From a7e66e3ea20a964320758d50b6e766ce41c35956 Mon Sep 17 00:00:00 2001 From: lestrrat <49281+lestrrat@users.noreply.github.com> Date: Thu, 24 Oct 2024 08:07:10 +0900 Subject: [PATCH] Rename the old WithMaxBufferSize option as previously warned (#1218) Co-authored-by: Daisuke Maki --- jwe/jwe.go | 2 +- jwe/jwe_test.go | 6 +++--- jwe/options.yaml | 8 +++----- jwe/options_gen.go | 32 +++++++++++++++----------------- jwe/options_gen_test.go | 2 +- 5 files changed, 23 insertions(+), 27 deletions(-) diff --git a/jwe/jwe.go b/jwe/jwe.go index 085ef944e..e98efd796 100644 --- a/jwe/jwe.go +++ b/jwe/jwe.go @@ -43,7 +43,7 @@ func Settings(options ...GlobalOption) { maxPBES2Count = option.Value().(int) case identMaxDecompressBufferSize{}: maxDecompressBufferSize = option.Value().(int64) - case identMaxBufferSize{}: + case identCBCBufferSize{}: aescbc.SetMaxBufferSize(option.Value().(int64)) } } diff --git a/jwe/jwe_test.go b/jwe/jwe_test.go index 69bd71f18..782105527 100644 --- a/jwe/jwe_test.go +++ b/jwe/jwe_test.go @@ -807,10 +807,10 @@ func TestGHSA_7f9x_gw85_8grf(t *testing.T) { } } -func TestMaxBufferSize(t *testing.T) { +func TestCBCBufferSize(t *testing.T) { // NOTE: This has GLOBAL EFFECT - jwe.Settings(jwe.WithMaxBufferSize(1)) - defer jwe.Settings(jwe.WithMaxBufferSize(0)) + jwe.Settings(jwe.WithCBCBufferSize(1)) + defer jwe.Settings(jwe.WithCBCBufferSize(0)) key, err := jwxtest.GenerateRsaJwk() require.NoError(t, err, `jwxtest.GenerateRsaJwk should succeed`) diff --git a/jwe/options.yaml b/jwe/options.yaml index 2ab19847c..1e54b1f3f 100644 --- a/jwe/options.yaml +++ b/jwe/options.yaml @@ -159,15 +159,13 @@ options: This option can be used for `jwe.Settings()`, which changes the behavior globally, or for `jwe.Decrypt()`, which changes the behavior for that specific call. - - ident: MaxBufferSize + - ident: CBCBufferSize interface: GlobalOption argument_type: int64 comment: | - WithMaxBufferSize specifies the maximum buffer size for internal + WithCBCBufferSize specifies the maximum buffer size for internal calculations, such as when AES-CBC is performed. The default value is 256MB. If set to an invalid value, the default value is used. + In v2, this option was called MaxBufferSize. This option has a global effect. - - Due to historical reasons this option has a vague name, but in future versions - it will be appropriately renamed. diff --git a/jwe/options_gen.go b/jwe/options_gen.go index 098306214..98ba1c7a6 100644 --- a/jwe/options_gen.go +++ b/jwe/options_gen.go @@ -137,6 +137,7 @@ type withKeySetSuboption struct { func (*withKeySetSuboption) withKeySetSuboption() {} +type identCBCBufferSize struct{} type identCEK struct{} type identCompress struct{} type identContentEncryptionAlgorithm struct{} @@ -144,7 +145,6 @@ type identFS struct{} type identKey struct{} type identKeyProvider struct{} type identKeyUsed struct{} -type identMaxBufferSize struct{} type identMaxDecompressBufferSize struct{} type identMaxPBES2Count struct{} type identMergeProtectedHeaders struct{} @@ -155,6 +155,10 @@ type identProtectedHeaders struct{} type identRequireKid struct{} type identSerialization struct{} +func (identCBCBufferSize) String() string { + return "WithCBCBufferSize" +} + func (identCEK) String() string { return "WithCEK" } @@ -183,10 +187,6 @@ func (identKeyUsed) String() string { return "WithKeyUsed" } -func (identMaxBufferSize) String() string { - return "WithMaxBufferSize" -} - func (identMaxDecompressBufferSize) String() string { return "WithMaxDecompressBufferSize" } @@ -223,6 +223,16 @@ func (identSerialization) String() string { return "WithSerialization" } +// WithCBCBufferSize specifies the maximum buffer size for internal +// calculations, such as when AES-CBC is performed. The default value is 256MB. +// If set to an invalid value, the default value is used. +// In v2, this option was called MaxBufferSize. +// +// This option has a global effect. +func WithCBCBufferSize(v int64) GlobalOption { + return &globalOption{option.New(identCBCBufferSize{}, v)} +} + // WithCEK allows users to specify a variable to store the CEK used in the // message upon successful decryption. The variable must be a pointer to // a byte slice, and it will only be populated if the decryption is successful. @@ -270,18 +280,6 @@ func WithKeyUsed(v interface{}) DecryptOption { return &decryptOption{option.New(identKeyUsed{}, v)} } -// WithMaxBufferSize specifies the maximum buffer size for internal -// calculations, such as when AES-CBC is performed. The default value is 256MB. -// If set to an invalid value, the default value is used. -// -// This option has a global effect. -// -// Due to historical reasons this option has a vague name, but in future versions -// it will be appropriately renamed. -func WithMaxBufferSize(v int64) GlobalOption { - return &globalOption{option.New(identMaxBufferSize{}, v)} -} - // WithMaxDecompressBufferSize specifies the maximum buffer size for used when // decompressing the payload of a JWE message. If a compressed JWE payload // exceeds this amount when decompressed, jwe.Decrypt will return an error. diff --git a/jwe/options_gen_test.go b/jwe/options_gen_test.go index a872d45f5..7af86a2ec 100644 --- a/jwe/options_gen_test.go +++ b/jwe/options_gen_test.go @@ -9,6 +9,7 @@ import ( ) func TestOptionIdent(t *testing.T) { + require.Equal(t, "WithCBCBufferSize", identCBCBufferSize{}.String()) require.Equal(t, "WithCEK", identCEK{}.String()) require.Equal(t, "WithCompress", identCompress{}.String()) require.Equal(t, "WithContentEncryption", identContentEncryptionAlgorithm{}.String()) @@ -16,7 +17,6 @@ func TestOptionIdent(t *testing.T) { require.Equal(t, "WithKey", identKey{}.String()) require.Equal(t, "WithKeyProvider", identKeyProvider{}.String()) require.Equal(t, "WithKeyUsed", identKeyUsed{}.String()) - require.Equal(t, "WithMaxBufferSize", identMaxBufferSize{}.String()) require.Equal(t, "WithMaxDecompressBufferSize", identMaxDecompressBufferSize{}.String()) require.Equal(t, "WithMaxPBES2Count", identMaxPBES2Count{}.String()) require.Equal(t, "WithMergeProtectedHeaders", identMergeProtectedHeaders{}.String())