Merge pull request #9902 from SomberNight/202506_base64_trailing_garbage

base64.b64decode: always set validate=True
2025-06-04 14:59:20 +02:00
parent ee2c3e07b8 3e4601c61d
commit 2024fa4507
13 changed files with 43 additions and 15 deletions
--- a/electrum/plugins/digitalbitbox/digitalbitbox.py
+++ b/electrum/plugins/digitalbitbox/digitalbitbox.py
@@ -424,7 +424,7 @@ class DigitalBitbox_Client(HardwareClientBase):
            authenticated_msg = base64.b64encode(msg + hmac_digest)
            reply = self.hid_send_plain(authenticated_msg)
            if 'ciphertext' in reply:
-                b64_unencoded = bytes(base64.b64decode(''.join(reply["ciphertext"])))
+                b64_unencoded = bytes(base64.b64decode(''.join(reply["ciphertext"]), validate=True))
                reply_hmac = b64_unencoded[-sha256_byte_len:]
                hmac_calculated = hmac_oneshot(authentication_key, b64_unencoded[:-sha256_byte_len], hashlib.sha256)
                if not hmac.compare_digest(reply_hmac, hmac_calculated):
@@ -702,7 +702,7 @@ class DigitalBitboxPlugin(HW_PluginBase):
    def comserver_post_notification(self, payload, *, handler: 'HardwareHandlerBase'):
        assert self.is_mobile_paired(), "unexpected mobile pairing error"
        url = 'https://digitalbitbox.com/smartverification/index.php'
-        key_s = base64.b64decode(self.digitalbitbox_config[ENCRYPTION_PRIVKEY_KEY])
+        key_s = base64.b64decode(self.digitalbitbox_config[ENCRYPTION_PRIVKEY_KEY], validate=True)
        ciphertext = EncodeAES_bytes(key_s, json.dumps(payload).encode('ascii'))
        args = 'c=data&s=0&dt=0&uuid=%s&pl=%s' % (
            self.digitalbitbox_config[CHANNEL_ID_KEY],
--- a/electrum/plugins/jade/jade.py
+++ b/electrum/plugins/jade/jade.py
@@ -192,7 +192,7 @@ class Jade_Client(HardwareClientBase):

        # Signature verification does not work with anti-exfil, so stick with default (rfc6979)
        sig = self.jade.sign_message(path, message)
-        return base64.b64decode(sig)
+        return base64.b64decode(sig, validate=True)

    @runs_in_hwd_thread
    def sign_psbt(self, psbt_bytes):
--- a/electrum/plugins/labels/labels.py
+++ b/electrum/plugins/labels/labels.py
@@ -45,7 +45,7 @@ class LabelsPlugin(BasePlugin):

    def decode(self, wallet: 'Abstract_Wallet', message: str) -> str:
        password, iv, wallet_id = self.wallets[wallet]
-        decoded = base64.b64decode(message)
+        decoded = base64.b64decode(message, validate=True)
        decrypted = aes_decrypt_with_iv(password, iv, decoded)
        return decrypted.decode('utf8')

--- a/electrum/plugins/ledger/ledger.py
+++ b/electrum/plugins/ledger/ledger.py
@@ -1155,7 +1155,8 @@ class Ledger_Client_New(Ledger_Client):

        result = b''
        try:
-            result = base64.b64decode(self.client.sign_message(message, address_path))
+            sig_str = self.client.sign_message(message, address_path)
+            result = base64.b64decode(sig_str, validate=True)
        except DenyError:
            pass  # cancelled by user
        except BaseException as e: