suzanne.soy/fork-openpgpjs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Iterated S2K: always hash the full salt+password at least once

Browse Source 
As per the spec:

   The one exception is that if the octet count is less than
   the size of the salt plus passphrase, the full salt plus passphrase
   will be hashed even though that is greater than the octet count.
This commit is contained in:
Daniel Huigens 2019-11-08 20:15:31 +01:00
parent 6ddfca5f14
commit b0914663dd
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/type/s2k.js
View File

@ -167,9 +167,9 @@ S2K.prototype.produce_key = async function (passphrase, numBytes) {
toHash = util.concatUint8Array([new Uint8Array(prefixlen), this.salt, passphrase]);
break;
case 'iterated': {
const count = this.get_count();
const data = util.concatUint8Array([this.salt, passphrase]);
let datalen = data.length;
const count = Math.max(this.get_count(), datalen);
toHash = new Uint8Array(prefixlen + count);
toHash.set(data, prefixlen);
for (let pos = prefixlen + datalen; pos < count; pos += datalen, datalen *= 2) {