mirror of
https://github.com/LadybirdBrowser/ladybird.git
synced 2025-09-02 15:46:33 +00:00
LibCrypto: Correct RFC5246 un-padding behaviour
The decrypted data is legally allowed to have any amount of padding, so long as it is block-aligned, we should not assume that padding bytes fall inside the same block, or that an entire block cannot be padding. Fixes #2072
This commit is contained in:
parent
637ecdb415
commit
3b432eed98
Notes:
sideshowbarker
2024-07-19 07:01:40 +09:00
Author: https://github.com/alimpfard
Commit: 3b432eed98
Pull-request: https://github.com/SerenityOS/serenity/pull/2079
Issue: https://github.com/SerenityOS/serenity/issues/2072
Reviewed-by: https://github.com/awesomekling
1 changed files with 1 additions and 5 deletions
|
@ -79,11 +79,7 @@ protected:
|
|||
}
|
||||
case PaddingMode::RFC5246: {
|
||||
auto maybe_padding_length = data[size - 1];
|
||||
if (maybe_padding_length >= T::block_size() - 1) {
|
||||
// cannot be padding (the entire block cannot be padding)
|
||||
return;
|
||||
}
|
||||
// FIXME: If we want to constant-time operations, this loop should not stop
|
||||
// FIXME: If we want constant-time operations, this loop should not stop
|
||||
for (auto i = size - maybe_padding_length - 1; i < size; ++i) {
|
||||
if (data[i] != maybe_padding_length) {
|
||||
// note that this is likely invalid padding
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue