mirrors/age
1
0
Fork 0
mirror of https://github.com/FiloSottile/age.git synced 2026-01-08 04:55:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

age: add NoIdentityMatchError

Browse Source 
Closes #147
This commit is contained in:
Filippo Valsorda
2021-01-17 12:09:07 +01:00
parent 0fa220e4d7
commit f04064a41b
3 changed files with 27 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
scrypt.go
View File

@@ -155,9 +155,9 @@ func (i *ScryptIdentity) Unwrap(block *Stanza) ([]byte, error) {
// This AEAD is not robust, so an attacker could craft a message that
// decrypts under two different keys (meaning two different passphrases) and
// then use an error side-channel in an online decryption oracle to learn if
// either key is correct. This is deemed acceptable because the usa case (an
// either key is correct. This is deemed acceptable because the use case (an
// online decryption oracle) is not recommended, and the security loss is
// only one bit. This also does not bypass any scrypt work, but that work
// only one bit. This also does not bypass any scrypt work, although that work
// can be precomputed in an online oracle scenario.
fileKey, err := aeadDecrypt(k, fileKeySize, block.Body)
if err != nil {