From 4ab3d519966f5956ebe5fd7c6181580ea99d846a Mon Sep 17 00:00:00 2001
From: Alexander Neumann <alexander@bumpern.de>
Date: Mon, 24 Nov 2014 22:11:09 +0100
Subject: [PATCH] Add more checks befor decrypting data

---
 backend/local.go | 10 +++++++++-
 backend/sftp.go  |  8 +++++++-
 key.go           |  5 +++++
 3 files changed, 21 insertions(+), 2 deletions(-)

diff --git a/backend/local.go b/backend/local.go
index b9a694d1e..f55f88587 100644
--- a/backend/local.go
+++ b/backend/local.go
@@ -24,6 +24,8 @@ const (
 	versionFileName = "version"
 )
 
+var ErrWrongData = errors.New("wrong data returned by backend, checksum does not match")
+
 type Local struct {
 	p   string
 	ver uint
@@ -218,7 +220,8 @@ func (b *Local) filename(t Type, id ID) string {
 	return filepath.Join(b.dir(t), id.String())
 }
 
-// Get returns the content stored under the given ID.
+// Get returns the content stored under the given ID. If the data doesn't match
+// the requested ID, ErrWrongData is returned.
 func (b *Local) Get(t Type, id ID) ([]byte, error) {
 	// try to open file
 	file, err := os.Open(b.filename(t, id))
@@ -233,6 +236,11 @@ func (b *Local) Get(t Type, id ID) ([]byte, error) {
 		return nil, err
 	}
 
+	// check id
+	if !Hash(buf).Equal(id) {
+		return nil, ErrWrongData
+	}
+
 	return buf, nil
 }
 
diff --git a/backend/sftp.go b/backend/sftp.go
index 44042e443..42db4fe62 100644
--- a/backend/sftp.go
+++ b/backend/sftp.go
@@ -292,7 +292,8 @@ func (r *SFTP) filename(t Type, id ID) string {
 	return filepath.Join(r.dir(t), id.String())
 }
 
-// Get returns the content stored under the given ID.
+// Get returns the content stored under the given ID. If the data doesn't match
+// the requested ID, ErrWrongData is returned.
 func (r *SFTP) Get(t Type, id ID) ([]byte, error) {
 	// try to open file
 	file, err := r.c.Open(r.filename(t, id))
@@ -307,6 +308,11 @@ func (r *SFTP) Get(t Type, id ID) ([]byte, error) {
 		return nil, err
 	}
 
+	// check id
+	if !Hash(buf).Equal(id) {
+		return nil, ErrWrongData
+	}
+
 	return buf, nil
 }
 
diff --git a/key.go b/key.go
index 4464dfd4d..d39503f9e 100644
--- a/key.go
+++ b/key.go
@@ -304,6 +304,11 @@ func (k *Key) Encrypt(ciphertext, plaintext []byte) (int, error) {
 // Decrypt verifes and decrypts the ciphertext. Ciphertext must be in the form
 // IV || Ciphertext || HMAC.
 func (k *Key) decrypt(ks *keys, ciphertext []byte) ([]byte, error) {
+	// check for plausible length
+	if len(ciphertext) <= ivSize+hmacSize {
+		panic("trying to decryipt invalid data: ciphertext too small")
+	}
+
 	hm := hmac.New(sha256.New, ks.Sign)
 
 	// extract hmac