diff options
| author | Jaime Pérez Crespo <jaime.perez@uninett.no> | 2012-08-24 12:56:41 +0000 |
|---|---|---|
| committer | Jaime Pérez Crespo <jaime.perez@uninett.no> | 2012-08-24 12:56:41 +0000 |
| commit | 015d449c2879569f1d472be9be595c1ce7fdb090 (patch) | |
| tree | 7797d73e6386ca20945349c0549dded13c2e20e9 /lib/SAML2 | |
| parent | dddcb4e9a255c1d30691fb929eff87b1a8cda5a0 (diff) | |
| download | simplesamlphp-015d449c2879569f1d472be9be595c1ce7fdb090.zip simplesamlphp-015d449c2879569f1d472be9be595c1ce7fdb090.tar.gz simplesamlphp-015d449c2879569f1d472be9be595c1ce7fdb090.tar.bz2 | |
Fix for issue #509. Check symmetric key length once decrypted, to make sure it is the same size as expected.
git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@3145 44740490-163a-0410-bde0-09ae8108e29a
Diffstat (limited to 'lib/SAML2')
| -rw-r--r-- | lib/SAML2/Utils.php | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/lib/SAML2/Utils.php b/lib/SAML2/Utils.php index 6a959c2..00e5a33 100644 --- a/lib/SAML2/Utils.php +++ b/lib/SAML2/Utils.php @@ -398,6 +398,10 @@ class SAML2_Utils { try { $key = $encKey->decryptKey($symmetricKeyInfo); + if (strlen($key) != $keySize) { + throw new Exception('Unexpected key size (' . strlen($key) * 8 . 'bits) for encryption algorithm: ' . + var_export($symmetricKey->type, TRUE)); + } } catch (Exception $e) { /* We failed to decrypt this key. Log it, and substitute a "random" key. */ SimpleSAML_Logger::error('Failed to decrypt symmetric key: ' . $e->getMessage()); |