fred icon indicating copy to clipboard operation
fred copied to clipboard
verified publisher icon freenet

Cryptbucket check nonce length

Open ArneBab opened this issue 8 years ago • 5 comments

addresses https://freenet.mantishub.io/view.php?id=6363

based on the patch therein. For review and testing.

ArneBab avatar Oct 17 '17 15:10 ArneBab

AEADOutputStream talks about nonce[0] &= 0x7F but doesn't enforce it in its constructor; IMHO we want/need both

nextgens avatar Oct 19 '17 08:10 nextgens

Let me be more clear: either we try to "fix" what we get (masking the bit we discard) or we enforce that we never create a bucket with it set... right now we don't...

My preferred solution is to mask the bit rather than throw (to keep backward compatibility)

nextgens avatar Oct 19 '17 08:10 nextgens

@nextgens could you file a new pull-request which does what you prefer?

ArneBab avatar Oct 10 '18 20:10 ArneBab

I will try to have a look this week-end

nextgens avatar Oct 11 '18 07:10 nextgens

Thank you!

ArneBab avatar Oct 11 '18 21:10 ArneBab