diff options
| author |   Michał Górny <mgorny@gentoo.org> | 2013-08-20 21:18:11 +0200 |
|---|---|---|
| committer | Michał Górny <mgorny@gentoo.org> | 2013-08-20 23:17:38 +0200 |
| commit | b138e384d736aea2c72d2aa3fa9fb806843a5851 (patch) | |
| tree | 2653f44859d22408656fa13422edadb1080d25fc | |
| parent | test_cipher: respect block_size. (diff) | |
| download | identity.gentoo.org-b138e384d736aea2c72d2aa3fa9fb806843a5851.tar.gz identity.gentoo.org-b138e384d736aea2c72d2aa3fa9fb806843a5851.tar.bz2 identity.gentoo.org-b138e384d736aea2c72d2aa3fa9fb806843a5851.zip | |
Raise ValueError on short ciphertext.
| -rw-r--r-- | okupy/common/crypto.py | 2 | ||||
| -rw-r--r-- | okupy/tests/unit/test_cipher.py | 5 |
2 files changed, 7 insertions, 0 deletions
diff --git a/okupy/common/crypto.py b/okupy/common/crypto.py index 705f173..a50d3b6 100644 --- a/okupy/common/crypto.py +++ b/okupy/common/crypto.py @@ -50,6 +50,8 @@ class OkupyCipher(object): Decrypt the data block of given length. Removes padding if any. """ + if len(data) < length: + raise ValueError('Ciphertext too short for requested length') return self.cipher.decrypt(data)[:length] diff --git a/okupy/tests/unit/test_cipher.py b/okupy/tests/unit/test_cipher.py index 36615c3..a0eaab1 100644 --- a/okupy/tests/unit/test_cipher.py +++ b/okupy/tests/unit/test_cipher.py @@ -34,3 +34,8 @@ class OkupyCipherTests(TestCase): data = Random.get_random_bytes(45) hash = cipher.encrypt(data) self.assertEqual(cipher.decrypt(hash, len(data)), data) + + def test_ciphertext_shorter_than_req_output_raises_valueerror(self): + data = self._random_string[:cipher.block_size*2] + hash = cipher.encrypt(data)[:cipher.block_size] + self.assertRaises(ValueError, cipher.decrypt, hash, len(data)) |