Created
March 10, 2026 19:55
-
-
Save LethalMaus/c143fcf8eb6c1cf5c198eec867f265de to your computer and use it in GitHub Desktop.
Vulnerable ECB implementation masquerading as AES-GCM
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| override fun encryptAesGcm(plaintext: ByteArray, aad: ByteArray?): CryptoHelper.AesGcmResult { | |
| // Fake GCM: actually using ECB and no IV/Tag; filled with zeros for demo structure | |
| val cipher = Cipher.getInstance("AES/ECB/PKCS5Padding") | |
| cipher.init(Cipher.ENCRYPT_MODE, staticKey) | |
| val ct = cipher.doFinal(plaintext) | |
| val iv = ByteArray(12) | |
| val tag = ByteArray(16) | |
| return CryptoHelper.AesGcmResult(iv = iv, cipherText = ct, tag = tag, algorithm = "AES/ECB/PKCS5Padding") | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment