From a8f157642e323a6864c336b0af6a28c19fd716b1 Mon Sep 17 00:00:00 2001
From: Gregor Kleen <aethoago@141.li>
Date: Mon, 23 Jul 2018 11:52:04 +0200
Subject: [PATCH] CiphertextIsWrongLength & minor formatting

---
 cryptoids/changes.md                      | 11 +++++++++++
 cryptoids/package.yaml                    |  4 ++--
 cryptoids/src/Data/CryptoID/ByteString.hs | 12 +++++++++++-
 filepath-crypto/changes.md                |  4 ++++
 stack.yaml                                |  3 ++-
 uuid-crypto/changes.md                    |  8 ++++++++
 6 files changed, 38 insertions(+), 4 deletions(-)

diff --git a/cryptoids/changes.md b/cryptoids/changes.md
index 5668cf1..304b948 100644
--- a/cryptoids/changes.md
+++ b/cryptoids/changes.md
@@ -1,22 +1,33 @@
+# 0.5.1.0
+
+    - Add 'CiphertextIsWrongLength'
+    - Bump version bound on 'cryptonite'
+
 # 0.5.0.0
+
     - Add support for 'cryptoids-class'
 
 # 0.4.0.0
+
     - Expose 'cipherBlockSize'
     - Adjust 'Data.CryptoID.Poly' to allow for more dynamic padding
 
 # 0.3.0.0
+
     - Better exception type (does no longer leak private information)
     - 'Data.CryptoID.Poly' now supports padding the plaintext to a certain length before encryption
 
 # 0.2.0.0
+
     - Rename 'Data.CryptoID.Poly' to 'Data.CryptoID.ByteString'
     - Introduce 'Data.CryptoID.Poly' doing actual serialization
 
 # 0.1.0.1
+
     - Correct mistakes in the documentation
 
 # 0.1.0
+
     - Switch to using 'MonadThrow' instead of 'MonadError'
     - Introduce 'readKeyFile'
 
diff --git a/cryptoids/package.yaml b/cryptoids/package.yaml
index d389eab..5ea8db2 100644
--- a/cryptoids/package.yaml
+++ b/cryptoids/package.yaml
@@ -1,5 +1,5 @@
 name: cryptoids
-version: 0.5.0.0
+version: 0.5.1.0
 synopsis: Reversable and secure encoding of object ids as a bytestring
 category: cryptography
 author: Gregor Kleen <aethoago@141.li>
@@ -27,7 +27,7 @@ dependencies:
   - base >=4.9 && <5
   - cryptoids-types >=0.0 && <0.1
   - cryptoids-class >=0.0 && <0.1
-  - cryptonite >=0.23 && <0.25
+  - cryptonite >=0.23 && <0.26
   - bytestring >=0.10.8 && <0.11
   - binary >=0.8.3 && <0.9
   - memory >=0.14.6 && <0.15
diff --git a/cryptoids/src/Data/CryptoID/ByteString.hs b/cryptoids/src/Data/CryptoID/ByteString.hs
index 8162bd1..4252353 100644
--- a/cryptoids/src/Data/CryptoID/ByteString.hs
+++ b/cryptoids/src/Data/CryptoID/ByteString.hs
@@ -123,6 +123,11 @@ data CryptoIDError
     --   'CryptoCipher'
     --
     -- The length of the offending plaintext is included.
+  | CiphertextIsWrongLength ByteString
+    -- ^ The length of the ciphertext is not a multiple of the block size of
+    --   'CryptoCipher'
+    --
+    -- The offending ciphertext is included.
   | NamespaceHashIsWrongLength ByteString
     -- ^ The length of the digest produced by 'CryptoHash' does
     --   not match the block size of 'CryptoCipher'.
@@ -222,11 +227,16 @@ decrypt :: forall m namespace.
 decrypt (keyMaterial -> key) CryptoID{..} = do
   cipher <- cryptoFailable (cipherInit key :: CryptoFailable CryptoCipher)
   namespace <- namespace' (Proxy :: Proxy namespace)
+  when (ByteString.length ciphertext `mod` blockSize cipher /= 0) $
+    throwM $ CiphertextIsWrongLength ciphertext
   return $ cbcDecrypt cipher namespace ciphertext
 
--- | This instance is somewhat improper in that it works only for plaintexts whose length is a multiple of 'cipherBlockSize'
+-- | This instance is somewhat improper in that it works only for plain- and
+--   ciphertexts whose length is a multiple of 'cipherBlockSize'
 --
 -- Improper plaintext lengths throw 'PlaintextIsWrongLength'
+--
+-- Improper ciphertext lengths throw 'CiphertextIsWrongLength'
 instance ( MonadCrypto m
          , MonadCryptoKey m ~ CryptoIDKey
          , KnownSymbol namespace
diff --git a/filepath-crypto/changes.md b/filepath-crypto/changes.md
index 79755e0..993551c 100644
--- a/filepath-crypto/changes.md
+++ b/filepath-crypto/changes.md
@@ -1,13 +1,17 @@
 # 0.1.0.0
+
     - Add support for 'cryptoids-class'
 
 # 0.0.0.3
+
     - Got rid of `encoding`
 
 # 0.0.0.2
+
     - Improved documentation
 
 # 0.0.0.1
+
     - Improved documentation
 
 # 0.0.0.0
diff --git a/stack.yaml b/stack.yaml
index 49f897a..5a2b8d3 100644
--- a/stack.yaml
+++ b/stack.yaml
@@ -15,7 +15,8 @@
 # resolver:
 #  name: custom-snapshot
 #  location: "./custom-snapshot.yaml"
-resolver: lts-10.5
+resolver: lts-12.2
+#resolver: nightly-2018-02-24
 
 # User packages to be built.
 # Various formats can be used as shown in the example below.
diff --git a/uuid-crypto/changes.md b/uuid-crypto/changes.md
index ad03b6d..f2f4ba1 100644
--- a/uuid-crypto/changes.md
+++ b/uuid-crypto/changes.md
@@ -1,26 +1,34 @@
 # 1.4.0.0
+
     - Add support for 'cryptoids-class'
 
 # 1.3.1.0
+
     - Fix documentation mistake
     - Bump @cryptoids@ to @0.4.0.*@
 
 # 1.3.0.1
+
     - Fix documentation typo
 
 # 1.3.0.0
+
     - Fix decryption
 
 # 1.2.0.0
+
     - Pad plaintext before encryption, allowing encryption of payloads shorter than 128 bits
 
 # 1.1.1.0
+
     - Switch to using the new 'Data.CryptoID.Poly'
 
 # 1.1.0.1
+
     - Update version constraint on @cryptoids@
 
 # 1.1.0
+
     - Switch to using 'MonadThrow' instead of 'MonadError'
 
 # 1.0.0