Skip to content

fix: guard decryptBufferCBC against non-block-aligned ciphertext#21573

Closed
AztecBot wants to merge 1 commit into
nextfrom
claudebox/fix-aes128-test-spartan
Closed

fix: guard decryptBufferCBC against non-block-aligned ciphertext#21573
AztecBot wants to merge 1 commit into
nextfrom
claudebox/fix-aes128-test-spartan

Conversation

@AztecBot

@AztecBot AztecBot commented Mar 16, 2026

Copy link
Copy Markdown
Collaborator

Summary

PR #21192 added tests expecting decryptBufferCBC to return an empty buffer when given ciphertext whose length is not a multiple of 16 (the AES block size), but did not add the corresponding guard to the implementation. Barretenberg's aesDecrypt processes whatever bytes it can, leading to a non-empty garbage result instead of the expected empty buffer.

Adds an early return of an empty buffer in decryptBufferCBC when data.length is 0 or not a multiple of 16.

Test plan

  • yarn workspace @aztec/foundation test src/crypto/aes128/index.test.ts — all 5 tests pass

ClaudeBox log: https://claudebox.work/s/5026ee69dbe528cb?run=1

@AztecBot AztecBot added the claudebox Owned by claudebox. it can push to this PR. label Mar 16, 2026
Base automatically changed from merge-train/spartan to next March 20, 2026 22:34
@AztecBot

AztecBot commented Mar 26, 2026

Copy link
Copy Markdown
Collaborator Author

Automatically closing this stale claudebox draft PR (no updates for 5+ days). Re-open if still needed.

@AztecBot AztecBot closed this Mar 26, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

claudebox Owned by claudebox. it can push to this PR.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@AztecBot