Browse Source
crypto: fix pkcs7 padding check
related: ricmoo/pyaes#22
in practice, the only strings we would incorrectly accept are
(certain length of) all zero bytes
3.3.3.1
SomberNight
6 years ago
No known key found for this signature in database
GPG Key ID: B33B5F232C6271E9
1 changed files with
2 additions and
2 deletions
-
electrum/crypto.py
|
|
@ -55,8 +55,8 @@ def strip_PKCS7_padding(data: bytes) -> bytes: |
|
|
if len(data) % 16 != 0 or len(data) == 0: |
|
|
if len(data) % 16 != 0 or len(data) == 0: |
|
|
raise InvalidPadding("invalid length") |
|
|
raise InvalidPadding("invalid length") |
|
|
padlen = data[-1] |
|
|
padlen = data[-1] |
|
|
if padlen > 16: |
|
|
if not (0 < padlen <= 16): |
|
|
raise InvalidPadding("invalid padding byte (large)") |
|
|
raise InvalidPadding("invalid padding byte (out of range)") |
|
|
for i in data[-padlen:]: |
|
|
for i in data[-padlen:]: |
|
|
if i != padlen: |
|
|
if i != padlen: |
|
|
raise InvalidPadding("invalid padding byte (inconsistent)") |
|
|
raise InvalidPadding("invalid padding byte (inconsistent)") |
|
|
|
