diff --git a/src/core/crypto.js b/src/core/crypto.js index c5ebdefbc..a6cc5e8bf 100644 --- a/src/core/crypto.js +++ b/src/core/crypto.js @@ -916,23 +916,15 @@ class CipherTransformFactory { cipher = new ARCFourCipher(derivedKey); checkData = cipher.encryptBlock(checkData); } - for (j = 0, n = checkData.length; j < n; ++j) { - if (userPassword[j] !== checkData[j]) { - return null; - } - } } else { cipher = new ARCFourCipher(encryptionKey); checkData = cipher.encryptBlock( CipherTransformFactory._defaultPasswordBytes ); - for (j = 0, n = checkData.length; j < n; ++j) { - if (userPassword[j] !== checkData[j]) { - return null; - } - } } - return encryptionKey; + return checkData.every((data, k) => userPassword[k] === data) + ? encryptionKey + : null; } #decodeUserPassword(password, ownerPassword, revision, keyLength) { @@ -1133,12 +1125,13 @@ class CipherTransformFactory { perms ); } - if (!encryptionKey && !password) { - throw new PasswordException( - "No password given", - PasswordResponses.NEED_PASSWORD - ); - } else if (!encryptionKey && password) { + if (!encryptionKey) { + if (!password) { + throw new PasswordException( + "No password given", + PasswordResponses.NEED_PASSWORD + ); + } // Attempting use the password as an owner password const decodedPassword = this.#decodeUserPassword( passwordBytes, diff --git a/test/test_manifest.json b/test/test_manifest.json index f7ea4f2c8..f5e178215 100644 --- a/test/test_manifest.json +++ b/test/test_manifest.json @@ -992,7 +992,7 @@ "password": "ELXRTQWS", "md5": "db2fedbd36d6fa27d4e52f9bd2d96b8c", "rounds": 1, - "type": "load" + "type": "eq" }, { "id": "issue5334", @@ -5961,7 +5961,7 @@ "md5": "b58adce5dbb08936ddb0d904f0da8716", "rounds": 1, "link": false, - "type": "load", + "type": "eq", "password": "abc" }, { @@ -5970,7 +5970,7 @@ "md5": "73a8091d0ab2a47af5ca45047f04da99", "rounds": 1, "link": false, - "type": "load", + "type": "eq", "password": "\u00E6\u00F8\u00E5", "about": "The password (æøå) is UTF8 encoded." },