Projet

Général

Profil

0004-python3-handle-AES-padding-variations-31171.patch

Paul Marillonnet, 18 avril 2019 14:19

Télécharger (1,11 ko)

Voir les différences: 

Subject: [PATCH 4/4] python3: handle AES padding variations (#31171)


 src/authentic2/crypto.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)
src/authentic2/crypto.py
2 2 
import hashlib
3 3 
import struct
4 4 

  		




  
  5
  
    
from django.utils.encoding import force_bytes

  		




  5
  6
  
    
from Crypto.Cipher import AES

  		




  6
  7
  
    
from Crypto.Protocol.KDF import PBKDF2

  		




  7
  8
  
    
from Crypto.Hash import SHA256

  		




  ......




  81
  82
  
    
    unpadded = msg[2:2 + msg_length]

  		




  82
  83
  
    
    if msg_length > len(msg) - 2:

  		




  83
  84
  
    
        raise DecryptionError('wrong padding')

  		




  84
  
  
    
    if not all(c == '\0' for c in msg[2 + msg_length:]):

  		




  
  85
  
    
    if len(msg[2 + msg_length:].strip(force_bytes('\0'))):

  		




  85
  86
  
    
        raise DecryptionError('padding is not all zero')

  		




  86
  87
  
    
    if len(unpadded) != msg_length:

  		




  87
  88
  
    
        raise DecryptionError('wrong padding')

  		




  88
  
  
    
-