From d8cb7e33644a65fd9d939d873bd0fdbedf7b769d Mon Sep 17 00:00:00 2001
From: Muhamad Azamy <muhamad@incubaid.com>
Date: Wed, 18 Nov 2020 10:56:05 +0100
Subject: [PATCH] fix panic due to using wrong decrypt method

This fix is to avoid crashing when trying to decrypt a cipher text
with the wrong version
---
 pkg/crypto/encryption.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/pkg/crypto/encryption.go b/pkg/crypto/encryption.go
index 1e9e6e300..01adf68b0 100644
--- a/pkg/crypto/encryption.go
+++ b/pkg/crypto/encryption.go
@@ -23,6 +23,10 @@ func Decrypt(msg []byte, sk ed25519.PrivateKey) ([]byte, error) {
 	curvePriv := PrivateKeyToCurve25519(sk)
 	curvePub := PublicKeyToCurve25519(sk.Public().(ed25519.PublicKey))
 
+	if len(msg) < 48 {
+		return nil, fmt.Errorf("invalid cipher text too short")
+	}
+
 	return box.Open(msg, &curvePub, &curvePriv)
 }