fix panic on invalid key sizes

transfer
Avril 4 years ago
parent 4f89807a04
commit bf5d2d6d6b
Signed by: flanchan
GPG Key ID: 284488987C31F630

2
Cargo.lock generated

@ -34,7 +34,7 @@ checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd"
[[package]] [[package]]
name = "chacha20" name = "chacha20"
version = "0.1.0" version = "1.0.0"
dependencies = [ dependencies = [
"base64", "base64",
"getrandom", "getrandom",

@ -131,7 +131,8 @@ impl str::FromStr for Key
base64::decode_config_buf(s.as_bytes(), base64::STANDARD, &mut buffer)?; base64::decode_config_buf(s.as_bytes(), base64::STANDARD, &mut buffer)?;
let mut this = Self::default(); let mut this = Self::default();
this.0.copy_from_slice(&buffer[..]); let sz = std::cmp::min(KEY_SIZE, buffer.len());
this.0.copy_from_slice(&buffer[..sz]);
Ok(this) Ok(this)
} }
} }
@ -145,7 +146,8 @@ impl str::FromStr for IV
base64::decode_config_buf(s.as_bytes(), base64::STANDARD, &mut buffer)?; base64::decode_config_buf(s.as_bytes(), base64::STANDARD, &mut buffer)?;
let mut this = Self::default(); let mut this = Self::default();
this.0.copy_from_slice(&buffer[..]); let sz = std::cmp::min(IV_SIZE, buffer.len());
this.0.copy_from_slice(&buffer[..sz]);
Ok(this) Ok(this)
} }
} }

@ -41,9 +41,10 @@ fn keys() -> Result<(Mode, Key, IV), base64::DecodeError>
eprintln!("Usage: {} decrypt [<base64 key>] [<base64 iv>]", prog_name); eprintln!("Usage: {} decrypt [<base64 key>] [<base64 iv>]", prog_name);
eprintln!("Usage: {} keygen", prog_name); eprintln!("Usage: {} keygen", prog_name);
eprintln!(); eprintln!();
eprintln!("(Key size is {}, IV size is {})\n", cha::KEY_SIZE, cha::IV_SIZE); eprintln!("(Key size is {}, IV size is {})", cha::KEY_SIZE, cha::IV_SIZE);
eprintln!("encrypt/decrypt:\n\tIf key and/or IV are not provided, they are generated randomly and printed to stderr in order on one line each"); eprintln!("\nencrypt/decrypt:\n\tIf key and/or IV are not provided, they are generated randomly and printed to stderr in order on one line each");
eprintln!("keygen:\n\tThe key/iv is printed in the same way as auto-generated keys for the en/decryption modes, but to stdout instead of stderr"); eprintln!("\tIf the key and/or IV provided's size is lower than the cipher's key/IV size, the rest of the key/IV padded with 0s. If the size is higher, the extra bytes are ignored.");
eprintln!("\nkeygen:\n\tThe key/iv is printed in the same way as auto-generated keys for the en/decryption modes, but to stdout instead of stderr");
std::process::exit(1) std::process::exit(1)
} }
}; };

Loading…
Cancel
Save