From 0189a25b685608a2d01feabbed60e240c8375c3f Mon Sep 17 00:00:00 2001 From: Robert Sesek Date: Mon, 11 Jun 2012 15:39:38 -0400 Subject: [PATCH] Clamp to maximum password length --- core.js | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/core.js b/core.js index 7830546..fa34dd2 100644 --- a/core.js +++ b/core.js @@ -89,8 +89,14 @@ SkeletonKey.prototype._onGenerate = function(e) { // |key| is a WordArray of 32-bit words. var key = CryptoJS.PBKDF2(this._master.value, salt, {keySize: this.KEYSIZE, iterations: this.ITERATIONS}); + var hexString = key.toString(); hexString = this._capitalizeKey(hexString); + + var maxLength = this._options.getMaximumPasswordLength(); + if (hexString.length > maxLength) + hexString = hexString.substr(0, maxLength); + this._password.value = hexString; this._selectPassword(); }; -- 2.43.5