This repository has been archived by the owner on Aug 31, 2018. It is now read-only.
Security issue with AES_Crypto.cs and licensing issues #19
Comments
pcluddite
changed the title
|
It appears the file has been removed not two hours after I posted this. This resolves both issues. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
I'm not sure in what context the class is used, but the method of encryption in Fido/Fido_Support/Crypto/AES_Crypto.cs is insecure, as outlined by this StackOverflow question.
Also, there is no recognition of the original author of the class, which I believe is copied almost verbatim from this StackOverflow answer. The original author should get recognition, even if it is a bugged implementation. Copying it directly and adding your own copyright notice on it is in direct violation of its license, Creative Commons, under which all StackOverflow content is licensed.
The text was updated successfully, but these errors were encountered: