rsa bugs

author brian <brian@brianweb.net>

Fri, 4 Jun 2004 10:13:37 +0000 (10:13 +0000)

committer brian <brian@brianweb.net>

Fri, 4 Jun 2004 10:13:37 +0000 (10:13 +0000)
author brian <brian@brianweb.net>
Fri, 4 Jun 2004 10:13:37 +0000 (10:13 +0000)
committer brian <brian@brianweb.net>
Fri, 4 Jun 2004 10:13:37 +0000 (10:13 +0000)
diff --git a/src/org/ibex/crypto/RSA.java b/src/org/ibex/crypto/RSA.java

index 7156cce..546d323 100644 (file)
--- a/src/org/ibex/crypto/RSA.java
+++ b/src/org/ibex/crypto/RSA.java
@@ -20,15 +20,17 @@ public class RSA {
      public int getInputBlockSize() { return (pq.bitLength()+7) / 8 - (reverse ? 0 : 1); }
      public int getOutputBlockSize() { return (pq.bitLength()+7) / 8 - (reverse ? 1 : 0); }
      
+    // FEATURE: Check that in.length is within the expected range
      public byte[] process(byte[] in) {
          // output block is the same size as the modulus (rounded up)
          int outSize = getOutputBlockSize();
          BigInteger t = new BigInteger(1,in);
          BigInteger c = t.modPow(e,pq);
          byte[] cbytes = c.toByteArray();
-        if(cbytes.length > outSize || (reverse && cbytes[0] == 0)) {
+        if(cbytes.length > outSize + 1) throw new RuntimeException("should never happen");
+        if(reverse ? cbytes[0] == 0 : cbytes.length > outSize) {
              if(cbytes[0] != 0) throw new RuntimeException("should never happen");
-            byte[] buf = new byte[outSize];
+            byte[] buf = new byte[cbytes.length-1];
              System.arraycopy(cbytes,1,buf,0,outSize);
              return buf;
          } else if(!reverse && cbytes.length < outSize) {
author	brian <brian@brianweb.net>
	Fri, 4 Jun 2004 10:13:37 +0000 (10:13 +0000)
committer	brian <brian@brianweb.net>
	Fri, 4 Jun 2004 10:13:37 +0000 (10:13 +0000)