The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Creative Commons Attribution Share Alike 4.0 International
7.04k
stars
1.3k
forks
source link
Possible error in 4.9.2 Testing for Padding Oracle #1080
Closed
Sacek073 closed 1 year ago
What's the issue? I think there is error on line 43 in the formula for calculating the number of blocks (
b = ceil( length(b) / n)). https://github.com/OWASP/wstg/blob/2534bbfee762a87d42c7f91d301d10b086bd420e/document/4-Web_Application_Security_Testing/09-Testing_for_Weak_Cryptography/02-Testing_for_Padding_Oracle.md?plain=1#L43C1-L43C1How do we solve it? I think that the right formula should be:
b = ceil( length(p) / n), where p is the plaintext.Would you like to be assigned to this issue? Check the box if you will submit a PR to fix this issue. Please read CONTRIBUTING.md.