ErrCryptoFailure when decrypting empty string
yurikhan opened this issue · comments
Steps to reproduce:
- Generate a 512-bit key.
- Create an encrypter using
A256CBC_HS512crypto algorithm andDIRECTkey management algorithm. - Use the encrypter to encrypt a zero-length byte string.
- Decrypt the resulting JWE value with the same key.
Observed: go-jose/go-jose: error in cryptographic primitive at step 4.
Expected: no error, zero-length byte string on decryption output.
package main
import (
"crypto/rand"
"fmt"
"github.com/go-jose/go-jose/v3"
)
func main() {
keyBytes := make([]byte, 64)
n, err := rand.Read(keyBytes)
if err != nil {
panic(err)
}
if n != 64 {
panic("wrong generated key size")
}
encrypter, err := jose.NewEncrypter(jose.A256CBC_HS512, jose.Recipient{
Algorithm: jose.DIRECT,
Key: keyBytes,
KeyID: "my_key",
}, nil)
if err != nil {
panic(err)
}
emptyString := []byte("")
jwe, err := encrypter.Encrypt(emptyString)
if err != nil {
panic(err)
}
cleartext, err := jwe.Decrypt(keyBytes)
if err != nil {
panic(err) // ← here
}
fmt.Printf("“%v”", string(cleartext))
}