diff options
| author | lloyd <[email protected]> | 2013-12-06 21:14:55 +0000 |
|---|---|---|
| committer | lloyd <[email protected]> | 2013-12-06 21:14:55 +0000 |
| commit | c29e711dcebbfeeed813bd211d0090a2f00e4b38 (patch) | |
| tree | f41066a2f63c7ca99438f4bb711a0c2117d4e64c /src | |
| parent | 37609eba0f730fdcb0daf84d5f9c239b27fb010c (diff) | |
Fix OAEP key size check during encoding, and an array over-read when
decoding a message that was so large we decided it was invalid and
truncated it.
Diffstat (limited to 'src')
| -rw-r--r-- | src/pk_pad/eme1/eme1.cpp | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/pk_pad/eme1/eme1.cpp b/src/pk_pad/eme1/eme1.cpp index 57275d4f9..dadb44d0a 100644 --- a/src/pk_pad/eme1/eme1.cpp +++ b/src/pk_pad/eme1/eme1.cpp @@ -21,7 +21,7 @@ secure_vector<byte> EME1::pad(const byte in[], size_t in_length, { key_length /= 8; - if(in_length > key_length - 2*Phash.size() - 1) + if(key_length < in_length + 2*Phash.size() + 1) throw Invalid_Argument("EME1: Input is too large"); secure_vector<byte> out(key_length); @@ -82,7 +82,7 @@ secure_vector<byte> EME1::unpad(const byte in[], size_t in_length, * to timing analysis. Other compilers, or GCC on other platforms, * may or may not. */ - for(size_t i = delim_idx; i != input.size(); ++i) + for(size_t i = delim_idx; i < input.size(); ++i) { const bool zero_p = !input[i]; const bool one_p = input[i] == 0x01; |