diff options
author | Shawn Willden <swillden@google.com> | 2015-05-26 10:16:49 -0600 |
---|---|---|
committer | Shawn Willden <swillden@google.com> | 2015-05-26 10:21:55 -0600 |
commit | 7bae132f732a73dc53b5ffc5e3eed0176e93a00c (patch) | |
tree | b3846f96dbd5f13e9dce97fd0274760ca007a77d /rsa_operation.cpp | |
parent | 0cb6942d3efb6c056f96321c82a4b3d86af601d6 (diff) | |
download | android_system_keymaster-7bae132f732a73dc53b5ffc5e3eed0176e93a00c.tar.gz android_system_keymaster-7bae132f732a73dc53b5ffc5e3eed0176e93a00c.tar.bz2 android_system_keymaster-7bae132f732a73dc53b5ffc5e3eed0176e93a00c.zip |
Fix off-by-one error in PKCS#1 v1.5 encryption padding size.
Change-Id: I0fdfe3223b351d4a064e5dac0aa5d732fa0ab073
Diffstat (limited to 'rsa_operation.cpp')
-rw-r--r-- | rsa_operation.cpp | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/rsa_operation.cpp b/rsa_operation.cpp index a4a2b6d..2c3db2e 100644 --- a/rsa_operation.cpp +++ b/rsa_operation.cpp @@ -483,7 +483,7 @@ keymaster_error_t RsaVerifyOperation::DecryptAndMatch(const Buffer& signature, return KM_ERROR_VERIFICATION_FAILED; } -const int OAEP_PADDING_OVERHEAD = 41; +const int OAEP_PADDING_OVERHEAD = 42; const int PKCS1_PADDING_OVERHEAD = 11; keymaster_error_t RsaEncryptOperation::Finish(const AuthorizationSet& /* additional_params */, @@ -501,7 +501,7 @@ keymaster_error_t RsaEncryptOperation::Finish(const AuthorizationSet& /* additio switch (padding_) { case KM_PAD_RSA_OAEP: openssl_padding = RSA_PKCS1_OAEP_PADDING; - if (message_size + OAEP_PADDING_OVERHEAD >= key_len) { + if (message_size + OAEP_PADDING_OVERHEAD > key_len) { LOG_E("Cannot encrypt %d bytes with %d-byte key and OAEP padding", data_.available_read(), key_len); return KM_ERROR_INVALID_INPUT_LENGTH; @@ -509,7 +509,7 @@ keymaster_error_t RsaEncryptOperation::Finish(const AuthorizationSet& /* additio break; case KM_PAD_RSA_PKCS1_1_5_ENCRYPT: openssl_padding = RSA_PKCS1_PADDING; - if (message_size + PKCS1_PADDING_OVERHEAD >= key_len) { + if (message_size + PKCS1_PADDING_OVERHEAD > key_len) { LOG_E("Cannot encrypt %d bytes with %d-byte key and PKCS1 padding", data_.available_read(), key_len); return KM_ERROR_INVALID_INPUT_LENGTH; |