Fix HMAC verif

2019-06-27 22:12:57 +02:00 · 2019-06-27 22:12:57 +02:00 · cbde82bdfc
parent 2fcaf52bcf
commit cbde82bdfc
1 changed files with 5 additions and 3 deletions
--- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Crypto.pm
+++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Crypto.pm
@ -82,7 +82,8 @@ sub encrypt {
    eval {
        $data =
          encode_base64(
-            $iv . $hmac . $self->_getCipher->set_iv($iv)->encrypt($data), '' );
+            $iv . $self->_getCipher->set_iv($iv)->encrypt( $hmac . $data ),
+            '' );
    };
    if ($@) {
        $msg = "Crypt::Rijndael error : $@";
@ -108,14 +109,15 @@ sub decrypt {
    $data = decode_base64($data);
    my $iv;
    $iv = bytes::substr( $data, 0, 16 );
-    my $hmac = bytes::substr( $data, 16, 16 );
-    $data = bytes::substr( $data, 32 );
+    $data = bytes::substr( $data, 16 );
    eval { $data = $self->_getCipher->set_iv($iv)->decrypt($data); };

    if ($@) {
        $msg = "Crypt::Rijndael error : $@";
        return undef;
    }
+    my $hmac = bytes::substr( $data, 0, 16 );
+    $data = bytes::substr( $data, 16 );
    if ( md5($data) ne $hmac ) {
        $msg = "Bad MAC";
        return undef;