From 0189a25b685608a2d01feabbed60e240c8375c3f Mon Sep 17 00:00:00 2001
From: Robert Sesek <rsesek@google.com>
Date: Mon, 11 Jun 2012 15:39:38 -0400
Subject: [PATCH] Clamp to maximum password length

---
 core.js | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/core.js b/core.js
index 7830546..fa34dd2 100644
--- a/core.js
+++ b/core.js
@@ -89,8 +89,14 @@ SkeletonKey.prototype._onGenerate = function(e) {
   // |key| is a WordArray of 32-bit words.
   var key = CryptoJS.PBKDF2(this._master.value, salt,
       {keySize: this.KEYSIZE, iterations: this.ITERATIONS});
+
   var hexString = key.toString();
   hexString = this._capitalizeKey(hexString);
+
+  var maxLength = this._options.getMaximumPasswordLength();
+  if (hexString.length > maxLength)
+    hexString = hexString.substr(0, maxLength);
+
   this._password.value = hexString;
   this._selectPassword();
 };
-- 
2.22.5