diff options
author | Daniel Wyatt <[email protected]> | 2019-05-26 18:58:58 -0400 |
---|---|---|
committer | Daniel Wyatt <[email protected]> | 2019-05-26 19:34:19 -0400 |
commit | a82fdf2fcec9f44c7ea06b8d903e57041ae3e873 (patch) | |
tree | 34dc50b845e862151e97753341df659f36f73bfc | |
parent | 0dd03c973f6c9ae6a38118385c82e64154e465f3 (diff) |
Fix PKCS#11 C_Decrypt buffer output size.
Section 5.2 of the spec states that there are two ways to call
functions that return a variable-length buffer:
1. When the output buffer is NULL, an estimated size is returned (which
may be larger than required).
2. When the output buffer is not NULL, the exact size must be returned.
So only after the second call to C_Decrypt has the final output size
been determined, and we must resize the output buffer.
-rw-r--r-- | src/lib/prov/pkcs11/p11.h | 15 | ||||
-rw-r--r-- | src/tests/test_pkcs11_high_level.cpp | 3 |
2 files changed, 10 insertions, 8 deletions
diff --git a/src/lib/prov/pkcs11/p11.h b/src/lib/prov/pkcs11/p11.h index 043b1795a..9afedb8c6 100644 --- a/src/lib/prov/pkcs11/p11.h +++ b/src/lib/prov/pkcs11/p11.h @@ -1950,11 +1950,16 @@ class BOTAN_PUBLIC_API(2,0) LowLevel } decrypted_data.resize(decrypted_size); - return C_Decrypt(session, - const_cast<Byte*>(encrypted_data.data()), - static_cast<Ulong>(encrypted_data.size()), - decrypted_data.data(), - &decrypted_size, return_value); + if(!C_Decrypt(session, + const_cast<Byte*>(encrypted_data.data()), + static_cast<Ulong>(encrypted_data.size()), + decrypted_data.data(), + &decrypted_size, return_value)) + { + return false; + } + decrypted_data.resize(decrypted_size); + return true; } /** diff --git a/src/tests/test_pkcs11_high_level.cpp b/src/tests/test_pkcs11_high_level.cpp index c9c34a28b..077e0240f 100644 --- a/src/tests/test_pkcs11_high_level.cpp +++ b/src/tests/test_pkcs11_high_level.cpp @@ -831,9 +831,6 @@ Test::Result test_rsa_encrypt_decrypt() Botan::PK_Decryptor_EME decryptor(keypair.second, Test::rng(), padding); auto decrypted = decryptor.decrypt(encrypted); - // some token / middlewares do not remove the padding bytes - decrypted.resize(plaintext.size()); - result.test_eq("RSA PKCS11 encrypt and decrypt: " + padding, decrypted, plaintext); }; |