Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Serialization of encryption context needs to check for single too-long key or value #55

Open
david-koenig opened this issue Jun 19, 2018 · 2 comments
Open

Serialization of encryption context needs to check for single too-long key or value #55

david-koenig opened this issue Jun 19, 2018 · 2 comments
Labels
bug good first issue

Comments

@david-koenig
Copy link
Contributor

Serialization format of encryption context does not allow any individual key or value to be longer than 2^16-1 bytes. Does serialization code check for this limitation? Do we have test vectors that detect this issue?
@mattsb42-aws
Copy link
Member

mattsb42-aws commented Jul 25, 2018
edited
Loading

Note for reference: this will implicitly throw an error when we try to serialize the value. We should instead throw a SerializationError with an appropriate message.

>>> import struct
>>> struct.pack('>H', 2**16 - 1)
b'\xff\xff'
>>> struct.pack('>H', 2**16)
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
struct.error: 'H' format requires 0 <= number <= 65535

@4gatepylon 4gatepylon mentioned this issue Aug 15, 2019
Closed
@4gatepylon
Copy link

I've fixed this issue and made a PR at #188

4gatepylon pushed a commit to 4gatepylon/aws-encryption-sdk-python that referenced this issue Aug 19, 2019
Second round of Liz's commends on issue aws#55.
b693a53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug good first issue
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@4gatepylon @mattsb42-aws @david-koenig