Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make sure we can decrypt what we have encrypted before returning it to the user. #105

Merged
merged 1 commit into from
Jul 16, 2014
Merged

Make sure we can decrypt what we have encrypted before returning it to the user. #105

merged 1 commit into from
Jul 16, 2014

Conversation

Natim
Copy link
Contributor

@Natim Natim commented Jul 16, 2014

No description provided.

tarekziade
tarekziade reviewed Jul 16, 2014
View reviewed changes
msisdn-gateway/encrypt.js
return JSON.stringify(data);
try {
var jsonCipher = JSON.stringify(data);
decrypt(hawkId, jsonCipher);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

decrypt is not defined according to Travis

@Natim
Copy link
Contributor Author

Natim commented Jul 16, 2014

Updated.

@tarekziade
Copy link
Contributor

lgtm

tarekziade added a commit that referenced this pull request Jul 16, 2014
@tarekziade
Merge pull request #105 from mozilla-services/fix_decrypt_error
599c21a 
Make sure we can decrypt what we have encrypted before returning it to the user.
@tarekziade tarekziade merged commit 599c21a into master Jul 16, 2014
@tarekziade tarekziade deleted the fix_decrypt_error branch July 16, 2014 12:15
@warner warner mentioned this pull request Jul 17, 2014
Closed
@warner
Copy link

warner commented Jul 19, 2014

FYI, the errors were traced down to a node-sodium memory-management bug which caused corrupted messages once every few thousand operations. The proposed fix is in paixaop/node-sodium#20 , and resolves the problem in my local tests. The try-again-after-failure approach is also sound (it's possible, but unlikely, that it will fail multiple times in a row, and so that function might take a while to finish, but there's no exit path that will result in an undecryptable message).

If it takes the node-sodium folks a while to get a new release out, you might want to look at other places where you're using those APIs and consider similar guards.

@Natim
Copy link
Contributor Author

Natim commented Jul 21, 2014

Thank you @warner for the digging.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@Natim @tarekziade @warner