Closed gekailin closed 8 years ago
I found a bug of RNEncryptor::generateIv.
RNEncryptor::generateIv
Because GenerateBlock may produce bytes with value '\0', the length of ivString may less than length.
ivString
length
string RNEncryptor::generateIv(int length) { AutoSeededRandomPool prng; byte iv[length + 1]; prng.GenerateBlock(iv, length); iv[length] = '\0'; string ivString = string((char *)iv); return ivString; }
I suggest using the following code:
string RNEncryptor::generateIv(int length) { AutoSeededRandomPool prng; byte iv[length]; prng.GenerateBlock(iv, length); return string((char *)iv, length); }
Thanks @gekailin. C++ isn't really my area. I just built this as an exploratory exercise. Pull requests are welcome, particularly if they come with tests demonstrating that the problem is fixed. Thanks!
I found a bug of
RNEncryptor::generateIv
.Because GenerateBlock may produce bytes with value '\0', the length of
ivString
may less thanlength
.I suggest using the following code: