Skip to content

Commit

Permalink
Increase the input limits from 128 bytes to 8192 bytes
Browse files Browse the repository at this point in the history
In particular, the 128 byte limit is problematic for `info` as used in
the Mobile Document Request API (https://github.com/WICG/mobile-document-request-api)
and similar schemes.
  • Loading branch information
snorp committed Aug 4, 2023
1 parent e617cbd commit d9b9f3a
Show file tree
Hide file tree
Showing 6 changed files with 18 additions and 18 deletions.
8 changes: 4 additions & 4 deletions core/test/cipherSuite.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -1300,7 +1300,7 @@ describe("CipherSuite", () => {
});

await assertRejects(
() => suite.deriveKeyPair((new Uint8Array(129)).buffer),
() => suite.deriveKeyPair((new Uint8Array(8193)).buffer),
InvalidParamError,
"Too long ikm",
);
Expand All @@ -1321,7 +1321,7 @@ describe("CipherSuite", () => {
await assertRejects(
() =>
suite.createSenderContext({
info: (new Uint8Array(129)).buffer,
info: (new Uint8Array(8193)).buffer,
recipientPublicKey: rkp.publicKey,
}),
InvalidParamError,
Expand All @@ -1345,7 +1345,7 @@ describe("CipherSuite", () => {
() =>
suite.createSenderContext({
psk: {
key: (new Uint8Array(129)).buffer,
key: (new Uint8Array(8193)).buffer,
id: new Uint8Array([1, 2, 3, 4]),
},
recipientPublicKey: rkp.publicKey,
Expand Down Expand Up @@ -1398,7 +1398,7 @@ describe("CipherSuite", () => {
suite.createSenderContext({
psk: {
key: new Uint8Array(32),
id: (new Uint8Array(129)).buffer,
id: (new Uint8Array(8193)).buffer,
},
recipientPublicKey: rkp.publicKey,
}),
Expand Down
2 changes: 1 addition & 1 deletion src/consts.ts
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ export const KEM_USAGES: KeyUsage[] = ["deriveBits"];
export const AEAD_USAGES: KeyUsage[] = ["encrypt", "decrypt"];

// The input length limit (psk, psk_id, info, exporter_context, ikm).
export const INPUT_LENGTH_LIMIT = 128;
export const INPUT_LENGTH_LIMIT = 8192;

// The minimum length of a PSK.
export const MINIMUM_PSK_LENGTH = 32;
Expand Down
8 changes: 4 additions & 4 deletions test/cipherSuite.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -1226,7 +1226,7 @@ describe("CipherSuite", () => {
});

await assertRejects(
() => suite.deriveKeyPair((new Uint8Array(129)).buffer),
() => suite.deriveKeyPair((new Uint8Array(8193)).buffer),
errors.InvalidParamError,
"Too long ikm",
);
Expand All @@ -1247,7 +1247,7 @@ describe("CipherSuite", () => {
await assertRejects(
() =>
suite.createSenderContext({
info: (new Uint8Array(129)).buffer,
info: (new Uint8Array(8193)).buffer,
recipientPublicKey: rkp.publicKey,
}),
errors.InvalidParamError,
Expand All @@ -1271,7 +1271,7 @@ describe("CipherSuite", () => {
() =>
suite.createSenderContext({
psk: {
key: (new Uint8Array(129)).buffer,
key: (new Uint8Array(8193)).buffer,
id: new Uint8Array([1, 2, 3, 4]),
},
recipientPublicKey: rkp.publicKey,
Expand Down Expand Up @@ -1324,7 +1324,7 @@ describe("CipherSuite", () => {
suite.createSenderContext({
psk: {
key: new Uint8Array(32),
id: (new Uint8Array(129)).buffer,
id: (new Uint8Array(8193)).buffer,
},
recipientPublicKey: rkp.publicKey,
}),
Expand Down
8 changes: 4 additions & 4 deletions test/cipherSuiteBackwardCompat.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -1053,7 +1053,7 @@ describe("CipherSuite(backward-compat)", () => {
});

await assertRejects(
() => suite.deriveKeyPair((new Uint8Array(129)).buffer),
() => suite.deriveKeyPair((new Uint8Array(8193)).buffer),
errors.InvalidParamError,
"Too long ikm",
);
Expand All @@ -1074,7 +1074,7 @@ describe("CipherSuite(backward-compat)", () => {
await assertRejects(
() =>
suite.createSenderContext({
info: (new Uint8Array(129)).buffer,
info: (new Uint8Array(8193)).buffer,
recipientPublicKey: rkp.publicKey,
}),
errors.InvalidParamError,
Expand All @@ -1098,7 +1098,7 @@ describe("CipherSuite(backward-compat)", () => {
() =>
suite.createSenderContext({
psk: {
key: (new Uint8Array(129)).buffer,
key: (new Uint8Array(8193)).buffer,
id: new Uint8Array([1, 2, 3, 4]),
},
recipientPublicKey: rkp.publicKey,
Expand Down Expand Up @@ -1151,7 +1151,7 @@ describe("CipherSuite(backward-compat)", () => {
suite.createSenderContext({
psk: {
key: new Uint8Array(32),
id: (new Uint8Array(129)).buffer,
id: (new Uint8Array(8193)).buffer,
},
recipientPublicKey: rkp.publicKey,
}),
Expand Down
8 changes: 4 additions & 4 deletions test/cipherSuiteNative.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -1307,7 +1307,7 @@ describe("CipherSuiteNative", () => {
});

await assertRejects(
() => suite.deriveKeyPair((new Uint8Array(129)).buffer),
() => suite.deriveKeyPair((new Uint8Array(8193)).buffer),
InvalidParamError,
"Too long ikm",
);
Expand All @@ -1328,7 +1328,7 @@ describe("CipherSuiteNative", () => {
await assertRejects(
() =>
suite.createSenderContext({
info: (new Uint8Array(129)).buffer,
info: (new Uint8Array(8193)).buffer,
recipientPublicKey: rkp.publicKey,
}),
InvalidParamError,
Expand All @@ -1352,7 +1352,7 @@ describe("CipherSuiteNative", () => {
() =>
suite.createSenderContext({
psk: {
key: (new Uint8Array(129)).buffer,
key: (new Uint8Array(8193)).buffer,
id: new Uint8Array([1, 2, 3, 4]),
},
recipientPublicKey: rkp.publicKey,
Expand Down Expand Up @@ -1405,7 +1405,7 @@ describe("CipherSuiteNative", () => {
suite.createSenderContext({
psk: {
key: new Uint8Array(32),
id: (new Uint8Array(129)).buffer,
id: (new Uint8Array(8193)).buffer,
},
recipientPublicKey: rkp.publicKey,
}),
Expand Down
2 changes: 1 addition & 1 deletion test/encryptionContext.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -263,7 +263,7 @@ describe("export", () => {

// assert
await assertRejects(
() => sender.export(new Uint8Array(129), 32),
() => sender.export(new Uint8Array(8193), 32),
errors.InvalidParamError,
"Too long exporter context",
);
Expand Down

0 comments on commit d9b9f3a

Please sign in to comment.