Loading...

XML

Word

Printable

JSON

Type: Task
Resolution: Fixed
Priority: Major - P3
Fix Version/s: 7.0.0-rc0
Affects Version/s: None
Component/s: None
Labels:
None

Backwards Compatibility:
Fully Compatible
Sprint:
Security 2023-02-20
Linked BF Score:
153
CAR Domain/s:
None

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name(s):
None
Goal Link:
None

The current decryptAndParse functions in these two classes require both the serverToken and the serverDerivedFromData token so that they can parse and decrypt the entire serialized blob.

However, it is often the case that only one of these tokens exist and only a certain section of the serialized blob needs to be decrypted. For example. in collScan finds, only the metadata block needs to be decrypted. During client decryption, only the user ciphertext needs to be decrypted.

The interface of these classes should be rewritten so as to allow the parse & decryption of only certain sections of the serialized data.

Assignee:: Erwin Pe
Reporter:: Erwin Pe
Participants:: Erwin Pe, Githook User
Votes:: 0 Vote for this issue
Watchers:: 2 Start watching this issue

Created:: Feb 07 2023 07:20:46 PM UTC
Updated:: Oct 29 2023 09:26:44 PM UTC
Resolved:: Feb 09 2023 09:40:24 PM UTC

Details

Description

Attachments

Activity

People

Dates