CiphertextIsWrongLength & minor formatting

cryptoids/changes.md

@@ -1,22 +1,33 @@
+# 0.5.1.0
+
+    - Add 'CiphertextIsWrongLength'
+    - Bump version bound on 'cryptonite'
+
 # 0.5.0.0
+
     - Add support for 'cryptoids-class'
 
 # 0.4.0.0
+
     - Expose 'cipherBlockSize'
     - Adjust 'Data.CryptoID.Poly' to allow for more dynamic padding
 
 # 0.3.0.0
+
     - Better exception type (does no longer leak private information)
     - 'Data.CryptoID.Poly' now supports padding the plaintext to a certain length before encryption
 
 # 0.2.0.0
+
     - Rename 'Data.CryptoID.Poly' to 'Data.CryptoID.ByteString'
     - Introduce 'Data.CryptoID.Poly' doing actual serialization
 
 # 0.1.0.1
+
     - Correct mistakes in the documentation
 
 # 0.1.0
+
     - Switch to using 'MonadThrow' instead of 'MonadError'
     - Introduce 'readKeyFile'
 

cryptoids/package.yaml

@@ -1,5 +1,5 @@
 name: cryptoids
-version: 0.5.0.0
+version: 0.5.1.0
 synopsis: Reversable and secure encoding of object ids as a bytestring
 category: cryptography
 author: Gregor Kleen <aethoago@141.li>
@@ -27,7 +27,7 @@ dependencies:
   - base >=4.9 && <5
   - cryptoids-types >=0.0 && <0.1
   - cryptoids-class >=0.0 && <0.1
-  - cryptonite >=0.23 && <0.25
+  - cryptonite >=0.23 && <0.26
   - bytestring >=0.10.8 && <0.11
   - binary >=0.8.3 && <0.9
   - memory >=0.14.6 && <0.15

cryptoids/src/Data/CryptoID/ByteString.hs

@@ -123,6 +123,11 @@ data CryptoIDError
     --   'CryptoCipher'
     --
     -- The length of the offending plaintext is included.
+  | CiphertextIsWrongLength ByteString
+    -- ^ The length of the ciphertext is not a multiple of the block size of
+    --   'CryptoCipher'
+    --
+    -- The offending ciphertext is included.
   | NamespaceHashIsWrongLength ByteString
     -- ^ The length of the digest produced by 'CryptoHash' does
     --   not match the block size of 'CryptoCipher'.
@@ -222,11 +227,16 @@ decrypt :: forall m namespace.
 decrypt (keyMaterial -> key) CryptoID{..} = do
   cipher <- cryptoFailable (cipherInit key :: CryptoFailable CryptoCipher)
   namespace <- namespace' (Proxy :: Proxy namespace)
+  when (ByteString.length ciphertext `mod` blockSize cipher /= 0) $
+    throwM $ CiphertextIsWrongLength ciphertext
   return $ cbcDecrypt cipher namespace ciphertext
 
--- | This instance is somewhat improper in that it works only for plaintexts whose length is a multiple of 'cipherBlockSize'
+-- | This instance is somewhat improper in that it works only for plain- and
+--   ciphertexts whose length is a multiple of 'cipherBlockSize'
 --
 -- Improper plaintext lengths throw 'PlaintextIsWrongLength'
+--
+-- Improper ciphertext lengths throw 'CiphertextIsWrongLength'
 instance ( MonadCrypto m
          , MonadCryptoKey m ~ CryptoIDKey
          , KnownSymbol namespace

filepath-crypto/changes.md

@@ -1,13 +1,17 @@
 # 0.1.0.0
+
     - Add support for 'cryptoids-class'
 
 # 0.0.0.3
+
     - Got rid of `encoding`
 
 # 0.0.0.2
+
     - Improved documentation
 
 # 0.0.0.1
+
     - Improved documentation
 
 # 0.0.0.0

stack.yaml

@@ -15,7 +15,8 @@
 # resolver:
 #  name: custom-snapshot
 #  location: "./custom-snapshot.yaml"
-resolver: lts-10.5
+resolver: lts-12.2
+#resolver: nightly-2018-02-24
 
 # User packages to be built.
 # Various formats can be used as shown in the example below.

uuid-crypto/changes.md

@@ -1,26 +1,34 @@
 # 1.4.0.0
+
     - Add support for 'cryptoids-class'
 
 # 1.3.1.0
+
     - Fix documentation mistake
     - Bump @cryptoids@ to @0.4.0.*@
 
 # 1.3.0.1
+
     - Fix documentation typo
 
 # 1.3.0.0
+
     - Fix decryption
 
 # 1.2.0.0
+
     - Pad plaintext before encryption, allowing encryption of payloads shorter than 128 bits
 
 # 1.1.1.0
+
     - Switch to using the new 'Data.CryptoID.Poly'
 
 # 1.1.0.1
+
     - Update version constraint on @cryptoids@
 
 # 1.1.0
+
     - Switch to using 'MonadThrow' instead of 'MonadError'
 
 # 1.0.0