suzanne.soy/fork-openpgpjs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Support PKCS5 padding longer than 8 bytes (#1081)

Browse Source 
This is allowed by the spec to hide the length of the session key:

    For example, assuming that an AES algorithm is
    used for the session key, the sender MAY use 21, 13, and 5 bytes of
    padding for AES-128, AES-192, and AES-256, respectively, to provide
    the same number of octets, 40 total, as an input to the key wrapping
    method.
This commit is contained in:
Daniel Huigens 2020-04-15 19:33:04 +02:00 committed by GitHub
parent 04fb053fc8
commit b69d0d0228
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/crypto/pkcs5.js
View File

@ -41,7 +41,7 @@ function decode(msg) {
const len = msg.length;
if (len > 0) {
const c = msg.charCodeAt(len - 1);
if (c >= 1 && c <= 8) {
if (c >= 1) {
const provided = msg.substr(len - c);
const computed = String.fromCharCode(c).repeat(c);
if (provided === computed) {