fixed array out of bounds issue

author: David Hook <dgh@cryptoworkshop.com> 2013-05-24 08:17:04 +0400
committer: David Hook <dgh@cryptoworkshop.com> 2013-05-24 08:17:04 +0400
commit: 7b67924656ea70479adefc5264610aa8f8778834 (patch)
tree: 723369d40b7023b77a6eb2f9976ca5971ea0b6af
parent: 56a17666fcb2a3ca8144199afb62e09099631183 (diff)
2 files changed, 50 insertions, 5 deletions
diff --git a/src/main/java/org/bouncycastle/crypto/encodings/OAEPEncoding.java b/src/main/java/org/bouncycastle/crypto/encodings/OAEPEncoding.java
index e34bd925..a19a0481 100644
--- a/src/main/java/org/bouncycastle/crypto/encodings/OAEPEncoding.java
+++ b/src/main/java/org/bouncycastle/crypto/encodings/OAEPEncoding.java
@@ -6,6 +6,7 @@ import org.bouncycastle.crypto.Digest;
 import org.bouncycastle.crypto.InvalidCipherTextException;
 import org.bouncycastle.crypto.digests.SHA1Digest;
 import org.bouncycastle.crypto.params.ParametersWithRandom;
+import org.bouncycastle.util.encoders.Hex;
 
 import java.security.SecureRandom;
 
@@ -16,7 +17,6 @@ public class OAEPEncoding
     implements AsymmetricBlockCipher
 {
     private byte[]                  defHash;
-    private Digest                  hash;
     private Digest                  mgf1Hash;
 
     private AsymmetricBlockCipher   engine;
@@ -51,10 +51,11 @@ public class OAEPEncoding
         byte[]                      encodingParams)
     {
         this.engine = cipher;
-        this.hash = hash;
         this.mgf1Hash = mgf1Hash;
         this.defHash = new byte[hash.getDigestSize()];
 
+        hash.reset();
+
         if (encodingParams != null)
         {
             hash.update(encodingParams, 0, encodingParams.length);
@@ -326,9 +327,9 @@ public class OAEPEncoding
         byte[]  C = new byte[4];
         int     counter = 0;
 
-        hash.reset();
+        mgf1Hash.reset();
 
-        do
+        while (counter < (length / hashBuf.length))
         {
             ItoOSP(counter, C);
 
@@ -337,8 +338,9 @@ public class OAEPEncoding
             mgf1Hash.doFinal(hashBuf, 0);
 
             System.arraycopy(hashBuf, 0, mask, counter * hashBuf.length, hashBuf.length);
+
+            counter++;
         }
-        while (++counter < (length / hashBuf.length));
 
         if ((counter * hashBuf.length) < length)
         {
diff --git a/src/test/java/org/bouncycastle/crypto/test/OAEPTest.java b/src/test/java/org/bouncycastle/crypto/test/OAEPTest.java
index 9fdb0ad8..9d6b0cba 100644
--- a/src/test/java/org/bouncycastle/crypto/test/OAEPTest.java
+++ b/src/test/java/org/bouncycastle/crypto/test/OAEPTest.java
@@ -12,6 +12,8 @@ import org.bouncycastle.asn1.pkcs.RSAPublicKey;
 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
 import org.bouncycastle.crypto.AsymmetricBlockCipher;
 import org.bouncycastle.crypto.InvalidCipherTextException;
+import org.bouncycastle.crypto.digests.SHA1Digest;
+import org.bouncycastle.crypto.digests.SHA256Digest;
 import org.bouncycastle.crypto.encodings.OAEPEncoding;
 import org.bouncycastle.crypto.engines.RSAEngine;
 import org.bouncycastle.crypto.params.ParametersWithRandom;
@@ -777,6 +779,47 @@ public class OAEPTest
         oaepVecTest(1027, 4, pubParam, privParam, seed_1027_4, input_1027_4, output_1027_4);
         oaepVecTest(1027, 5, pubParam, privParam, seed_1027_5, input_1027_5, output_1027_5);
         oaepVecTest(1027, 6, pubParam, privParam, seed_1027_6, input_1027_6, output_1027_6);
+
+        //
+        // OAEP - public encrypt, private decrypt  differring hashes
+        //
+        AsymmetricBlockCipher cipher = new OAEPEncoding(new RSAEngine(), new SHA256Digest(), new SHA1Digest(), new byte[10]);
+
+        cipher.init(true, new ParametersWithRandom(pubParam, new SecureRandom()));
+
+        byte[] input = new byte[10];
+
+        byte[] out = cipher.processBlock(input, 0, input.length);
+
+        cipher.init(false, privParam);
+
+        out = cipher.processBlock(out, 0, out.length);
+
+        for (int i = 0; i != input.length; i++)
+        {
+            if (out[i] != input[i])
+            {
+                fail("mixed digest failed decoding");
+            }
+        }
+
+        cipher = new OAEPEncoding(new RSAEngine(), new SHA1Digest(), new SHA256Digest(), new byte[10]);
+
+        cipher.init(true, new ParametersWithRandom(pubParam, new SecureRandom()));
+
+        out = cipher.processBlock(input, 0, input.length);
+
+        cipher.init(false, privParam);
+
+        out = cipher.processBlock(out, 0, out.length);
+
+        for (int i = 0; i != input.length; i++)
+        {
+            if (out[i] != input[i])
+            {
+                fail("mixed digest failed decoding");
+            }
+        }
     }
 
     public static void main(
author	David Hook <dgh@cryptoworkshop.com>	2013-05-24 08:17:04 +0400
committer	David Hook <dgh@cryptoworkshop.com>	2013-05-24 08:17:04 +0400
commit	7b67924656ea70479adefc5264610aa8f8778834 (patch)
tree	723369d40b7023b77a6eb2f9976ca5971ea0b6af
parent	56a17666fcb2a3ca8144199afb62e09099631183 (diff)