Closed brandur closed 9 years ago
Interesting! I think the behavior we come up with here must be added to the spec and implemented in all implementations.
@tmaher, @kr what do you think this behavior should be? I think Fernet.verifier(secret, Fernet.generate(secret, '')).message == ''
should be true
, any issue with that?
The spec doesn't place any restrictions on the length of the plaintext message. Whatever is not explicitly forbidden is implicitly allowed, so 0 is just as good a length as 1 or 5 or a million. So in my interpretation the spec already defines the correct behavior. (This is how the Go implementation behaves.)
@tmaher, @kr what do you think this behavior should be? I think Fernet.verifier(secret, Fernet.generate(secret, '')).message == '' should be true, any issue with that?
That would actually work for my purposes. That said, from the perspective of a tinfoil hat-wearer, I could see the mere divulgence that your secret message is an empty string being considered an information leak (albeit, a minor one).
Added a patch that seems to get things running in #33.
Even if everyone agrees that the spec already covers this case, I'd be ok with adding some words to explicitly state it anyway, for the sake of clarity. And even more ok with adding a test vector for an empty message.
Even if everyone agrees that the spec already covers this case, I'd be ok with adding some words to explicitly state it anyway, for the sake of clarity. And even more ok with adding a test vector for an empty message.
That would be great!
@brandur thanks for the patch! Merged and pushed gem 2.1.1
+1 to what @kr said too
Contrary to the signature of
Fernet.generate
, encrypting an empty string is not actually allowed:This is problematic because it forces the client to design and implement their own encoding scheme if they want to encrypt an empty value. For what its worth, Legacy Fernet didn't have this issue thanks to the internal JSON encoding.