thePR0M3TH3AN/seedPass
1
0
Fork 0
mirror of https://github.com/PR0M3TH3AN/SeedPass.git synced 2025-09-09 15:58:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Validate AES-GCM payload length

Browse Source
This commit is contained in:
thePR0M3TH3AN
2025-07-13 20:15:58 -04:00
parent e5dbbac762
commit 78104681e4
2 changed files with 20 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/password_manager/encryption.py
View File

@@ -89,6 +89,9 @@ class EncryptionManager:
try:
nonce = encrypted_data[3:15]
ciphertext = encrypted_data[15:]
if len(ciphertext) < 16:
logger.error("AES-GCM payload too short")
raise InvalidToken("AES-GCM payload too short")
return self.cipher.decrypt(nonce, ciphertext, None)
except InvalidTag as e:
logger.error("AES-GCM decryption failed: Invalid authentication tag.")