From ceb9fbed0cf18e1bbab09d90c2d4d4ddf5303635 Mon Sep 17 00:00:00 2001
From: Ferdinando Formica <ferdinando.formica@ie.ibm.com>
Date: Fri, 21 Jun 2024 14:14:13 +0100
Subject: [PATCH] Avoid panic when the encrypted data has wrong size for CBC

---
 types/encrypted_assertion.go | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/types/encrypted_assertion.go b/types/encrypted_assertion.go
index 150e505..757b1d3 100644
--- a/types/encrypted_assertion.go
+++ b/types/encrypted_assertion.go
@@ -63,6 +63,9 @@ func (ea *EncryptedAssertion) DecryptBytes(cert *tls.Certificate) ([]byte, error
 		}
 		return plainText, nil
 	case MethodAES128CBC, MethodAES256CBC, MethodTripleDESCBC:
+		if len(data)%k.BlockSize() != 0 {
+			return nil, fmt.Errorf("encrypted data is not a multiple of the expected CBC block size %d: actual size %d", k.BlockSize(), len(data))
+		}
 		nonce, data := data[:k.BlockSize()], data[k.BlockSize():]
 		c := cipher.NewCBCDecrypter(k, nonce)
 		c.CryptBlocks(data, data)