Skip to content

Commit

Permalink
fix: fix bug that the internal reader is not checkd hmac if packet si…
Browse files Browse the repository at this point in the history 
…ze is less 16 byte
  • Loading branch information
@elecbug
elecbug committed Sep 21, 2024
1 parent 5ed447d commit dba4bd2
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 1 deletion.
18 changes: 18 additions & 0 deletions SecSess/Interface/IStream.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -133,6 +133,24 @@ internal static byte[] InternalRead(Symmetric symmetric, byte[] hmacKey, Secure.
}
else
{
byte[] concat = new byte[iv.Length + enc1.Length];

Buffer.BlockCopy(iv, 0, concat, 0, iv.Length);
Buffer.BlockCopy(enc1, 0, concat, iv.Length, enc1.Length);

byte[] hmacs = new byte[Hash.HashDataSize(hash)];

int s4 = 0;
while (s4 < hmacs.Length)
s4 += client.GetStream().Read(hmacs, s4, hmacs.Length - s4);

byte[] compare = Hash.HMacData(hash, hmacKey, concat);

if (compare.SequenceEqual(hmacs) == false)
{
throw new AuthenticationException("HMAC authentication is failed.");
}

return msg1[4..(len + 4)];
}
}
Expand Down
2 changes: 1 addition & 1 deletion version
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
v0.3.0
v0.3.1

0 comments on commit dba4bd2

Please sign in to comment.