Skip to content

Fix HPKE/KEM exact-length key unmarshaling#627

Open
drmikecrypto wants to merge 1 commit into
cloudflare:mainfrom
drmikecrypto:fix/hpke-kem-exact-length-unmarshal
Open

Fix HPKE/KEM exact-length key unmarshaling#627
drmikecrypto wants to merge 1 commit into
cloudflare:mainfrom
drmikecrypto:fix/hpke-kem-exact-length-unmarshal

Conversation

@drmikecrypto

@drmikecrypto drmikecrypto commented Jun 28, 2026

Copy link
Copy Markdown

Summary

  • Require exact-length buffers in HPKE shortKEM and xKEM UnmarshalBinaryPublicKey / UnmarshalBinaryPrivateKey instead of accepting oversized inputs that were silently truncated
  • Return standard kem.ErrPubKeySize / kem.ErrPrivKeySize on length mismatch
  • Add hpke/kem_test.go and extend kem/schemes/schemes_test.go with TestExactLengthUnmarshal across all registered KEM schemes

Test plan

  • go test ./hpke/... ./kem/schemes/...

Fixes #488


Open in Devin Review

Reject oversized public and private key buffers instead of silently truncating, preventing slice-bounds panics in HPKE.

Fixes cloudflare#488.

@devin-ai-integration devin-ai-integration Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

✅ Devin Review: No Issues Found

Devin Review analyzed this PR and found no bugs or issues to report.

Open in Devin Review

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

hpke: slice bounds out of range in shortKEM.UnmarshalBinaryPrivateKey

1 participant