Fix PKCS#11 C_Decrypt buffer output size.

Section 5.2 of the spec states that there are two ways to call
functions that return a variable-length buffer:

1. When the output buffer is NULL, an estimated size is returned (which
may be larger than required).
2. When the output buffer is not NULL, the exact size must be returned.

So only after the second call to C_Decrypt has the final output size
been determined, and we must resize the output buffer.

1 files changed, 10 insertions, 5 deletions

diff --git a/src/lib/prov/pkcs11/p11.h b/src/lib/prov/pkcs11/p11.h
index 043b1795a..9afedb8c6 100644
--- a/src/lib/prov/pkcs11/p11.h
+++ b/src/lib/prov/pkcs11/p11.h
@@ -1950,11 +1950,16 @@ class BOTAN_PUBLIC_API(2,0) LowLevel
             }
 
          decrypted_data.resize(decrypted_size);
-         return C_Decrypt(session,
-                          const_cast<Byte*>(encrypted_data.data()),
-                          static_cast<Ulong>(encrypted_data.size()),
-                          decrypted_data.data(),
-                          &decrypted_size, return_value);
+         if(!C_Decrypt(session,
+                       const_cast<Byte*>(encrypted_data.data()),
+                       static_cast<Ulong>(encrypted_data.size()),
+                       decrypted_data.data(),
+                       &decrypted_size, return_value))
+            {
+            return false;
+            }
+         decrypted_data.resize(decrypted_size);
+         return true;
          }
 
       /**