Commit 614e689

mokha <mo@mokhan.ca>
2018-11-25 18:39:28
xmlenc DES3CBC encryption fails due to undefined `iv`
Swtiching away from xmlenc until encryption bug is fixed.
main
1 parent 3b61ced
Changed files (3)
lib
xml
kit
crypto
symmetric_cipher.rb
kit.rb
xml-kit.gemspec
lib/xml/kit/crypto/symmetric_cipher.rb
@@ -46,10 +46,14 @@ module Xml
         end
 
         def decrypt_aes(cipher_text)
-          size = ALGORITHMS[algorithm].split('-')[1].to_i
-          aes = Xmlenc::Algorithms::AESCBC.new(size)
-          aes.setup(@key)
-          aes.decrypt(cipher_text)
+          cipher.decrypt
+          cipher.padding = 0
+          cipher.key = @key
+          cipher.iv = cipher_text[0...cipher.iv_len]
+          result = cipher.update(cipher_text[cipher.iv_len..-1]) << cipher.final
+
+          padding_size = result.last.unpack('c').first
+          result[0...-padding_size]
         end
 
         def cipher
lib/xml/kit.rb
@@ -11,7 +11,6 @@ require 'openssl'
 require 'pathname'
 require 'tilt'
 require 'xmldsig'
-require 'xmlenc'
 
 require 'xml/kit/namespaces'
xml-kit.gemspec
@@ -29,7 +29,6 @@ Gem::Specification.new do |spec|
   spec.add_dependency 'nokogiri', '>= 1.8.5'
   spec.add_dependency 'tilt', '>= 1.4.1'
   spec.add_dependency 'xmldsig', '~> 0.6'
-  spec.add_dependency 'xmlenc', '~> 0.7'
   spec.add_development_dependency 'bundler', '~> 1.16'
   spec.add_development_dependency 'bundler-audit', '~> 0.6'
   spec.add_development_dependency 'ffaker', '~> 2.7'