LegacyDecryptor and LegacyDecryptorWithMAC use wrong MAC #714
Labels
Comments
noloader
added a commit
that referenced
this issue
Sep 11, 2018
The classes used the wrong hash with the MAC. The legacy gear should have used SHA1, not SHA256.
|
Cleared at Commit 590f8573c4ed. |
|
Can this make it into a release soon? This has been wrong all the way between [6.0.0, 7.0.0] and without the patch, we cannot safely replace existing code to use the legacy algorithms. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Crypto++ 6.0 changed
DefaultDecryptorandDefaultDecryptorWithMACto use modern algorithms. Also see Issue 345.At that time we also provided
LegacyDecryptorandLegacyDecryptorWithMACfor folks who needed interop with the older algorithm. We botched the interop by using the new MAC (SHA256-based) instead of the old MAC (SHA1-based). Also see Update DefaultEncryptor, DefaultEncryptorWithMAC and friends.This ticket will track the change to
LegacyDecryptorandLegacyDecryptorWithMACfor SHA1-based MACs.The text was updated successfully, but these errors were encountered: