LitePal icon indicating copy to clipboard operation
LitePal copied to clipboard

Published 20 hours ago verified publisher icon guolindev

AES/CBC/PKCS7Padding 受到 Padding Oracle Attack 的影响

Open firmianay opened this issue 2 years ago • 0 comments

https://github.com/guolindev/LitePal/blob/9d9bfc9756df00bbaface9f0355eb3acd8464256/core/src/main/java/org/litepal/util/cipher/AESCrypt.java#L40

通过静态扫描工具发现的,以及IV没有使用随机数

firmianay avatar Feb 07 '22 08:02 firmianay