RSA: Use input range check from fips

2 files changed, 12 insertions, 5 deletions

diff --git a/crypto/src/crypto/engines/RSACoreEngine.cs b/crypto/src/crypto/engines/RSACoreEngine.cs
index dcc8d0101..a20b22b38 100644
--- a/crypto/src/crypto/engines/RSACoreEngine.cs
+++ b/crypto/src/crypto/engines/RSACoreEngine.cs
@@ -82,7 +82,10 @@ namespace Org.BouncyCastle.Crypto.Engines
 
             BigInteger input = new BigInteger(1, inBuf, inOff, inLen);
 
-            if (input.CompareTo(m_key.Modulus) >= 0)
+            if (input.CompareTo(BigInteger.One) <= 0)
+                throw new DataLengthException("input too small for RSA cipher.");
+
+            if (input.CompareTo(m_key.Modulus.Subtract(BigInteger.One)) >= 0)
                 throw new DataLengthException("input too large for RSA cipher.");
 
             return input;
diff --git a/crypto/src/crypto/tls/TlsRsaKeyExchange.cs b/crypto/src/crypto/tls/TlsRsaKeyExchange.cs
index 20c2360ea..7e38a529f 100644
--- a/crypto/src/crypto/tls/TlsRsaKeyExchange.cs
+++ b/crypto/src/crypto/tls/TlsRsaKeyExchange.cs
@@ -125,11 +125,15 @@ namespace Org.BouncyCastle.Crypto.Tls
 
         private static BigInteger ConvertInput(BigInteger modulus, byte[] buf, int off, int len)
         {
-            BigInteger result = BigIntegers.FromUnsignedByteArray(buf, off, len);
-            if (result.CompareTo(modulus) < 0)
-                return result;
+            BigInteger input = BigIntegers.FromUnsignedByteArray(buf, off, len);
 
-            throw new DataLengthException("input too large for RSA cipher.");
+            if (input.CompareTo(BigInteger.One) <= 0)
+                throw new DataLengthException("input too small for RSA cipher.");
+
+            if (input.CompareTo(modulus.Subtract(BigInteger.One)) >= 0)
+                throw new DataLengthException("input too large for RSA cipher.");
+
+            return input;
         }
 
         private static BigInteger Rsa(RsaKeyParameters privateKey, BigInteger input)