The PKCS padding parsing was failing for (very) small inputs due to an off-by-one error.
Signed-off-by: Klaus Heinrich Kiwi <[email protected]> --- usr/lib/pkcs11/common/mech_rsa.c | 6 +++--- 1 files changed, 3 insertions(+), 3 deletions(-) diff --git a/usr/lib/pkcs11/common/mech_rsa.c b/usr/lib/pkcs11/common/mech_rsa.c index 69dd503..f3f1cac 100755 --- a/usr/lib/pkcs11/common/mech_rsa.c +++ b/usr/lib/pkcs11/common/mech_rsa.c @@ -517,7 +517,7 @@ rsa_parse_block( CK_BYTE * in_data, * Where D must begin with a nonzero octet. */ case 0: - for (i = 2; i < (in_data_len - 2); i++) { + for (i = 2; i <= (in_data_len - 2); i++) { if (in_data[i] != (CK_BYTE)0) break; } @@ -528,7 +528,7 @@ rsa_parse_block( CK_BYTE * in_data, * EB = 00 || 01 || FF * i || 00 || D */ case 1: - for (i = 2; i < (in_data_len - 2); i++) { + for (i = 2; i <= (in_data_len - 2); i++) { if (in_data[i] != (CK_BYTE)0xff) { if (in_data[i] == (CK_BYTE)0) { i++; @@ -549,7 +549,7 @@ rsa_parse_block( CK_BYTE * in_data, * Where ?? is nonzero. */ case 2: - for (i = 2; i < (in_data_len - 2); i++) { + for (i = 2; i <= (in_data_len - 2); i++) { if (in_data[i] == (CK_BYTE)0) { i++; break; -- 1.7.2.3 ------------------------------------------------------------------------------ Increase Visibility of Your 3D Game App & Earn a Chance To Win $500! Tap into the largest installed PC base & get more eyes on your game by optimizing for Intel(R) Graphics Technology. Get started today with the Intel(R) Software Partner Program. Five $500 cash prizes are up for grabs. http://p.sf.net/sfu/intelisp-dev2dev _______________________________________________ Opencryptoki-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/opencryptoki-tech
