bitwarden/mobile
1
0
Fork 0
mirror of https://github.com/bitwarden/mobile synced 2026-01-06 02:23:57 +00:00
Code Issues Releases Wiki Activity

use random key for double hmac comparisons

Browse Source
This commit is contained in:
Kyle Spearrin
2018-01-18 09:31:22 -05:00
parent 01878ef00c
commit 1390df48b6
2 changed files with 5 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/App/Services/CryptoService.cs
View File

@@ -386,7 +386,7 @@ namespace Bit.App.Services
if(EncKey?.MacKey != null && !string.IsNullOrWhiteSpace(encyptedValue.Mac))
{
var computedMacBytes = Crypto.ComputeMac(encyptedValue.CipherTextBytes, EncKey.MacKey);
if(!Crypto.MacsEqual(EncKey.MacKey, computedMacBytes, encyptedValue.MacBytes))
if(!Crypto.MacsEqual(computedMacBytes, encyptedValue.MacBytes))
{
throw new InvalidOperationException("MAC failed.");
}