stronger validation of input lists for cryptographic routines

Example:

    ?- crypto_data_hkdf(Var, 32, Bs, []).
    caught: error(instantiation_error,must_be/2)

Reported by @notoria in #527. Many thanks!

diff --git a/src/prolog/lib/crypto.pl b/src/prolog/lib/crypto.pl
index 12c5b73bc3deff938b0dcfd3b5bc8edfe6501a49..909127d4d6849c758a1549f7ef766e88fc4b917a 100644 (file)
--- a/src/prolog/lib/crypto.pl
+++ b/src/prolog/lib/crypto.pl
@@ -597,12 +597,14 @@ crypto_data_decrypt(CipherText0, Algorithm, Key, IV, PlainText, Options) :-
         '$crypto_data_decrypt'(CipherText, Key, IV, Encoding, PlainText).
 
 encoding_bytes(octet, Bs0, Bs) :-
+        must_be(list, Bs0),
         (   maplist(integer, Bs0) ->
             Bs0 = Bs
         ;   maplist(char_code, Bs0, Bs)
         ),
         must_be_bytes(Bs, crypto_encoding).
 encoding_bytes(utf8, Cs, Bs) :-
+        must_be(list, Cs),
         (   maplist(atom, Cs) ->
             chars_bytes_(Cs, Bs, crypto_encoding)
         ;   domain_error(encryption_encoding, Cs, crypto)