Add AEAD context binding to server island encryption#16457
Conversation
🦋 Changeset detectedLatest commit: 165d38f The changes in this PR will be included in the next version bump. Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
github-actions
Bot
added
the
pkg: astro
matthewp
force-pushed
the
server-island-encryption-aad
branch
from
20efd59 to
1cfe677
Compare
ematipico
left a comment
ematipico
left a comment
There was a problem hiding this comment.
I suggest reviewing what your agent writes in the PR description, because I honestly have no idea what we're fixing based on what it wrote (very technical terms, and it assumes reviewers know the very technical details of the bug/solution).
Approving, but with an asterisk
|
@ematipico I wrote the description here. How can I write it better? It is technical, but that's necessary for a PR review. I guess I could have added a link about AAD, which is something I wasn't familiar with before starting on the change. That's here: https://en.wikipedia.org/wiki/Authenticated_encryption |
2 participants
Changes
e,p,s) are now bound to their target component and purpose using AES-GCM authenticated additional data (AAD). Each ciphertext includes context likeprops:Islandorslots:CommentsSectionso that encrypted data for one component cannot be replayed against a different component, and encrypted props cannot be reused as slots.encryptStringanddecryptStringinencryption.tsaccept an optionaladditionalDatastring parameter, passed through to the Web CryptoAesGcmParams. Both the encryption side (server-islands.ts) and decryption side (endpoint.ts) now pass matching AAD values.Testing
throws when decrypting with mismatched additionalDataverifies that cross-component/cross-parameter replay is rejected at the crypto layer.Docs