Skip to content

fix: randomize pgp boundary#1191

Merged
andrinoff merged 1 commit intofloatpane:masterfrom
Genmin:fix/yubikey-mime-boundary-random
Apr 29, 2026
Merged

fix: randomize pgp boundary#1191
andrinoff merged 1 commit intofloatpane:masterfrom
Genmin:fix/yubikey-mime-boundary-random

Conversation

@Genmin
Copy link
Copy Markdown
Contributor

@Genmin Genmin commented Apr 29, 2026
edited
Loading

What?

  • Replace the YubiKey PGP multipart/signed boundary timestamp with 16 bytes from crypto/rand.
  • Keep a UnixNano fallback for rare random-source failures.
  • Add focused tests for the random path and fallback formatting.

Why?

MIME boundaries should not be predictable. The existing YubiKey path used time.Now().Unix(), while other signing paths already prefer crypto/rand with a timestamp fallback.

Tests

  • git diff --check

Notes

  • I could not run gofmt/go test locally because Go/gofmt is not installed in this environment.

Closes #729

@Genmin Genmin requested a review from a team as a code owner April 29, 2026 13:39
floatpanebot
floatpanebot previously requested changes Apr 29, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@floatpanebot floatpanebot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @Genmin! Please fix the following issues with your PR:

  • Body: Missing the ## What? or ## Why? headings required by the PR template.

@github-actions github-actions Bot added the bug Something isn't working label Apr 29, 2026
@andrinoff
Copy link
Copy Markdown
Member

andrinoff commented Apr 29, 2026

@Genmin follow the PR template

@Genmin Genmin changed the title fix: randomize yubikey MIME boundaries fix: randomize pgp boundary Apr 29, 2026
@floatpanebot floatpanebot dismissed their stale review April 29, 2026 14:03

Formatting issues have been resolved. Thank you!

@Genmin
Copy link
Copy Markdown
Contributor Author

Genmin commented Apr 29, 2026

Updated the PR title/body to follow the template; the formatting check has rerun successfully.

andrinoff
andrinoff approved these changes Apr 29, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@andrinoff andrinoff left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@andrinoff
Copy link
Copy Markdown
Member

andrinoff commented Apr 29, 2026

/approve

floatpanebot
floatpanebot approved these changes Apr 29, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@floatpanebot floatpanebot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved on behalf of @andrinoff via /approve command.

@andrinoff andrinoff merged commit fa179cc into floatpane:master Apr 29, 2026
16 of 17 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@andrinoff andrinoff andrinoff approved these changes

@floatpanebot floatpanebot floatpanebot approved these changes

Assignees

No one assigned

Labels

bug Something isn't working

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

BUG: Weak random number generation for MIME boundaries

3 participants

@Genmin @andrinoff @floatpanebot