Skip to content

Commit

Permalink
Merge pull request #5 from Cosmian/fix/decrypt_bad_header
Browse files Browse the repository at this point in the history 
Fix decryption header with invalid first bytes in encrypted header
  • Loading branch information
@bgrieder
bgrieder authored May 25, 2022
2 parents ac8c799 + c465f80 commit 131e8cd
Show file tree
Hide file tree
Showing 6 changed files with 119 additions and 20 deletions.
27 changes: 27 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
# Changelog

All notable changes to this project will be documented in this file.

---
## [1.0.2] - 2022-05-25
### Added
### Changed
### Fixed
- Fix decryption header with invalid first bytes in encrypted header
### Removed

---
## [1.0.1] - 2022-05-24
### Added
### Changed
### Fixed
- fix zero length metadata bug + fix symmetric overhead size bug + bump crypto_base to 1.2.2
### Removed

---
## [1.0.0] - 2022-05-23
### Added
- Cosmian Attributes Based Encryption (ABE) implementation 1.0.0
### Changed
### Fixed
### Removed
2 changes: 1 addition & 1 deletion Cargo.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion Cargo.toml
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "cover_crypt"
version = "1.0.1"
version = "1.0.2"
edition = "2021"
authors = [
"Théophile Brezot <[email protected]>",
Expand Down
1 change: 1 addition & 0 deletions src/interfaces/regression_vector.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
{"user_decryption_key":"7b2230303030303030313030303030303037223a5b35382c3139372c3135322c3135322c3136382c3136312c3235352c3130342c3138382c38352c32352c3231372c39312c34342c3136362c3133322c39322c33382c36392c39312c32332c3234302c3138352c3131312c3137322c37312c392c38332c34362c3130332c32372c31335d2c2230303030303030333030303030303038223a5b3230302c3231372c362c36362c3133332c3138382c35352c34332c3232362c33392c38322c372c37332c3131392c3233372c34332c3134352c38362c3132322c39362c3136322c34332c3136372c3135332c36322c38372c3133362c3137322c3135332c32332c37312c31335d2c2230303030303030333030303030303037223a5b35382c39392c3233342c37302c3139372c3136392c3233342c37372c3138322c33302c3139362c36312c3134312c3139362c34322c3232392c34332c3133352c3138332c37312c3136392c38322c3235312c34342c33372c33372c3133352c3230302c3132322c3133372c3235352c375d2c2230303030303030323030303030303038223a5b3132302c34362c3136352c3231372c3138342c3234322c3137392c3132322c3130342c3130332c3232382c3130322c3139382c32382c3234322c3232312c3131362c3139342c33322c3134312c37382c3132312c322c39302c3135372c3230332c3138372c3138372c31362c37342c3136382c31305d2c2230303030303030323030303030303037223a5b3234312c3138362c39342c3233372c3230372c38372c32362c3233332c36342c3233352c39362c3137352c35372c3136302c34352c3231362c3235322c3136362c3137362c3234302c3233382c31392c38392c3132362c3232372c3231372c3135352c38352c3133392c3131302c3132342c31345d2c2230303030303030313030303030303038223a5b3234372c3234332c3232392c3235332c3233382c31382c3139362c3131312c33392c3130392c3134312c3135382c3139382c3136302c38302c3230372c382c3137362c37322c3136352c3136342c34342c3235352c3133332c3130322c342c35352c31382c3137322c3235312c31312c31355d7d","header_bytes":"000008427b2230303030303030323030303030303035223a5b5b3139352c33332c36372c3139342c3231302c39392c3232382c31372c3232352c372c3138372c332c3130392c3136342c33352c3135312c3136322c37332c32312c35382c3232372c3231382c32362c3136322c3134322c37352c3139312c3230342c3138322c3138332c3233342c3230332c39362c3231392c32302c3130352c3133332c34352c3231332c35362c3132332c3231342c3233392c3130392c33372c3134302c37352c3233302c38392c3234362c362c3136342c3234342c38342c38312c3138392c34382c3232372c3135382c39302c392c3132312c34342c36392c32352c3132322c32352c37332c3232362c3235352c34382c3132382c3231312c3234342c3235322c3132332c362c3233312c33322c3135342c3136302c3136372c31392c3135332c33312c3231312c39382c3134332c3230302c3233362c36352c312c37362c3133322c3136312c34342c3132352c322c34312c35302c3234312c3137352c3233382c3137302c35392c31392c39382c33302c3138332c32342c3135302c3235312c36352c3136372c31322c3131392c3138392c3235302c3232312c3139382c36362c3232332c3233372c35392c32312c38382c3132322c3136362c3139372c38362c37352c34302c3131302c3233322c3138342c32392c38302c3131332c31332c3232372c3235352c35362c3235312c3135372c31392c3130362c34392c3232372c34332c35392c3139362c3235302c32312c3232362c37362c3139302c33362c3233302c37332c33342c35312c31392c3136352c3230372c322c3132362c3230322c32372c34352c39332c3130342c3138332c33342c33362c3137362c3136302c34372c3234302c32312c31372c37382c3233302c3233332c34302c35332c31322c3137392c3134332c332c3131312c32372c34312c36372c3133392c3131302c3138352c3133322c3138372c3231322c31302c3132332c3135362c3139342c3231362c35302c3139342c38382c3235302c3132342c3137342c352c3135322c3233332c3131372c35312c39312c34392c39302c3139352c39342c3136312c3138382c3233302c3133312c3136332c39382c3132322c3133352c372c3235312c3230302c31322c3234362c3231362c36332c32342c36332c3234352c3234322c332c3134302c33382c36372c31382c3132312c3233362c31372c33352c37382c3234362c3139302c3234392c3138322c39392c31302c33335d2c5b3130382c3135392c3132312c35302c3138362c3231392c38382c3231362c3231382c3135392c3139392c3135352c3134332c3137342c36352c36392c3138392c3131352c3232372c32312c3233312c3139322c3134382c3136352c35362c3130322c342c3230372c3138372c3136342c3232362c39335d5d2c2230303030303030323030303030303038223a5b5b3131342c34342c38312c3139342c3230322c362c3131362c3234362c37332c3231332c3130342c3232302c3131352c3234332c34352c3137382c37332c3131302c34322c3130372c37312c3130352c3135362c3235322c3133392c3234322c32382c3231362c3234302c36392c3234302c3231312c33332c3138312c3138322c3135372c3230372c34392c352c3131382c38322c332c3135382c3131362c3137382c39352c3233392c37382c3133322c34302c34302c3232302c3138372c3138332c38362c3235322c3133352c3131352c38362c3230302c3135302c3132362c3139342c38382c3139332c392c3130332c3130372c3133352c32312c3134332c3235342c32312c39312c3131322c31332c3133372c3132372c3231382c3231352c37302c3234382c31382c302c38322c3235312c3136372c31352c352c3130362c3233372c3137342c3133392c3131332c3233332c3133302c39302c33382c3135352c3134312c3233312c3133392c3132392c33362c37342c3230342c3233392c32302c3132332c3137322c3230302c33382c372c3230392c3132392c3131312c35322c3136322c39332c35322c3137342c3138352c38362c3132382c3132332c3135352c36302c31352c3138332c3130382c3130362c36302c3132322c34342c3132322c3234392c3139302c37352c3132332c39302c3132352c3139372c3138332c3136392c3233322c35332c3230362c3233382c39322c3234392c39372c3136362c3230382c3132392c31352c3131362c3133372c3136312c3135372c3131322c3134392c3139332c3132372c39322c31342c3136322c3134352c322c37372c35382c36302c3135332c35302c31342c33362c3134342c3233372c3139352c3138382c32382c3230382c3130352c36322c3134352c3234342c3139312c3235342c3131362c33322c3138392c3130312c3131332c3132342c36392c3133372c3135392c3136332c3134352c33352c3137372c3139342c34332c3137302c3137362c3131362c3139392c39382c35372c3230352c3135382c3139352c3231352c36312c3230332c31312c38332c3135342c3134322c3132352c3234352c3131352c36322c3135332c3132382c382c32342c3134362c3139382c3233382c32302c3136382c39372c3133372c3235312c36312c3130392c3231332c38332c3132382c3231392c392c37362c36392c3132332c3232352c3135332c3137302c35382c3135312c37372c3232332c3134332c3132392c3231372c37382c3131335d2c5b33322c3136392c3138362c3232392c3233332c362c3139312c3231352c3231332c3136332c3230352c38302c3133352c3232362c3139352c3138322c3134392c3130312c38342c3235312c3134332c32362c3130342c3233322c37342c3234312c3135332c37322c3133342c3133392c35382c3132305d5d7d36867a609c394ee5be0ddea5d473464d15a65a5c3df1b7b9c9ca86ef17ae15755ae7a52d","encrypted_bytes":"0000086a000008427b2230303030303030323030303030303035223a5b5b3139352c33332c36372c3139342c3231302c39392c3232382c31372c3232352c372c3138372c332c3130392c3136342c33352c3135312c3136322c37332c32312c35382c3232372c3231382c32362c3136322c3134322c37352c3139312c3230342c3138322c3138332c3233342c3230332c39362c3231392c32302c3130352c3133332c34352c3231332c35362c3132332c3231342c3233392c3130392c33372c3134302c37352c3233302c38392c3234362c362c3136342c3234342c38342c38312c3138392c34382c3232372c3135382c39302c392c3132312c34342c36392c32352c3132322c32352c37332c3232362c3235352c34382c3132382c3231312c3234342c3235322c3132332c362c3233312c33322c3135342c3136302c3136372c31392c3135332c33312c3231312c39382c3134332c3230302c3233362c36352c312c37362c3133322c3136312c34342c3132352c322c34312c35302c3234312c3137352c3233382c3137302c35392c31392c39382c33302c3138332c32342c3135302c3235312c36352c3136372c31322c3131392c3138392c3235302c3232312c3139382c36362c3232332c3233372c35392c32312c38382c3132322c3136362c3139372c38362c37352c34302c3131302c3233322c3138342c32392c38302c3131332c31332c3232372c3235352c35362c3235312c3135372c31392c3130362c34392c3232372c34332c35392c3139362c3235302c32312c3232362c37362c3139302c33362c3233302c37332c33342c35312c31392c3136352c3230372c322c3132362c3230322c32372c34352c39332c3130342c3138332c33342c33362c3137362c3136302c34372c3234302c32312c31372c37382c3233302c3233332c34302c35332c31322c3137392c3134332c332c3131312c32372c34312c36372c3133392c3131302c3138352c3133322c3138372c3231322c31302c3132332c3135362c3139342c3231362c35302c3139342c38382c3235302c3132342c3137342c352c3135322c3233332c3131372c35312c39312c34392c39302c3139352c39342c3136312c3138382c3233302c3133312c3136332c39382c3132322c3133352c372c3235312c3230302c31322c3234362c3231362c36332c32342c36332c3234352c3234322c332c3134302c33382c36372c31382c3132312c3233362c31372c33352c37382c3234362c3139302c3234392c3138322c39392c31302c33335d2c5b3130382c3135392c3132312c35302c3138362c3231392c38382c3231362c3231382c3135392c3139392c3135352c3134332c3137342c36352c36392c3138392c3131352c3232372c32312c3233312c3139322c3134382c3136352c35362c3130322c342c3230372c3138372c3136342c3232362c39335d5d2c2230303030303030323030303030303038223a5b5b3131342c34342c38312c3139342c3230322c362c3131362c3234362c37332c3231332c3130342c3232302c3131352c3234332c34352c3137382c37332c3131302c34322c3130372c37312c3130352c3135362c3235322c3133392c3234322c32382c3231362c3234302c36392c3234302c3231312c33332c3138312c3138322c3135372c3230372c34392c352c3131382c38322c332c3135382c3131362c3137382c39352c3233392c37382c3133322c34302c34302c3232302c3138372c3138332c38362c3235322c3133352c3131352c38362c3230302c3135302c3132362c3139342c38382c3139332c392c3130332c3130372c3133352c32312c3134332c3235342c32312c39312c3131322c31332c3133372c3132372c3231382c3231352c37302c3234382c31382c302c38322c3235312c3136372c31352c352c3130362c3233372c3137342c3133392c3131332c3233332c3133302c39302c33382c3135352c3134312c3233312c3133392c3132392c33362c37342c3230342c3233392c32302c3132332c3137322c3230302c33382c372c3230392c3132392c3131312c35322c3136322c39332c35322c3137342c3138352c38362c3132382c3132332c3135352c36302c31352c3138332c3130382c3130362c36302c3132322c34342c3132322c3234392c3139302c37352c3132332c39302c3132352c3139372c3138332c3136392c3233322c35332c3230362c3233382c39322c3234392c39372c3136362c3230382c3132392c31352c3131362c3133372c3136312c3135372c3131322c3134392c3139332c3132372c39322c31342c3136322c3134352c322c37372c35382c36302c3135332c35302c31342c33362c3134342c3233372c3139352c3138382c32382c3230382c3130352c36322c3134352c3234342c3139312c3235342c3131362c33322c3138392c3130312c3131332c3132342c36392c3133372c3135392c3136332c3134352c33352c3137372c3139342c34332c3137302c3137362c3131362c3139392c39382c35372c3230352c3135382c3139352c3231352c36312c3230332c31312c38332c3135342c3134322c3132352c3234352c3131352c36322c3135332c3132382c382c32342c3134362c3139382c3233382c32302c3136382c39372c3133372c3235312c36312c3130392c3231332c38332c3132382c3231392c392c37362c36392c3132332c3232352c3135332c3137302c35382c3135312c37372c3232332c3134332c3132392c3231372c37382c3131335d2c5b33322c3136392c3138362c3232392c3233332c362c3139312c3231352c3231332c3136332c3230352c38302c3133352c3232362c3139352c3138322c3134392c3130312c38342c3235312c3134332c32362c3130342c3233322c37342c3234312c3135332c37322c3133342c3133392c35382c3132305d5d7d36867a609c394ee5be0ddea5d473464d15a65a5c3df1b7b9c9ca86ef17ae15755ae7a52d91e0b655b0931b492e725a24c79e025129d5ed1d74e9ae811e2cdffe71da0a7a3ff01c061c59b87989f20985a3","uid":"75736572"}
74 changes: 63 additions & 11 deletions src/interfaces/statics.rs
View file
Original file line number Diff line number Diff line change
@@ -1,15 +1,17 @@
use crate::{
api::{self, CoverCrypt, PrivateKey, PublicKey},
error::Error,
policies::{Attribute, Policy},
};
use std::ops::DerefMut;

use cosmian_crypto_base::{
entropy::CsRng,
hybrid_crypto::{Block, Dem, Kem, Metadata},
KeyTrait,
};
use serde::{Deserialize, Serialize};
use std::ops::DerefMut;

use crate::{
api::{self, CoverCrypt, PrivateKey, PublicKey},
error::Error,
policies::{Attribute, Policy},
};

/// An EncryptedHeader returned by the `encrypt_hybrid_header` function
#[derive(Serialize, Deserialize)]
Expand Down Expand Up @@ -93,7 +95,13 @@ pub fn decrypt_hybrid_header<KEM: Kem, DEM: Dem>(
// get the encapsulation size (u32)
let mut index = 4;
let encapsulation_size = u32::from_be_bytes(header_bytes[..index].try_into()?) as usize;

let header_size = header_bytes.len();
if encapsulation_size > header_size - 4 {
return Err(Error::InvalidSize(format!(
"Invalid Header bytes: the 4 first bytes (big endian encoded) give an u32 value \
greater than the header size ({encapsulation_size} against {header_size})"
)));
}
// get the encapsulation
let E = header_bytes[index..index + encapsulation_size].to_owned();
index += encapsulation_size;
Expand All @@ -105,7 +113,7 @@ pub fn decrypt_hybrid_header<KEM: Kem, DEM: Dem>(
let K = cover_crypt.decrypt_symmetric_key(user_decryption_key, &E, DEM::Key::LENGTH)?;

// decrypt the metadata if any
let meta_data = if index >= header_bytes.len() {
let meta_data = if index >= header_size {
Metadata::default()
} else {
Metadata::from_bytes(
Expand Down Expand Up @@ -188,13 +196,21 @@ pub fn decrypt_hybrid_block<KEM: Kem, DEM: Dem, const MAX_CLEAR_TEXT_SIZE: usize

#[cfg(test)]
mod tests {
use crate::policies::{ap, Attribute, PolicyAxis};

use super::*;
use cosmian_crypto_base::{
asymmetric::ristretto::X25519Crypto, symmetric_crypto::aes_256_gcm_pure::Aes256GcmCrypto,
};
use serde_json::Value;

use super::*;
use crate::policies::{ap, Attribute, PolicyAxis};

#[derive(Serialize, Deserialize)]
struct RegressionVector {
user_decryption_key: String,
header_bytes: String,
encrypted_bytes: String,
uid: String,
}
#[test]
fn test_hybrid_encryption_decryption() -> Result<(), Error> {
//
Expand Down Expand Up @@ -265,6 +281,42 @@ mod tests {

assert_eq!(message.to_vec(), res);

// Generate regression vectors
let mut encrypted_bytes = (encrypted_header.header_bytes.len() as u32)
.to_be_bytes()
.to_vec();
encrypted_bytes.extend_from_slice(&encrypted_header.header_bytes);
encrypted_bytes.extend_from_slice(&encrypted_block);

let reg_vectors = RegressionVector {
user_decryption_key: hex::encode(serde_json::to_vec(&sk_u)?),
header_bytes: hex::encode(encrypted_header.header_bytes.clone()),
encrypted_bytes: hex::encode(encrypted_bytes),
uid: hex::encode(uid),
};
std::fs::write(
"regression_vector.json",
serde_json::to_string(&reg_vectors).unwrap(),
)
.unwrap();

Ok(())
}

#[test]
fn test_non_reg_decrypt_hybrid_header() {
let reg_vector_json: Value =
serde_json::from_str(include_str!("regression_vector.json")).unwrap();

let user_decryption_key =
hex::decode(reg_vector_json["user_decryption_key"].as_str().unwrap()).unwrap();
let header_bytes = hex::decode(reg_vector_json["header_bytes"].as_str().unwrap()).unwrap();

let user_decryption_key_from_file = serde_json::from_slice(&user_decryption_key).unwrap();
assert!(decrypt_hybrid_header::<X25519Crypto, Aes256GcmCrypto>(
&user_decryption_key_from_file,
&header_bytes[4..], // provoke InvalidSize error
)
.is_err());
}
}
33 changes: 26 additions & 7 deletions src/interfaces/wasm_bindgen/tests.rs
View file
Original file line number Diff line number Diff line change
@@ -1,17 +1,19 @@
use cosmian_crypto_base::{
asymmetric::ristretto::X25519Crypto, hybrid_crypto::Metadata,
symmetric_crypto::aes_256_gcm_pure::Aes256GcmCrypto,
};
use serde_json::Value;
use wasm_bindgen_test::*;

use crate::{
api::{self, CoverCrypt},
error::Error,
interfaces::{
statics::{ClearTextHeader, EncryptedHeader},
statics::{decrypt_hybrid_header, ClearTextHeader, EncryptedHeader},
wasm_bindgen::hybrid_cc_aes::*,
},
policies::{ap, Attribute, Policy, PolicyAxis},
};
use cosmian_crypto_base::{
asymmetric::ristretto::X25519Crypto, hybrid_crypto::Metadata,
symmetric_crypto::aes_256_gcm_pure::Aes256GcmCrypto,
};
use wasm_bindgen_test::*;

fn encrypt_header(
metadata: &Metadata,
Expand Down Expand Up @@ -47,7 +49,7 @@ fn decrypt_header(
}

#[wasm_bindgen_test]
pub fn test_non_reg_decrypt_hybrid_header() {
pub fn test_decrypt_hybrid_header() {
//
// Policy settings
//
Expand Down Expand Up @@ -99,3 +101,20 @@ pub fn test_non_reg_decrypt_hybrid_header() {
&decrypted_header.meta_data.additional_data
);
}

#[wasm_bindgen_test]
fn test_non_reg_decrypt_hybrid_header() {
let reg_vector_json: Value =
serde_json::from_str(include_str!("../regression_vector.json")).unwrap();

let user_decryption_key =
hex::decode(reg_vector_json["user_decryption_key"].as_str().unwrap()).unwrap();
let header_bytes = hex::decode(reg_vector_json["header_bytes"].as_str().unwrap()).unwrap();

let user_decryption_key_from_file = serde_json::from_slice(&user_decryption_key).unwrap();
decrypt_hybrid_header::<X25519Crypto, Aes256GcmCrypto>(
&user_decryption_key_from_file,
&header_bytes,
)
.unwrap();
}

0 comments on commit 131e8cd

Please sign in to comment.