Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

deserialize encryption context should fail on malformed encryption context #57

Open
mattsb42-aws opened this issue Jun 21, 2018 · 2 comments
Open

deserialize encryption context should fail on malformed encryption context #57

mattsb42-aws opened this issue Jun 21, 2018 · 2 comments
Labels
bug good first issue

Comments

@mattsb42-aws
Copy link
Member

If the client deserialization receives a malformed ciphertext that defines the AAD length as 0 and then also defines a AAD fields as 0, the deserialization logic SHOULD raise an error. It does not. Instead, it accidentally interprets it as an empty encryption context.

https://github.com/awslabs/aws-encryption-sdk-python/blob/master/src/aws_encryption_sdk/internal/formatting/encryption_context.py#L159-L164

Example malformed test vector:

b'AYAAFJwN8IgQ9+0sxyy7+90cCCgAAgAAAAEAE1dFQi1DUllQVE8tUlNBLU9BRVAAKDhDRUQyRkQyMEZDODhBOUMwNkVGREIwNzM3MDdFQjFFRjE2NTU3ODABAFbIi+gmSrvejfOCjbE08rTYHym2uLWsiizQHnTy3z8/VeR+7MKvNv7ZfPf5LX7i9amYwxCMISvY+BCcndLakH/RlDUdgz5/Q0KAxrE5LX7DHxO/wMviJCi+qXWMb+5u0mhwepRihO/dk+3kGqyaLhnGuA6xqYmThUlCZR5BwfyEddSango7umEWw1YQ8vokjqUzCKRyk3VpXwQTXQLLrBz7ZmZ7Anzn0SoaLYk8D0rPWhKHvUXQDJYDYdQ7vpedxpsE5vliLI98CAcIWllkst964DIBwKgAX6Ic8Nj+8T7VurdK2SFuTH4LIvkebmEGCxngdRpfopEU/Rd0LYXZik4CAAAAAAwAAAAGAAAAAAAAAAAAAAAAK9vNRvymDkoxO6dy67pDuf////8AAAABAAAAAAAAAAAAAAABAAAABTAqmilQragTFTYdPz23w1NMR+c8Uw=='
4gatepylon pushed a commit to 4gatepylon/aws-encryption-sdk-python that referenced this issue Aug 9, 2019
Fixed issue aws#57. Discovered strange behavior with mocks not allowi…
da31b25 
…ng for

functions to be run without the mock being invoked (very confused).

Found issue with tox -e py37-manual and will seek to fix it in a future
set of commits.  Flake8 and linters SHOULD be passing after an autoformat
on this commit.
@4gatepylon 4gatepylon mentioned this issue Aug 9, 2019
Closed
@4gatepylon
Copy link

Dealt with it on PR #186.

@acioc
Copy link

acioc commented Dec 5, 2020

Closed stale PR for this issue

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug good first issue
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@acioc @4gatepylon @mattsb42-aws