crypto: fix pkcs7 padding check

related: ricmoo/pyaes#22 in practice, the only strings we would incorrectly accept are (certain length of) all zero bytes
2018-11-22 18:21:19 +01:00
parent a8e6eaa247
commit f04e5fbed6
1 changed files with 2 additions and 2 deletions
--- a/electrum/crypto.py
+++ b/electrum/crypto.py
@@ -55,8 +55,8 @@ def strip_PKCS7_padding(data: bytes) -> bytes:
    if len(data) % 16 != 0 or len(data) == 0:
        raise InvalidPadding("invalid length")
    padlen = data[-1]
-    if padlen > 16:
-        raise InvalidPadding("invalid padding byte (large)")
+    if not (0 < padlen <= 16):
+        raise InvalidPadding("invalid padding byte (out of range)")
    for i in data[-padlen:]:
        if i != padlen:
            raise InvalidPadding("invalid padding byte (inconsistent)")