Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crypto: check for invalid chacha20-poly1305 IVs #26537

Closed
wants to merge 1 commit into from
Closed

crypto: check for invalid chacha20-poly1305 IVs #26537

wants to merge 1 commit into from

Conversation

sam-github
Copy link
Contributor

@sam-github sam-github commented Mar 8, 2019
edited
Loading

IV lengths of 13, 14, 15, and 16 are invalid, but are not checked by
OpenSSL. IV lengths of 17 or greater are also invalid, but they
were already checked by OpenSSL.

See:

Checklist
  • make -j4 test (UNIX), or vcbuild test (Windows) passes
  • tests and/or benchmarks are included
  • commit message follows commit guidelines

@sam-github sam-github requested a review from tniessen March 8, 2019 23:34
@nodejs-github-bot
Copy link
Collaborator

@sam-github build started: https://ci.nodejs.org/blue/organizations/jenkins/node-test-pull-request-lite-pipeline/detail/node-test-pull-request-lite-pipeline/2829/pipeline

@nodejs-github-bot nodejs-github-bot added c++ Issues and PRs that require attention from people who are familiar with C++. crypto Issues and PRs related to the crypto subsystem. labels Mar 8, 2019
@sam-github sam-github mentioned this pull request Mar 8, 2019
Closed
@sam-github
crypto: check for invalid chacha20-poly1305 IVs
481bc07 
IV lengths of 13, 14, 15, and 16 are invalid, but are not checked by
OpenSSL. IV lengths of 17 or greater are also invalid, but they
were already checked by OpenSSL.

See:
- openssl/openssl@f426625b6a
- https://www.openssl.org/news/secadv/20190306.txt
@sam-github sam-github force-pushed the check-for-invalid-chacha20-poly1305-iv-lengths branch from 13223f1 to 481bc07 Compare March 8, 2019 23:42
@sam-github
Copy link
Contributor Author

ci: https://ci.nodejs.org/job/node-test-pull-request/21360/

@BridgeAR BridgeAR added the author ready PRs that have at least one approval, no pending requests for changes, and a CI started. label Mar 9, 2019
mhdawson
mhdawson approved these changes Mar 11, 2019
View reviewed changes
Copy link
Member

@mhdawson mhdawson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@sam-github
Copy link
Contributor Author

Landed in 8f93c08

@sam-github sam-github closed this Mar 11, 2019
@sam-github sam-github deleted the check-for-invalid-chacha20-poly1305-iv-lengths branch March 11, 2019 18:49
sam-github added a commit that referenced this pull request Mar 11, 2019
@sam-github
crypto: check for invalid chacha20-poly1305 IVs
8f93c08 
IV lengths of 13, 14, 15, and 16 are invalid, but are not checked by
OpenSSL. IV lengths of 17 or greater are also invalid, but they
were already checked by OpenSSL.

See:
- openssl/openssl@f426625b6a
- https://www.openssl.org/news/secadv/20190306.txt

PR-URL: #26537
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
BridgeAR pushed a commit that referenced this pull request Mar 13, 2019
@sam-github @BridgeAR
crypto: check for invalid chacha20-poly1305 IVs
1a0602a 
IV lengths of 13, 14, 15, and 16 are invalid, but are not checked by
OpenSSL. IV lengths of 17 or greater are also invalid, but they
were already checked by OpenSSL.

See:
- openssl/openssl@f426625b6a
- https://www.openssl.org/news/secadv/20190306.txt

PR-URL: #26537
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
@BridgeAR BridgeAR mentioned this pull request Mar 13, 2019
Merged
BridgeAR pushed a commit that referenced this pull request Mar 14, 2019
@sam-github @BridgeAR
crypto: check for invalid chacha20-poly1305 IVs
b9787fd 
IV lengths of 13, 14, 15, and 16 are invalid, but are not checked by
OpenSSL. IV lengths of 17 or greater are also invalid, but they
were already checked by OpenSSL.

See:
- openssl/openssl@f426625b6a
- https://www.openssl.org/news/secadv/20190306.txt

PR-URL: #26537
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
@sam-github sam-github mentioned this pull request Jun 13, 2019
Closed
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bnoordhuis bnoordhuis bnoordhuis approved these changes

@jasnell jasnell jasnell approved these changes

@tniessen tniessen tniessen approved these changes

@BridgeAR BridgeAR BridgeAR approved these changes

@mhdawson mhdawson mhdawson approved these changes

@danbev danbev Awaiting requested review from danbev

Assignees
No one assigned
Labels
author ready PRs that have at least one approval, no pending requests for changes, and a CI started. c++ Issues and PRs that require attention from people who are familiar with C++. crypto Issues and PRs related to the crypto subsystem.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@sam-github @nodejs-github-bot @bnoordhuis @jasnell @tniessen @BridgeAR @mhdawson