Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Feature request] Clearer message when attr("nonce") is missing #21

Open
ColinFay opened this issue Mar 24, 2022 · 2 comments
Open

[Feature request] Clearer message when attr("nonce") is missing #21

ColinFay opened this issue Mar 24, 2022 · 2 comments

Comments

@ColinFay
Copy link

Hey,

Thanks a lot for sodium :)

I've been working on a tool that need to encrypt / decrypt data that are sent through http calls to a plumber API and stumble upon something that took me a little while to debug: when trying to decrypt a message, if you don't have attr("nonce"), the function will fail.

library(sodium)
key <- sha256(charToRaw("xyz"))
msg <- charToRaw("secretthing")

cipher <- data_encrypt(msg, key)
cipher
 [1] f6 d6 29 a5 5a c5 ed cd 31 6b cf 4b 19 19 3b 4f 56 9c b7 02 19 02 88 2c bd
[26] e2 14
attr(,"nonce")
 [1] 31 d6 f6 51 90 c7 6b 3a 70 e3 cc 14 94 c3 b5 a1 bf d9 d6 a8 87 0f 44 4e

# works as expected
data_decrypt(cipher, key) |> rawToChar()
[1] "secretthing"

# as I want to sent it via http, I use bin2hex
message_to_send <- bin2hex(cipher)
message_to_send
[1] "f6d629a55ac5edcd316bcf4b19193b4f569cb7021902882cbde214"

# on the other process, I receive a string that 
# I want to decrypt
message_received <- hex2bin(message_to_send)
message_received
 [1] f6 d6 29 a5 5a c5 ed cd 31 6b cf 4b 19 19 3b 4f 56 9c b7 02 19 02 88 2c bd
[26] e2 14

orig <- data_decrypt(message_received, key)
Error in data_decrypt(message_received, key) : 
  Invalid key. Key must be exactly 24 bytes

The error message here is pretty unclear because I haven't touched the key object and I don't understand why it's suddenly not the correct length, and so I spent some time trying to understand this length issue.

The issue here seem to be that the message_received doesn't have a nonce attribute :

attr(message_received, "nonce") <- attr(cipher, "nonce")
orig <- data_decrypt(message_received, key)
orig
 [1] 73 65 63 72 65 74 74 68 69 6e 67

Given that nonce in data_decrypt is attr(bin, "nonce") and that you can't encrypt with NULL (data_encrypt(msg, key, NULL) throws an error), my feature request would be that there should be a clear error message in data_decrypt if nonce is NULL.

@jeroen
Copy link
Member

jeroen commented Mar 24, 2022

Yes that makes sense; can you send a PR?

@ColinFay
Copy link
Author

Sure!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants