Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(core-forger): use correct IV length for encryption #3036

Merged
merged 4 commits into from Oct 8, 2019

Conversation

@faustbrian
Copy link
Collaborator

commented Oct 7, 2019

Summary

Commit digitalbazaar/forge@9979169 in node-forge introduced a new error that is thrown when the IV length isn't matching what would be expected digitalbazaar/forge@9979169#diff-e118e6ad049019e947a73be26a7d966cR972-R976

Previously this just worked even though the IV length was invalid but now node-forge throws an exception like below. Relies on #3025 to pass tests.

Error: Invalid IV length; got 6 bytes and expected 16 bytes.
    at transformIV (/Users/dev/Code/core/node_modules/node-forge/lib/cipherModes.js:973:11)
    at Object.<anonymous>.modes.cbc.start (/Users/dev/Code/core/node_modules/node-forge/lib/cipherModes.js:122:16)
    at Object.<anonymous>.forge.cipher.BlockCipher.Object.<anonymous>.BlockCipher.start (/Users/dev/Code/core/node_modules/node-forge/lib/cipher.js:158:13)
    at Delegate.encryptDataWithOtp (/Users/dev/Code/core/packages/core-forger/src/delegate.ts:137:16)
    at Delegate.encryptKeysWithOtp (/Users/dev/Code/core/packages/core-forger/src/delegate.ts:68:35)
    at new Delegate (/Users/dev/Code/core/packages/core-forger/src/delegate.ts:49:22)
    at Object.<anonymous> (/Users/dev/Code/core/__tests__/unit/core-forger/delegate.test.ts:28:34)
    at Object.asyncJestTest (/Users/dev/Code/core/node_modules/jest-jasmine2/build/jasmineAsyncInstall.js:102:37)
    at /Users/dev/Code/core/node_modules/jest-jasmine2/build/queueRunner.js:43:12
    at new Promise (<anonymous>)

Checklist

  • Documentation (if necessary)
  • Tests (if necessary)
  • Ready to be merged
faustbrian added 2 commits Oct 6, 2019
wip
@codecov

This comment has been minimized.

Copy link

commented Oct 7, 2019

Codecov Report

Merging #3036 into develop will increase coverage by 36.11%.
The diff coverage is 100%.

Impacted file tree graph

@@             Coverage Diff              @@
##           develop    #3036       +/-   ##
============================================
+ Coverage    29.52%   65.64%   +36.11%     
============================================
  Files          425      425               
  Lines        11733    11732        -1     
  Branches      1595     1595               
============================================
+ Hits          3464     7701     +4237     
+ Misses        8237     3995     -4242     
- Partials        32       36        +4
Impacted Files Coverage Δ
packages/core-forger/src/delegate.ts 100% <100%> (+60.65%) ⬆️
packages/crypto/src/utils/base58.ts 100% <0%> (+7.14%) ⬆️
...ckages/core-transaction-pool/src/wallet-manager.ts 100% <0%> (+7.14%) ⬆️
...ckages/core-transactions/src/transaction-reader.ts 8.33% <0%> (+8.33%) ⬆️
packages/crypto/src/transactions/types/factory.ts 100% <0%> (+8.33%) ⬆️
packages/core-container/src/config/file-loader.ts 10.86% <0%> (+10.86%) ⬆️
packages/core-transaction-pool/src/manager.ts 100% <0%> (+11.11%) ⬆️
...ckages/core-p2p/src/socket-server/versions/peer.ts 60% <0%> (+12.72%) ⬆️
packages/core-utils/src/httpie.ts 12.9% <0%> (+12.9%) ⬆️
packages/core-p2p/src/utils/is-valid-version.ts 100% <0%> (+14.28%) ⬆️
... and 191 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 516a586...6211a63. Read the comment docs.

wip
@faustbrian faustbrian merged commit 2aad9ef into develop Oct 8, 2019
81 of 83 checks passed
81 of 83 checks passed
crypto (10.x)
Details
bridgechain-registration (10.x)
Details
unit (10.x)
Details
unit (12.x)
Details
crypto (12.x)
Details
bridgechain-registration (12.x)
Details
bridgechain-resignation (10.x)
Details
integration (10.x)
Details
bridgechain-resignation (12.x)
Details
integration (12.x)
Details
e2e (10.x)
Details
bridgechain-update (10.x)
Details
bridgechain-update (12.x)
Details
e2e (12.x)
Details
business-registration (10.x)
Details
business-registration (12.x)
Details
business-resignation (10.x)
Details
business-resignation (12.x)
Details
business-update (10.x)
Details
business-update (12.x)
Details
delegate-registration (10.x)
Details
delegate-registration (12.x)
Details
delegate-resignation (10.x)
Details
delegate-resignation (12.x)
Details
htlc-claim (10.x)
Details
htlc-claim (12.x)
Details
htlc-lock (10.x)
Details
htlc-lock (12.x)
Details
htlc-refund (10.x)
Details
htlc-refund (12.x)
Details
ipfs (10.x)
Details
ipfs (12.x)
Details
multi-payment (10.x)
Details
multi-payment (12.x)
Details
multi-signature-registration (10.x)
Details
multi-signature-registration (12.x)
Details
second-signature-registration (10.x)
Details
second-signature-registration (12.x)
Details
transfer (10.x)
Details
transfer (12.x)
Details
vote (10.x)
Details
vote (12.x)
Details
LGTM analysis: JavaScript No new or fixed alerts
Details
codeclimate All good!
Details
codecov/patch 100% of diff hit (target 29.52%)
Details
codecov/project 65.64% (+36.11%) compared to 516a586
Details
security/snyk - __tests__/e2e/package.json (ArkEcosystem) No manifest changes detected
security/snyk - package.json (ArkEcosystem) No new, high severity issues
Details
security/snyk - packages/core-api/package.json (ArkEcosystem) No manifest changes detected
security/snyk - packages/core-blockchain/package.json (ArkEcosystem) No manifest changes detected
security/snyk - packages/core-container/package.json (ArkEcosystem) No manifest changes detected
security/snyk - packages/core-database-postgres/package.json (ArkEcosystem) No manifest changes detected
security/snyk - packages/core-database/package.json (ArkEcosystem) No manifest changes detected
security/snyk - packages/core-elasticsearch/package.json (ArkEcosystem) No manifest changes detected
security/snyk - packages/core-error-tracker-airbrake/package.json (ArkEcosystem) No manifest changes detected
security/snyk - packages/core-error-tracker-bugsnag/package.json (ArkEcosystem) No manifest changes detected
security/snyk - packages/core-error-tracker-raygun/package.json (ArkEcosystem) No manifest changes detected
security/snyk - packages/core-error-tracker-rollbar/package.json (ArkEcosystem) No manifest changes detected
security/snyk - packages/core-error-tracker-sentry/package.json (ArkEcosystem) No manifest changes detected
security/snyk - packages/core-event-emitter/package.json (ArkEcosystem) No manifest changes detected
security/snyk - packages/core-exchange-json-rpc/package.json (ArkEcosystem) No manifest changes detected
security/snyk - packages/core-explorer/package.json (ArkEcosystem) No manifest changes detected
security/snyk - packages/core-forger/package.json (ArkEcosystem) No new, high severity issues
Details
security/snyk - packages/core-http-utils/package.json (ArkEcosystem) No manifest changes detected
security/snyk - packages/core-interfaces/package.json (ArkEcosystem) No manifest changes detected
security/snyk - packages/core-jest-matchers/package.json (ArkEcosystem) No manifest changes detected
security/snyk - packages/core-logger-pino/package.json (ArkEcosystem) No manifest changes detected
security/snyk - packages/core-logger-signale/package.json (ArkEcosystem) No manifest changes detected
security/snyk - packages/core-logger-winston/package.json (ArkEcosystem) No manifest changes detected
security/snyk - packages/core-logger/package.json (ArkEcosystem) No manifest changes detected
security/snyk - packages/core-new-relic/package.json (ArkEcosystem) No manifest changes detected
security/snyk - packages/core-p2p/package.json (ArkEcosystem) No manifest changes detected
security/snyk - packages/core-snapshots/package.json (ArkEcosystem) No manifest changes detected
security/snyk - packages/core-state/package.json (ArkEcosystem) No manifest changes detected
security/snyk - packages/core-tester-cli/package.json (ArkEcosystem) No manifest changes detected
security/snyk - packages/core-transaction-pool/package.json (ArkEcosystem) No manifest changes detected
security/snyk - packages/core-transactions/package.json (ArkEcosystem) No manifest changes detected
security/snyk - packages/core-utils/package.json (ArkEcosystem) No manifest changes detected
security/snyk - packages/core-vote-report/package.json (ArkEcosystem) No manifest changes detected
security/snyk - packages/core-wallet-api/package.json (ArkEcosystem) No manifest changes detected
security/snyk - packages/core-webhooks/package.json (ArkEcosystem) No manifest changes detected
security/snyk - packages/core/package.json (ArkEcosystem) No manifest changes detected
security/snyk - packages/crypto/package.json (ArkEcosystem) No new, high severity issues
Details
@faustbrian faustbrian deleted the fix/iv-length branch Oct 8, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
3 participants
You can’t perform that action at this time.