From 3e505c46b4e97b038d9db815b6866bc6ade37df7 Mon Sep 17 00:00:00 2001 From: oblivionsage Date: Thu, 10 Jul 2025 12:04:36 +0200 Subject: [PATCH 1/2] Replace hard-coded GCM tag length with named constant - Add GCM_STANDARD_TAG_SIZE constant (16 bytes) with NIST SP 800-38D reference - Replace magic numbers in tag allocation and validation logic - Update error message to use constant value for consistency - Improves code maintainability and follows crypto best practices Tested: GCM functionality preserved, no regressions Resolves TODO comments about hard-coded GCM tag length values --- src/rust/src/backend/ciphers.rs | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/src/rust/src/backend/ciphers.rs b/src/rust/src/backend/ciphers.rs index 8f34f061ed51..f1b6e7057ad3 100644 --- a/src/rust/src/backend/ciphers.rs +++ b/src/rust/src/backend/ciphers.rs @@ -7,6 +7,12 @@ use pyo3::IntoPyObject; use crate::backend::cipher_registry; use crate::buf::{CffiBuf, CffiMutBuf}; + +// GCM authentication tag length: 16 bytes (128 bits) provides maximum security +// as recommended by NIST SP 800-38D. Smaller sizes (down to 12 bytes) are also +// acceptable but 16 bytes is the standard for this implementation. +const GCM_STANDARD_TAG_SIZE: usize = 16; + use crate::error::{CryptographyError, CryptographyResult}; use crate::{exceptions, types}; @@ -358,8 +364,8 @@ impl PyAEADEncryptionContext { let ctx = get_mut_ctx(self.ctx.as_mut())?; let result = ctx.finalize(py)?; - // XXX: do not hard code 16 - let tag = pyo3::types::PyBytes::new_with(py, 16, |t| { + // Allocate buffer for GCM tag + let tag = pyo3::types::PyBytes::new_with(py, GCM_STANDARD_TAG_SIZE, |t| { ctx.ctx.tag(t).map_err(CryptographyError::from)?; Ok(()) })?; @@ -491,17 +497,17 @@ impl PyAEADDecryptionContext { .bind(py) .getattr(pyo3::intern!(py, "_min_tag_length"))? .extract()?; - // XXX: Do not hard code 16 + // Validate tag length against GCM standards if tag.len() < min_tag_length { return Err(CryptographyError::from( pyo3::exceptions::PyValueError::new_err(format!( "Authentication tag must be {min_tag_length} bytes or longer.", )), )); - } else if tag.len() > 16 { + } else if tag.len() > GCM_STANDARD_TAG_SIZE { return Err(CryptographyError::from( pyo3::exceptions::PyValueError::new_err( - "Authentication tag cannot be more than 16 bytes.", + format!("Authentication tag cannot be more than {} bytes.", GCM_STANDARD_TAG_SIZE), ), )); } From 1a10ce0aff13c66df22316b8ed5dd80f7d840cb4 Mon Sep 17 00:00:00 2001 From: oblivionsage Date: Thu, 10 Jul 2025 12:38:26 +0200 Subject: [PATCH 2/2] Replace hard-coded GCM tag length with named constant - Add GCM_STANDARD_TAG_SIZE constant (16 bytes) with NIST SP 800-38D reference - Replace magic numbers in tag allocation and validation logic - Update error message with defensive handling comment - Apply Rust formatting and linting standards Tested: GCM functionality preserved, no regressions Resolves TODO comments about hard-coded GCM tag length values --- src/rust/src/backend/ciphers.rs | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/rust/src/backend/ciphers.rs b/src/rust/src/backend/ciphers.rs index f1b6e7057ad3..265dd9b5482e 100644 --- a/src/rust/src/backend/ciphers.rs +++ b/src/rust/src/backend/ciphers.rs @@ -507,7 +507,10 @@ impl PyAEADDecryptionContext { } else if tag.len() > GCM_STANDARD_TAG_SIZE { return Err(CryptographyError::from( pyo3::exceptions::PyValueError::new_err( - format!("Authentication tag cannot be more than {} bytes.", GCM_STANDARD_TAG_SIZE), + // Defensive error handling - rarely triggered in normal usage + format!( + "Authentication tag cannot be more than {GCM_STANDARD_TAG_SIZE} bytes." + ), ), )); }