError {
|
||||||
DerivationMethodNotSupported,
|
DerivationMethodNotSupported,
|
||||||
#[error("seed length too short for derivation")]
|
#[error("seed length too short for derivation")]
|
||||||
SeedLengthTooShort,
|
SeedLengthTooShort,
|
||||||
|
#[error("seed length too long for derivation")]
|
||||||
|
SeedLengthTooLong,
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Algorithm handle for the twisted ElGamal encryption scheme
|
/// Algorithm handle for the twisted ElGamal encryption scheme
|
||||||
|
@ -449,10 +451,14 @@ impl ElGamalSecretKey {
|
||||||
/// Derive an ElGamal secret key from an entropy seed.
|
/// Derive an ElGamal secret key from an entropy seed.
|
||||||
pub fn from_seed(seed: &[u8]) -> Result<Self, ElGamalError> {
|
pub fn from_seed(seed: &[u8]) -> Result<Self, ElGamalError> {
|
||||||
const MINIMUM_SEED_LEN: usize = ELGAMAL_SECRET_KEY_LEN;
|
const MINIMUM_SEED_LEN: usize = ELGAMAL_SECRET_KEY_LEN;
|
||||||
|
const MAXIMUM_SEED_LEN: usize = 65535;
|
||||||
|
|
||||||
if seed.len() < MINIMUM_SEED_LEN {
|
if seed.len() < MINIMUM_SEED_LEN {
|
||||||
return Err(ElGamalError::SeedLengthTooShort);
|
return Err(ElGamalError::SeedLengthTooShort);
|
||||||
}
|
}
|
||||||
|
if seed.len() > MAXIMUM_SEED_LEN {
|
||||||
|
return Err(ElGamalError::SeedLengthTooLong);
|
||||||
|
}
|
||||||
Ok(ElGamalSecretKey(Scalar::hash_from_bytes::<Sha3_512>(seed)))
|
Ok(ElGamalSecretKey(Scalar::hash_from_bytes::<Sha3_512>(seed)))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1026,6 +1032,9 @@ mod tests {
|
||||||
|
|
||||||
let too_short_seed = vec![0; 31];
|
let too_short_seed = vec![0; 31];
|
||||||
assert!(ElGamalKeypair::from_seed(&too_short_seed).is_err());
|
assert!(ElGamalKeypair::from_seed(&too_short_seed).is_err());
|
||||||
|
|
||||||
|
let too_long_seed = vec![0; 65536];
|
||||||
|
assert!(ElGamalKeypair::from_seed(&too_long_seed).is_err());
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
|
|
Loading…
Reference in New Issue