mirror of
https://github.com/LBRYFoundation/LBRY-Vault.git
synced 2025-08-31 01:11:35 +00:00
crypto: fix pkcs7 padding check
related: ricmoo/pyaes#22 in practice, the only strings we would incorrectly accept are (certain length of) all zero bytes
This commit is contained in:
SomberNight
parent
a8e6eaa247
commit
f04e5fbed6
1 changed files with 2 additions and 2 deletions
|
|
@ -55,8 +55,8 @@ def strip_PKCS7_padding(data: bytes) -> bytes:
|
|||
if len(data) % 16 != 0 or len(data) == 0:
|
||||
raise InvalidPadding("invalid length")
|
||||
padlen = data[-1]
|
||||
if padlen > 16:
|
||||
raise InvalidPadding("invalid padding byte (large)")
|
||||
if not (0 < padlen <= 16):
|
||||
raise InvalidPadding("invalid padding byte (out of range)")
|
||||
for i in data[-padlen:]:
|
||||
if i != padlen:
|
||||
raise InvalidPadding("invalid padding byte (inconsistent)")
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue