Skip to content

fix: reject invalid attachment digest lengths#1955

Open
Ap4sh wants to merge 1 commit into
session-foundation:devfrom
Ap4sh:fix-attachment-digest-length
Open

fix: reject invalid attachment digest lengths#1955
Ap4sh wants to merge 1 commit into
session-foundation:devfrom
Ap4sh:fix-attachment-digest-length

Conversation

@Ap4sh

@Ap4sh Ap4sh commented Jun 18, 2026

Copy link
Copy Markdown

Contributor checklist

  • My commits are in nice logical chunks with good commit messages
  • My changes are rebased on the latest dev branch
  • A yarn ready run passes successfully
  • My changes are ready to be shipped to users

Description

This rejects attachment digests unless their length matches the SHA-256 digest computed for the encrypted attachment

verifyDigest() previously compared only theirDigest.byteLength bytes, so a truncated digest could be accepted after the MAC check passed

The MAC check still protects the encrypted payload first, so this is a small correctness hardening fix, not a ciphertext behavior change

Added a unit test covering a valid encrypt/decrypt round trip and a truncated digest rejection

Tests:

  • pnpm ready
  • npx -y node@24.12.0 node_modules/mocha/bin/mocha.js --no-config --timeout 10000 app/ts/test/session/unit/crypto/attachmentsEncrypter_test.js

@Ap4sh Ap4sh marked this pull request as ready for review June 18, 2026 19:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant