From 7b67924656ea70479adefc5264610aa8f8778834 Mon Sep 17 00:00:00 2001 From: David Hook Date: Fri, 24 May 2013 14:17:04 +1000 Subject: fixed array out of bounds issue --- .../crypto/encodings/OAEPEncoding.java | 12 +++--- .../org/bouncycastle/crypto/test/OAEPTest.java | 43 ++++++++++++++++++++++ 2 files changed, 50 insertions(+), 5 deletions(-) diff --git a/src/main/java/org/bouncycastle/crypto/encodings/OAEPEncoding.java b/src/main/java/org/bouncycastle/crypto/encodings/OAEPEncoding.java index e34bd925..a19a0481 100644 --- a/src/main/java/org/bouncycastle/crypto/encodings/OAEPEncoding.java +++ b/src/main/java/org/bouncycastle/crypto/encodings/OAEPEncoding.java @@ -6,6 +6,7 @@ import org.bouncycastle.crypto.Digest; import org.bouncycastle.crypto.InvalidCipherTextException; import org.bouncycastle.crypto.digests.SHA1Digest; import org.bouncycastle.crypto.params.ParametersWithRandom; +import org.bouncycastle.util.encoders.Hex; import java.security.SecureRandom; @@ -16,7 +17,6 @@ public class OAEPEncoding implements AsymmetricBlockCipher { private byte[] defHash; - private Digest hash; private Digest mgf1Hash; private AsymmetricBlockCipher engine; @@ -51,10 +51,11 @@ public class OAEPEncoding byte[] encodingParams) { this.engine = cipher; - this.hash = hash; this.mgf1Hash = mgf1Hash; this.defHash = new byte[hash.getDigestSize()]; + hash.reset(); + if (encodingParams != null) { hash.update(encodingParams, 0, encodingParams.length); @@ -326,9 +327,9 @@ public class OAEPEncoding byte[] C = new byte[4]; int counter = 0; - hash.reset(); + mgf1Hash.reset(); - do + while (counter < (length / hashBuf.length)) { ItoOSP(counter, C); @@ -337,8 +338,9 @@ public class OAEPEncoding mgf1Hash.doFinal(hashBuf, 0); System.arraycopy(hashBuf, 0, mask, counter * hashBuf.length, hashBuf.length); + + counter++; } - while (++counter < (length / hashBuf.length)); if ((counter * hashBuf.length) < length) { diff --git a/src/test/java/org/bouncycastle/crypto/test/OAEPTest.java b/src/test/java/org/bouncycastle/crypto/test/OAEPTest.java index 9fdb0ad8..9d6b0cba 100644 --- a/src/test/java/org/bouncycastle/crypto/test/OAEPTest.java +++ b/src/test/java/org/bouncycastle/crypto/test/OAEPTest.java @@ -12,6 +12,8 @@ import org.bouncycastle.asn1.pkcs.RSAPublicKey; import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; import org.bouncycastle.crypto.AsymmetricBlockCipher; import org.bouncycastle.crypto.InvalidCipherTextException; +import org.bouncycastle.crypto.digests.SHA1Digest; +import org.bouncycastle.crypto.digests.SHA256Digest; import org.bouncycastle.crypto.encodings.OAEPEncoding; import org.bouncycastle.crypto.engines.RSAEngine; import org.bouncycastle.crypto.params.ParametersWithRandom; @@ -777,6 +779,47 @@ public class OAEPTest oaepVecTest(1027, 4, pubParam, privParam, seed_1027_4, input_1027_4, output_1027_4); oaepVecTest(1027, 5, pubParam, privParam, seed_1027_5, input_1027_5, output_1027_5); oaepVecTest(1027, 6, pubParam, privParam, seed_1027_6, input_1027_6, output_1027_6); + + // + // OAEP - public encrypt, private decrypt differring hashes + // + AsymmetricBlockCipher cipher = new OAEPEncoding(new RSAEngine(), new SHA256Digest(), new SHA1Digest(), new byte[10]); + + cipher.init(true, new ParametersWithRandom(pubParam, new SecureRandom())); + + byte[] input = new byte[10]; + + byte[] out = cipher.processBlock(input, 0, input.length); + + cipher.init(false, privParam); + + out = cipher.processBlock(out, 0, out.length); + + for (int i = 0; i != input.length; i++) + { + if (out[i] != input[i]) + { + fail("mixed digest failed decoding"); + } + } + + cipher = new OAEPEncoding(new RSAEngine(), new SHA1Digest(), new SHA256Digest(), new byte[10]); + + cipher.init(true, new ParametersWithRandom(pubParam, new SecureRandom())); + + out = cipher.processBlock(input, 0, input.length); + + cipher.init(false, privParam); + + out = cipher.processBlock(out, 0, out.length); + + for (int i = 0; i != input.length; i++) + { + if (out[i] != input[i]) + { + fail("mixed digest failed decoding"); + } + } } public static void main( -- cgit v1.2.3