diff options
author | Peter Dettman <peter.dettman@bouncycastle.org> | 2018-08-11 11:54:57 +0700 |
---|---|---|
committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2018-08-11 11:54:57 +0700 |
commit | 8c0e3017783a5f41b2028eaffffe335a9046c859 (patch) | |
tree | b92462a67bab6e5aa4cf93ddcb8f06d823ccf752 /crypto/src | |
parent | Update versions and release notes for 1.8.3 (diff) | |
download | BouncyCastle.NET-ed25519-8c0e3017783a5f41b2028eaffffe335a9046c859.tar.xz |
Further work to improve constant time in OAEP. release-1.8.3
Diffstat (limited to 'crypto/src')
-rw-r--r-- | crypto/src/AssemblyInfo.cs | 2 | ||||
-rw-r--r-- | crypto/src/crypto/encodings/OaepEncoding.cs | 15 |
2 files changed, 12 insertions, 5 deletions
diff --git a/crypto/src/AssemblyInfo.cs b/crypto/src/AssemblyInfo.cs index e1a8f6717..5cc8fcd2f 100644 --- a/crypto/src/AssemblyInfo.cs +++ b/crypto/src/AssemblyInfo.cs @@ -34,7 +34,7 @@ using System.Runtime.InteropServices; // by using the '*' as shown below: [assembly: AssemblyVersion("1.8.3.0")] -[assembly: AssemblyFileVersion("1.8.18219.1")] +[assembly: AssemblyFileVersion("1.8.18223.1")] [assembly: AssemblyInformationalVersion("1.8.3")] // diff --git a/crypto/src/crypto/encodings/OaepEncoding.cs b/crypto/src/crypto/encodings/OaepEncoding.cs index 287876f12..92001589c 100644 --- a/crypto/src/crypto/encodings/OaepEncoding.cs +++ b/crypto/src/crypto/encodings/OaepEncoding.cs @@ -212,10 +212,17 @@ namespace Org.BouncyCastle.Crypto.Encodings // on encryption, we need to make sure our decrypted block comes back // the same size. // + bool wrongData = (block.Length < (2 * defHash.Length) + 1); - Array.Copy(data, 0, block, block.Length - data.Length, data.Length); - - bool shortData = (block.Length < (2 * defHash.Length) + 1); + if (data.Length <= block.Length) + { + Array.Copy(data, 0, block, block.Length - data.Length, data.Length); + } + else + { + Array.Copy(data, 0, block, 0, block.Length); + wrongData = true; + } // // unmask the seed. @@ -269,7 +276,7 @@ namespace Org.BouncyCastle.Crypto.Encodings start++; - if (defHashWrong | shortData | dataStartWrong) + if (defHashWrong | wrongData | dataStartWrong) { Arrays.Fill(block, 0); throw new InvalidCipherTextException("data wrong"); |