| Summary: | crypto.subtle.decrypt generates garbage instead of an error on invalid key | ||||||
|---|---|---|---|---|---|---|---|
| Product: | WebKit | Reporter: | Henning Stummer <henning> | ||||
| Component: | WebKit Misc. | Assignee: | Nobody <webkit-unassigned> | ||||
| Status: | RESOLVED INVALID | ||||||
| Severity: | Normal | CC: | henning, jiewen_tan, webkit-bug-importer | ||||
| Priority: | P2 | Keywords: | InRadar | ||||
| Version: | Safari 13 | ||||||
| Hardware: | iPhone / iPad | ||||||
| OS: | iOS 13 | ||||||
| Attachments: |
|
||||||
|
Description
Henning Stummer
2020-04-23 05:55:34 PDT
That's by design to produce garbage. Otherwise, attackers can blindly attack the algorithm. |