From 9f5f32c9b07e72ef8598cc5449ad4f63d9a76ee5 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Ulf=20M=C3=B6ller?= Date: Thu, 29 Apr 1999 20:31:56 +0000 Subject: [PATCH] Bug fix. --- crypto/rsa/rsa_oaep.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c index 5637a31ce8..843c40c864 100644 --- a/crypto/rsa/rsa_oaep.c +++ b/crypto/rsa/rsa_oaep.c @@ -75,15 +75,16 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, { int i, dblen, mlen = -1; unsigned char *maskeddb; + int lzero; unsigned char *db, seed[SHA_DIGEST_LENGTH], phash[SHA_DIGEST_LENGTH]; - if (flen < 2 * SHA_DIGEST_LENGTH + 1) + if (--num < 2 * SHA_DIGEST_LENGTH + 1) { RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, RSA_R_OAEP_DECODING_ERROR); return (-1); } - dblen = flen - SHA_DIGEST_LENGTH; + dblen = num - SHA_DIGEST_LENGTH; db = Malloc(dblen); if (db == NULL) { @@ -91,11 +92,12 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, return (-1); } - maskeddb = from + SHA_DIGEST_LENGTH; + lzero = num - flen; + maskeddb = from - lzero + SHA_DIGEST_LENGTH; MGF1(seed, SHA_DIGEST_LENGTH, maskeddb, dblen); - for (i = 0; i < SHA_DIGEST_LENGTH; i++) - seed[i] ^= from[i]; + for (i = lzero; i < SHA_DIGEST_LENGTH; i++) + seed[i] ^= from[i - lzero]; MGF1(db, dblen, seed, SHA_DIGEST_LENGTH); for (i = 0; i < dblen; i++) -- 2.25.1