jgaunt/pykmip
2
0
Fork 0
mirror of https://github.com/openkmip/pykmip synced 2025-12-23 11:43:17 +00:00
Code Issues Releases Wiki Activity

Enforce server support for DeriveKey truncation

Browse Source 
This change updates DeriveKey support in the software server to
enforce key truncation. If the derived key is longer than the
requested cryptographic length, the derived key is truncated to
fit the requested length. A unit test has been added to cover
this update.
This commit is contained in:
Peter Hamilton
2017-08-09 15:58:03 -04:00
parent 125bbee9ad
commit 0009bb2b5a
2 changed files with 94 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
kmip/services/server/engine.py
View File

@@ -1473,6 +1473,8 @@ class KmipEngine(object):
"The specified length exceeds the output of the derivation "
"method."
)
if len(derived_data) > derivation_length:
derived_data = derived_data[:derivation_length]
if payload.object_type == enums.ObjectType.SYMMETRIC_KEY:
managed_object = objects.SymmetricKey(