Skip to content
Snippets Groups Projects
Commit 015d449c authored by Jaime Pérez Crespo's avatar Jaime Pérez Crespo
Browse files

Fix for issue #509. Check symmetric key length once decrypted, to make sure it... 

Fix for issue #509. Check symmetric key length once decrypted, to make sure it is the same size as expected.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@3145 44740490-163a-0410-bde0-09ae8108e29a
parent dddcb4e9
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 4 additions and 0 deletions
lib/SAML2/Utils.php
+ 4
0
View file @ 015d449c
......@@ -398,6 +398,10 @@ class SAML2_Utils {
try {
$key = $encKey->decryptKey($symmetricKeyInfo);
if (strlen($key) != $keySize) {
throw new Exception('Unexpected key size (' . strlen($key) * 8 . 'bits) for encryption algorithm: ' .
var_export($symmetricKey->type, TRUE));
}
} catch (Exception $e) {
/* We failed to decrypt this key. Log it, and substitute a "random" key. */
SimpleSAML_Logger::error('Failed to decrypt symmetric key: ' . $e->getMessage());
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment