Skip to content

Commit

Permalink
add export data validation
Browse files Browse the repository at this point in the history
  • Loading branch information
@ezekg
ezekg committed Jul 12, 2024
1 parent 29a9cb8 commit 4b762f9
Show file tree
Hide file tree
Showing 5 changed files with 32 additions and 5 deletions.
2 changes: 1 addition & 1 deletion lib/keygen/exporter.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ def exporter_class_for(version:)
when 1
V1::Exporter
else
raise UnsupportedVersionError.new, "Unsupported export version: #{version}"
raise UnsupportedVersionError.new, "unsupported export version: #{version}"
end
end
end
Expand Down
6 changes: 3 additions & 3 deletions lib/keygen/importer.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,8 @@ module Keygen
module Importer
class UnsupportedVersionError < StandardError; end
class InvalidSecretKeyError < StandardError; end
class InvalidDataError < StandardError; end
class InvalidChunkError < InvalidDataError; end

extend self

Expand All @@ -19,8 +21,6 @@ def import(from:, secret_key: nil)
importer = importer_class.new(secret_key:)

importer.import(from:)
rescue OpenSSL::Cipher::CipherError
raise InvalidSecretKeyError.new, 'Secret key is invalid'
end

private
Expand All @@ -30,7 +30,7 @@ def importer_class_for(version:)
when 1
V1::Importer
else
raise UnsupportedVersionError.new, "Unsupported import version: #{version}"
raise UnsupportedVersionError.new, "unsupported import version: #{version}"
end
end
end
Expand Down
5 changes: 5 additions & 0 deletions lib/keygen/importer/v1/deserializer.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,11 @@ def deserialize(data)
unencrypted = decrypt(decompressed)

unpack(unencrypted)
rescue MessagePack::MalformedFormatError,
OpenSSL::Cipher::CipherError
raise InvalidSecretKeyError.new, 'secret key is invalid'
rescue Zlib::Error
raise InvalidDataError.new, 'data is invalid'
end

private
Expand Down
8 changes: 7 additions & 1 deletion lib/keygen/importer/v1/reader.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,13 @@ def read_chunk
chunk_size = read_chunk_size
return if chunk_size.zero?

read(chunk_size)
chunk = read(chunk_size)

unless chunk.size == chunk_size
raise InvalidChunkError.new, 'chunk is invalid'
end

chunk
end
end
end
Expand Down
16 changes: 16 additions & 0 deletions spec/lib/keygen/importer_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,22 @@
.to raise_error Keygen::Importer::UnsupportedVersionError
end

it 'should raise for invalid data' do
data = 'zzz'
size = [data.bytesize].pack('Q>')

expect { Keygen::Importer.import(from: StringIO.new(1.chr + size + data)) }
.to raise_error Keygen::Importer::InvalidDataError
end

it 'should raise for invalid chunk' do
data = 'zz'
size = ['zzz'.bytesize].pack('Q>')

expect { Keygen::Importer.import(from: StringIO.new(1.chr + size + data)) }
.to raise_error Keygen::Importer::InvalidChunkError
end

context 'with encryption' do
let(:secret_key) { SecureRandom.hex }

Expand Down

0 comments on commit 4b762f9

Please sign in to comment.