ocheron
commented
1 year ago Unfortunately both schemes exist and are used, so the patch would have broken compatibility with some software. I re-designed the API to accept both in cryptostore-0.3.0.0.
Closed jared-tripshot closed 1 year ago
ocheron
commented
1 year ago Unfortunately both schemes exist and are used, so the patch would have broken compatibility with some software. I re-designed the API to accept both in cryptostore-0.3.0.0.
The code to convert UTF-8 to UCS-2 was converting the empty string "" in UTF-8 to "\NUL\NUL" in UCS-2. This caused downstream problems later in deriving the key from said password.
This deals with section B.2 step #3
https://datatracker.ietf.org/doc/html/rfc7292#appendix-B
To test the problem create a sample file with an empty integrity password sample.p12