Skip to content

Add missing goto for checking encapsulation invariants.#121562

Merged
vcsjones merged 1 commit intodotnet:mainfrom
vcsjones:ml-kem-encap-sizes
Nov 13, 2025
Merged

Add missing goto for checking encapsulation invariants.#121562
vcsjones merged 1 commit intodotnet:mainfrom
vcsjones:ml-kem-encap-sizes

Conversation

@vcsjones
Copy link
Member

@vcsjones vcsjones commented Nov 12, 2025

When we encapsulate something with ML-KEM on OpenSSL, we were checking that the amount written is what we expected, but a missing goto caused it to be marked as a success.

This isn't really a reliability problem since we already know how much encapsulation sizes are, we're just making sure OpenSSL and the managed side agree on it.

@vcsjones
Add missing goto for checking encapsulation invariants.
27cb755 
When we encapsulate something with ML-KEM on OpenSSL, we were checking that the amount written is what we expected, but a missing `goto` caused it to be marked as a success.

This isn't really a reliability problem since we already know how much encapsulation sizes are, we're just making sure OpenSSL and the managed side agree on it.
@vcsjones vcsjones added this to the 11.0.0 milestone Nov 12, 2025
@vcsjones vcsjones self-assigned this Nov 12, 2025
Copilot AI review requested due to automatic review settings November 12, 2025 22:26
@dotnet-policy-service
Copy link
Contributor

dotnet-policy-service bot commented Nov 12, 2025

Tagging subscribers to this area: @dotnet/area-system-security, @bartonjs, @vcsjones
See info in area-owners.md if you want to be subscribed.

Copilot AI reviewed Nov 12, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR fixes a bug in the ML-KEM encapsulation error handling where a missing goto statement caused an error condition to be incorrectly reported as success. When the encapsulation output lengths didn't match expected values, the code would set ret = -1 but then immediately proceed to set ret = 1, causing the function to return success despite the validation failure.

Key Changes:

  • Added missing goto done; statement after setting error code in length validation check

This was referenced Nov 13, 2025
Open
Open
Closed
Open
@vcsjones
Copy link
Member Author

vcsjones commented Nov 13, 2025

/ba-g Android timeouts and Android is not affected by this change.

@vcsjones vcsjones merged commit 1fb92aa into dotnet:main Nov 13, 2025
101 of 110 checks passed
@github-actions github-actions bot locked and limited conversation to collaborators Dec 14, 2025
@vcsjones vcsjones deleted the ml-kem-encap-sizes branch January 4, 2026 01:48
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

Copilot code review Copilot Copilot left review comments

@bartonjs bartonjs bartonjs approved these changes

Assignees

@vcsjones vcsjones

Labels

area-System.Security

Projects

None yet

Milestone

11.0.0

Development

Successfully merging this pull request may close these issues.

3 participants

@vcsjones @bartonjs