You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by sc...@apache.org on 2013/05/14 23:24:14 UTC
svn commit: r1482595 -
/santuario/xml-security-cpp/trunk/xsec/xenc/impl/XENCAlgorithmHandlerDefault.cpp
Author: scantor
Date: Tue May 14 21:24:14 2013
New Revision: 1482595
URL: http://svn.apache.org/r1482595
Log:
Fix key size checking, and avoid breaking existing apps.
Modified:
santuario/xml-security-cpp/trunk/xsec/xenc/impl/XENCAlgorithmHandlerDefault.cpp
Modified: santuario/xml-security-cpp/trunk/xsec/xenc/impl/XENCAlgorithmHandlerDefault.cpp
URL: http://svn.apache.org/viewvc/santuario/xml-security-cpp/trunk/xsec/xenc/impl/XENCAlgorithmHandlerDefault.cpp?rev=1482595&r1=1482594&r2=1482595&view=diff
==============================================================================
--- santuario/xml-security-cpp/trunk/xsec/xenc/impl/XENCAlgorithmHandlerDefault.cpp (original)
+++ santuario/xml-security-cpp/trunk/xsec/xenc/impl/XENCAlgorithmHandlerDefault.cpp Tue May 14 21:24:14 2013
@@ -1133,25 +1133,25 @@ XSECCryptoKey * XENCAlgorithmHandlerDefa
XSECCryptoSymmetricKey * sk = NULL;
if (strEquals(uri, DSIGConstants::s_unicodeStrURI3DES_CBC)) {
- if (keyLen != 192)
+ if (keyLen < 192 / 8)
throw XSECException(XSECException::CipherError,
"XENCAlgorithmHandlerDefault - key size was invalid");
sk = XSECPlatformUtils::g_cryptoProvider->keySymmetric(XSECCryptoSymmetricKey::KEY_3DES_192);
}
else if (strEquals(uri, DSIGConstants::s_unicodeStrURIAES128_CBC) || strEquals(uri, DSIGConstants::s_unicodeStrURIAES128_GCM)) {
- if (keyLen != 128)
+ if (keyLen < 128 / 8)
throw XSECException(XSECException::CipherError,
"XENCAlgorithmHandlerDefault - key size was invalid");
sk = XSECPlatformUtils::g_cryptoProvider->keySymmetric(XSECCryptoSymmetricKey::KEY_AES_128);
}
else if (strEquals(uri, DSIGConstants::s_unicodeStrURIAES192_CBC) || strEquals(uri, DSIGConstants::s_unicodeStrURIAES192_GCM)) {
- if (keyLen != 192)
+ if (keyLen < 192 / 8)
throw XSECException(XSECException::CipherError,
"XENCAlgorithmHandlerDefault - key size was invalid");
sk = XSECPlatformUtils::g_cryptoProvider->keySymmetric(XSECCryptoSymmetricKey::KEY_AES_192);
}
else if (strEquals(uri, DSIGConstants::s_unicodeStrURIAES256_CBC) || strEquals(uri, DSIGConstants::s_unicodeStrURIAES256_GCM)) {
- if (keyLen != 256)
+ if (keyLen < 256 / 8)
throw XSECException(XSECException::CipherError,
"XENCAlgorithmHandlerDefault - key size was invalid");
sk = XSECPlatformUtils::g_cryptoProvider->keySymmetric(XSECCryptoSymmetricKey::KEY_AES_256);