We use cookies to ensure you get the best experience on our website
Página inicial Explorar Ajuda
Registrar Entrar
0ct0pu5
/
ladybird
1
0
Fork 0
Arquivos Issues 0 Pull Requests 0 Wiki
Ver código fonte

LibCrypto: Do not silently ignore key size mismatch

Before, when the actually passed key was too long, the extra bytes were silently
ignored. This can lead to all sorts of trouble, so ... don't do that.

The original intention was maybe to support non-integer amounts of key bytes.
But that doesn't happen anyway with AES.
Ben Wiederhake 5 anos atrás
pai
e0b7833078
commit
1c60ea235e
1 arquivos alterados com 1 adições e 1 exclusões
Visão dividida Mostrar estatísticas do Diff
  1. 1 1
      Libraries/LibCrypto/Cipher/AES.cpp

+ 1 - 1
Libraries/LibCrypto/Cipher/AES.cpp
Ver arquivo 

@@ -67,7 +67,7 @@ void AESCipherKey::expand_encrypt_key(const ByteBuffer& user_key, size_t bits)
 
 
     ASSERT(!user_key.is_null());
 
     ASSERT(is_valid_key_size(bits));
 
-    ASSERT(user_key.size() >= bits / 8);
 
+    ASSERT(user_key.size() == bits / 8);
 
 
     round_key = round_keys();

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5