From b69d0d0228a3ccc9d4906b4689531e903c7c43dd Mon Sep 17 00:00:00 2001
From: Daniel Huigens <d.huigens@protonmail.com>
Date: Wed, 15 Apr 2020 19:33:04 +0200
Subject: [PATCH] Support PKCS5 padding longer than 8 bytes (#1081)

This is allowed by the spec to hide the length of the session key:

    For example, assuming that an AES algorithm is
    used for the session key, the sender MAY use 21, 13, and 5 bytes of
    padding for AES-128, AES-192, and AES-256, respectively, to provide
    the same number of octets, 40 total, as an input to the key wrapping
    method.
---
 src/crypto/pkcs5.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/crypto/pkcs5.js b/src/crypto/pkcs5.js
index 860e7d19..23c93b2d 100644
--- a/src/crypto/pkcs5.js
+++ b/src/crypto/pkcs5.js
@@ -41,7 +41,7 @@ function decode(msg) {
   const len = msg.length;
   if (len > 0) {
     const c = msg.charCodeAt(len - 1);
-    if (c >= 1 && c <= 8) {
+    if (c >= 1) {
       const provided = msg.substr(len - c);
       const computed = String.fromCharCode(c).repeat(c);
       if (provided === computed) {