The README claims that plain raw binary keys are accepted, but it's not true.
You can see line 87 to 92, to build the « fixed key » (the key padded), you look for any 0x00 and assume this is the end of a string. This break binary compatibility.
You need to receive the key length from the user, and pad if it's < 16 bytes.
I didn't fixed this issue in a proper way, since keys I use are always 16 bytes. But this is a major issue.
My quick fix is adding two functions (to not break call compatibility):
void * xxtea_encrypt_bkey(const void * data, size_t len, const void * key, size_t key_len, size_t * out_len) {
if(key_len < 16)
return NULL;
return xxtea_ubyte_encrypt((const uint8_t *)data, len, key, out_len);
}
void * xxtea_decrypt_bkey(const void * data, size_t len, const void * key, size_t key_len, size_t * out_len) {
if(key_len < 16)
return NULL;
return xxtea_ubyte_encrypt((const uint8_t *)data, len, key, out_len);
}And call _bkey version when passing (safe) binary keys.
The README claims that plain raw binary keys are accepted, but it's not true.
You can see line 87 to 92, to build the « fixed key » (the key padded), you look for any
0x00and assume this is the end of a string. This break binary compatibility.You need to receive the key length from the user, and pad if it's < 16 bytes.
I didn't fixed this issue in a proper way, since keys I use are always 16 bytes. But this is a major issue.
My quick fix is adding two functions (to not break call compatibility):
And call
_bkeyversion when passing (safe) binary keys.