Ensure CBS is empty after importing keys
Opened this issue · 0 comments
jonasfj commented
Whenever we create a CBS object, it's usually because we're feeding some data into BoringCrypto. If all the data is not read, this usually indicates invalid data. If importing a key doesn't consume all the bytes supplied in the key, we should probably reject it.
This needs test cases to ensure compatibility with web implementations.
Look code referencingScope.createCBS
those places probably have to check that CBS is empty after it's been processed.
This requires testing of invalid key bytes, so probably blocked by #55