eidas-middleware icon indicating copy to clipboard operation
eidas-middleware copied to clipboard
verified publisher icon Governikus

Remove checkCipherData

Open Al1c3-1337 opened this issue 1 year ago • 1 comments

Remove checkCipherData, as it causes problems with CA_ECDH_AES_CBC_CMAC_192 and CA_ECDH_AES_CBC_CMAC_256. Block size is not always a multiple of key size (ex AES). E.g. using CA_ECDH_AES_CBC_CMAC_192 the encoded key has a length of 192 bits (24 bytes), of which the AES block size (128 bits / 16 bytes) is not a multiple. An incorrect block size is also detected by the underlying classes. Removing this function call made it possible to run conformance tests with CA_ECDH_AES_CBC_CMAC_192 and CA_ECDH_AES_CBC_CMAC_256.

I attached a debugging screenshot of the updateEncryptedIV function showing the exception from the mentioned function. Version 2.2.7 was used for confirming the bug.

Bildschirmfoto 2024-05-28 um 19 06 02

Al1c3-1337 avatar May 28 '24 18:05 Al1c3-1337

CLA assistant check
All committers have signed the CLA.

CLAassistant avatar May 28 '24 18:05 CLAassistant

Thank you for the PR. This change has been included in the 3.4.0 release of the eIDAS Middleware. With the upcoming release, the changelog in the documentation will be updated with a reference to this PR.

bennypi avatar Aug 28 '25 08:08 bennypi