/ 
CryptX-0.088
⭐ Starred 36 / Crypt::Stream::ChaCha
Security Advisories (1)
CVE-2026-41565 (2026-05-28)

CryptX versions before 0.088_001 for Perl have a stack buffer overflow in four AEAD decrypt_verify helpers. The gcm_decrypt_verify, ccm_decrypt_verify, chacha20poly1305_decrypt_verify and eax_decrypt_verify XS routines copied the caller-supplied authentication tag into a fixed 144-byte stack buffer (MAXBLOCKSIZE) without checking the supplied length. A longer tag overwrites the stack past the buffer. Version 0.088 added the clamp to gcm_decrypt_verify, and 0.088_001 added it to the other three. Any caller of an affected helper that forwards an attacker-controlled tag longer than the buffer can trigger the overflow.

NAME

Crypt::Stream::ChaCha - Stream cipher ChaCha

SYNOPSIS

use Crypt::Stream::ChaCha;

# encrypt
$key = "1234567890123456";
$iv  = "123456789012";
$stream = Crypt::Stream::ChaCha->new($key, $iv);
$ct = $stream->crypt("plain message");

# decrypt
$key = "1234567890123456";
$iv  = "123456789012";
$stream = Crypt::Stream::ChaCha->new($key, $iv);
$pt = $stream->crypt($ct);

DESCRIPTION

Provides an interface to the ChaCha stream cipher.

METHODS

new

$stream = Crypt::Stream::ChaCha->new($key, $iv);
#or
$stream = Crypt::Stream::ChaCha->new($key, $iv, $counter, $rounds);

# $key     .. 32 or 16 bytes
# $iv      .. 8 or 12 bytes
# $counter .. initial counter value (DEFAULT: 0)
# $rounds  .. rounds (DEFAULT: 20)

crypt

$ciphertext = $stream->crypt($plaintext);
#or
$plaintext = $stream->crypt($ciphertext);

keystream

$random_key = $stream->keystream($length);

clone

$stream->clone();

SEE ALSO