Skip to content

Commit 0f6da56

Browse files
littledivylittledivy
authored
fix: Wrap base64-encoded PEM with 64-char line boundary (#1292)
According to [RFC7468](https://datatracker.ietf.org/doc/html/rfc7468) > Generators MUST wrap the base64-encoded lines so that each line consists of exactly 64 characters except for the final line, which will encode the remainder of the data (within the 64-character line boundary), and they MUST NOT emit extraneous whitespace. Parsers can avoid branching and prevent timing sidechannel attacks. Ref https://arxiv.org/pdf/2108.04600.pdf Fixes compatibility with Deno as it enforces stricter handling of PEM.
1 parent 6c2204a commit 0f6da56

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

src/client/encrypt.js

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -79,7 +79,7 @@ module.exports = function (client, options) {
7979
function mcPubKeyToPem (mcPubKeyBuffer) {
8080
let pem = '-----BEGIN PUBLIC KEY-----\n'
8181
let base64PubKey = mcPubKeyBuffer.toString('base64')
82-
const maxLineLength = 65
82+
const maxLineLength = 64
8383
while (base64PubKey.length > 0) {
8484
pem += base64PubKey.substring(0, maxLineLength) + '\n'
8585
base64PubKey = base64PubKey.substring(maxLineLength)

0 commit comments

Comments
 (0)