x/crypto/bcrypt: base64 decode - incorrect padding calculation #35810
Labels
NeedsInvestigation
Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Milestone
What version of Go are you using (
go version
)?Does this issue reproduce with the latest release?
Yes
What operating system and processor architecture are you using (
go env
)?go env
OutputWhat did you do?
Test bcrypt base64 decoding function with inputs of different lengths, generated using the corresponding encoding function from the same file
What did you expect to see?
Successful decoding of all valid base64-encoded inputs
What did you see instead?
Decoding errors
Additional Details
Description
When calculating padding
=
s, the calculation returns 4 when it should return 0.This edge case is never encountered in bcrypt, since the inputs are always the same length (which is not divisible by 4).
Reference
This is the existing code (https://github.com/golang/crypto/blob/ac88ee75c92c889b97e05591e9a39b6480c538b3/bcrypt/base64.go#L24)
Suggested fix
The text was updated successfully, but these errors were encountered: