Check iv length for decryption
This commit is contained in:
parent
fd5478d550
commit
c570abf602
|
@ -136,6 +136,9 @@ proc decryptKeystore*(data, passphrase: string): KsResult[seq[byte]] =
|
||||||
if decKey.len < saltSize:
|
if decKey.len < saltSize:
|
||||||
return err "ks: decryption key must be at least 32 bytes"
|
return err "ks: decryption key must be at least 32 bytes"
|
||||||
|
|
||||||
|
if iv.len < aes128.sizeBlock:
|
||||||
|
return err "ks: invalid iv"
|
||||||
|
|
||||||
let sum = shaChecksum(decKey.toOpenArray(16, 31), cipherMsg)
|
let sum = shaChecksum(decKey.toOpenArray(16, 31), cipherMsg)
|
||||||
if sum != checksumMsg:
|
if sum != checksumMsg:
|
||||||
return err "ks: invalid checksum"
|
return err "ks: invalid checksum"
|
||||||
|
|
Loading…
Reference in New Issue