chore: prevent panic by enforcing nonce length (#2459)

staaldraad · web-flow · commit c17e1f55b7d8 · 2026-03-31T12:35:24.000-07:00
## What kind of change does this PR introduce?

Bug fix / chore

## What is the current behavior?

Current `IsValid` in `crypto.go` only validates that the nonce length is
&gt; 0. `cipher.NewGCM()` from the Go standard library panics if the nonce
is not exactly 12 bytes.

## What is the new behavior?

Matches the `IsValid` check with the behaviour of `cipher.NewGCM()` and
prevents a panic.
diff --git a/internal/crypto/crypto.go b/internal/crypto/crypto.go
@@ -60,7 +60,9 @@ type EncryptedString struct {
 }
 
 func (es *EncryptedString) IsValid() bool {
-	return es.KeyID != "" && len(es.Data) > 0 && len(es.Nonce) > 0 && es.Algorithm == "aes-gcm-hkdf"
+	// cipher.NewGCM() is always used, which panics on a Nonce that is not 12 bytes
+	// enforce that the nonce length and other values are correct
+	return es.KeyID != "" && len(es.Data) > 0 && len(es.Nonce) == 12 && es.Algorithm == "aes-gcm-hkdf"
 }
 
 // ShouldReEncrypt tells you if the value encrypted needs to be encrypted again with a newer key.

Original file line number	Diff line number	Diff line change
`@@ -60,7 +60,9 @@ type EncryptedString struct {`
`60`	`60`	`}`
`61`	`61`
`62`	`62`	`func (es *EncryptedString) IsValid() bool {`
`63`		`- return es.KeyID != "" && len(es.Data) > 0 && len(es.Nonce) > 0 && es.Algorithm == "aes-gcm-hkdf"`
	`63`	`+ // cipher.NewGCM() is always used, which panics on a Nonce that is not 12 bytes`
	`64`	`+ // enforce that the nonce length and other values are correct`
	`65`	`+ return es.KeyID != "" && len(es.Data) > 0 && len(es.Nonce) == 12 && es.Algorithm == "aes-gcm-hkdf"`
`64`	`66`	`}`
`65`	`67`
`66`	`68`	`// ShouldReEncrypt tells you if the value encrypted needs to be encrypted again with a newer key.`