Skip to content

Commit a3b7196

Browse files
Potentially Inconsistent Coordinate Slicing (#299)
* Replaced potentially unexpected accesses to coordinate slices with consistent ranges no matter if the raw representation is a root or a slice of data * Updated uses of `.suffix(from:)` with `.dropFirst()` to prevent issues with potential non-0 start indexes
1 parent b6a32eb commit a3b7196

File tree

3 files changed

+14
-14
lines changed

3 files changed

+14
-14
lines changed

Sources/Crypto/HPKE/Ciphersuite/HPKE-AEAD.swift

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -82,9 +82,9 @@ extension HPKE {
8282
internal func seal<D: DataProtocol, AD: DataProtocol>(_ message: D, authenticating aad: AD, nonce: Data, using key: SymmetricKey) throws -> Data {
8383
switch self {
8484
case .chaChaPoly:
85-
return try ChaChaPoly.seal(message, using: key, nonce: ChaChaPoly.Nonce(data: nonce), authenticating: aad).combined.suffix(from: nonce.count)
85+
return try ChaChaPoly.seal(message, using: key, nonce: ChaChaPoly.Nonce(data: nonce), authenticating: aad).combined.dropFirst(nonce.count)
8686
default:
87-
return try AES.GCM.seal(message, using: key, nonce: AES.GCM.Nonce(data: nonce), authenticating: aad).combined!.suffix(from: nonce.count)
87+
return try AES.GCM.seal(message, using: key, nonce: AES.GCM.Nonce(data: nonce), authenticating: aad).combined!.dropFirst(nonce.count)
8888
}
8989
}
9090

Sources/Crypto/Signatures/ECDSA.swift

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -66,7 +66,7 @@ extension P256.Signing {
6666
let combined = rawRepresentation
6767
assert(combined.count % 2 == 0)
6868
let half = combined.count / 2
69-
return (combined.prefix(upTo: half), combined.suffix(from: half))
69+
return (combined.prefix(half), combined.suffix(half))
7070
}
7171

7272
/// Creates a P-256 digital signature from a Distinguished Encoding
@@ -115,8 +115,8 @@ extension P256.Signing {
115115
#else
116116
let raw = rawRepresentation
117117
let half = raw.count / 2
118-
let r = Array(raw.prefix(upTo: half))[...]
119-
let s = Array(raw.suffix(from: half))[...]
118+
let r = Array(raw.prefix(half))[...]
119+
let s = Array(raw.suffix(half))[...]
120120

121121
let sig = ASN1.ECDSASignature(r: r, s: s)
122122
var serializer = ASN1.Serializer()
@@ -229,7 +229,7 @@ extension P384.Signing {
229229
let combined = rawRepresentation
230230
assert(combined.count % 2 == 0)
231231
let half = combined.count / 2
232-
return (combined.prefix(upTo: half), combined.suffix(from: half))
232+
return (combined.prefix(half), combined.suffix(half))
233233
}
234234

235235
/// Creates a P-384 digital signature from a Distinguished Encoding
@@ -278,8 +278,8 @@ extension P384.Signing {
278278
#else
279279
let raw = rawRepresentation
280280
let half = raw.count / 2
281-
let r = Array(raw.prefix(upTo: half))[...]
282-
let s = Array(raw.suffix(from: half))[...]
281+
let r = Array(raw.prefix(half))[...]
282+
let s = Array(raw.suffix(half))[...]
283283

284284
let sig = ASN1.ECDSASignature(r: r, s: s)
285285
var serializer = ASN1.Serializer()
@@ -392,7 +392,7 @@ extension P521.Signing {
392392
let combined = rawRepresentation
393393
assert(combined.count % 2 == 0)
394394
let half = combined.count / 2
395-
return (combined.prefix(upTo: half), combined.suffix(from: half))
395+
return (combined.prefix(half), combined.suffix(half))
396396
}
397397

398398
/// Creates a P-521 digital signature from a Distinguished Encoding
@@ -441,8 +441,8 @@ extension P521.Signing {
441441
#else
442442
let raw = rawRepresentation
443443
let half = raw.count / 2
444-
let r = Array(raw.prefix(upTo: half))[...]
445-
let s = Array(raw.suffix(from: half))[...]
444+
let r = Array(raw.prefix(half))[...]
445+
let s = Array(raw.suffix(half))[...]
446446

447447
let sig = ASN1.ECDSASignature(r: r, s: s)
448448
var serializer = ASN1.Serializer()

Sources/Crypto/Signatures/ECDSA.swift.gyb

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -76,7 +76,7 @@ extension ${CURVE}.Signing {
7676
let combined = rawRepresentation
7777
assert(combined.count % 2 == 0)
7878
let half = combined.count / 2
79-
return (combined.prefix(upTo: half), combined.suffix(from: half))
79+
return (combined.prefix(half), combined.suffix(half))
8080
}
8181

8282
/// Creates a ${DISPLAY_CURVE} digital signature from a Distinguished Encoding
@@ -125,8 +125,8 @@ extension ${CURVE}.Signing {
125125
#else
126126
let raw = rawRepresentation
127127
let half = raw.count / 2
128-
let r = Array(raw.prefix(upTo: half))[...]
129-
let s = Array(raw.suffix(from: half))[...]
128+
let r = Array(raw.prefix(half))[...]
129+
let s = Array(raw.suffix(half))[...]
130130

131131
let sig = ASN1.ECDSASignature(r: r, s: s)
132132
var serializer = ASN1.Serializer()

0 commit comments

Comments
 (0)