Allow Symmetric::crypto() keys >= 32 bytes

See the comments for a play-by-play explanation. The short of it is: We use HKDF here to split the incoming key anyway, so a larger key isn't a libsodium API violation.
paragonie · Mar 8, 2016 · fbdc796 · fbdc796
1 parent 9f47b49
commit fbdc796
Show file tree

Hide file tree

Showing 6 changed files with 9 additions and 2 deletions.
diff --git a/src/Asymmetric/EncryptionPublicKey.php b/src/Asymmetric/EncryptionPublicKey.php
@@ -12,6 +12,7 @@ final class EncryptionPublicKey extends PublicKey
      */
     public function __construct($keyMaterial = '', ...$args) 
     {
+        // X25519 keys are a fixed size
         if (CryptoUtil::safeStrlen($keyMaterial) !== \Sodium\CRYPTO_BOX_PUBLICKEYBYTES) {
             throw new CryptoException\InvalidKey(
                 'Encryption public key must be CRYPTO_BOX_PUBLICKEYBYTES bytes long'

diff --git a/src/Asymmetric/EncryptionSecretKey.php b/src/Asymmetric/EncryptionSecretKey.php
@@ -12,6 +12,7 @@ final class EncryptionSecretKey extends SecretKey
      */
     public function __construct($keyMaterial = '', ...$args) 
     {
+        // X25519 keys are a fixed size
         if (CryptoUtil::safeStrlen($keyMaterial) !== \Sodium\CRYPTO_BOX_SECRETKEYBYTES) {
             throw new CryptoException\InvalidKey(
                 'Encryption secret key must be CRYPTO_BOX_SECRETKEYBYTES bytes long'

diff --git a/src/Asymmetric/SignaturePublicKey.php b/src/Asymmetric/SignaturePublicKey.php
@@ -12,6 +12,7 @@ final class SignaturePublicKey extends PublicKey
      */
     public function __construct($keyMaterial = '', ...$args) 
     {
+        // Ed25519 keys are a fixed size
         if (CryptoUtil::safeStrlen($keyMaterial) !== \Sodium\CRYPTO_SIGN_PUBLICKEYBYTES) {
             throw new CryptoException\InvalidKey(
                 'Signature public key must be CRYPTO_SIGN_PUBLICKEYBYTES bytes long'

diff --git a/src/Asymmetric/SignatureSecretKey.php b/src/Asymmetric/SignatureSecretKey.php
@@ -12,6 +12,7 @@ final class SignatureSecretKey extends SecretKey
      */
     public function __construct($keyMaterial = '', ...$args) 
     {
+        // Ed25519 keys are a fixed size
         if (CryptoUtil::safeStrlen($keyMaterial) !== \Sodium\CRYPTO_SIGN_SECRETKEYBYTES) {
             throw new CryptoException\InvalidKey(
                 'Signature secret key must be CRYPTO_SIGN_SECRETKEYBYTES bytes long'

diff --git a/src/Symmetric/AuthenticationKey.php b/src/Symmetric/AuthenticationKey.php
@@ -11,6 +11,7 @@ final class AuthenticationKey extends SecretKey
      */
     public function __construct($keyMaterial = '', ...$args)
     {
+        // HMAC-SHA512/256 keys are a fixed size
         if (CryptoUtil::safeStrlen($keyMaterial) !== \Sodium\CRYPTO_AUTH_KEYBYTES) {
             throw new CryptoException\InvalidKey(
                 'Authentication key must be CRYPTO_AUTH_KEYBYTES bytes long'

diff --git a/src/Symmetric/EncryptionKey.php b/src/Symmetric/EncryptionKey.php
@@ -11,9 +11,11 @@ final class EncryptionKey extends SecretKey
      */
     public function __construct($keyMaterial = '', ...$args)
     {
-        if (CryptoUtil::safeStrlen($keyMaterial) !== \Sodium\CRYPTO_STREAM_KEYBYTES) {
+        // Longer keys are OK here; it gets blended through HKDF anyway.
+        // We're only blocking weak keys here.
+        if (CryptoUtil::safeStrlen($keyMaterial) < \Sodium\CRYPTO_STREAM_KEYBYTES) {
             throw new CryptoException\InvalidKey(
-                'Encryption key must be CRYPTO_STREAM_KEYBYTES bytes long'
+                'Encryption key must be at least CRYPTO_STREAM_KEYBYTES bytes long'
             );
         }
         parent::__construct($keyMaterial, false);