From c570abf602a7efebc534f0cfa2df8148316e15d7 Mon Sep 17 00:00:00 2001
From: Zed <zedeus@pm.me>
Date: Wed, 27 May 2020 16:05:32 +0200
Subject: [PATCH] Check iv length for decryption

---
 beacon_chain/spec/keystore.nim | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/beacon_chain/spec/keystore.nim b/beacon_chain/spec/keystore.nim
index 8b90c2f0d..b3b98c14f 100644
--- a/beacon_chain/spec/keystore.nim
+++ b/beacon_chain/spec/keystore.nim
@@ -136,6 +136,9 @@ proc decryptKeystore*(data, passphrase: string): KsResult[seq[byte]] =
   if decKey.len < saltSize:
     return err "ks: decryption key must be at least 32 bytes"
 
+  if iv.len < aes128.sizeBlock:
+    return err "ks: invalid iv"
+
   let sum = shaChecksum(decKey.toOpenArray(16, 31), cipherMsg)
   if sum != checksumMsg:
     return err "ks: invalid checksum"