diff options
-rw-r--r-- | crypto/src/crypto/engines/RFC3394WrapEngine.cs | 4 | ||||
-rw-r--r-- | crypto/test/src/crypto/test/AESWrapTest.cs | 22 |
2 files changed, 21 insertions, 5 deletions
diff --git a/crypto/src/crypto/engines/RFC3394WrapEngine.cs b/crypto/src/crypto/engines/RFC3394WrapEngine.cs index e68e45365..ff3a4e0a0 100644 --- a/crypto/src/crypto/engines/RFC3394WrapEngine.cs +++ b/crypto/src/crypto/engines/RFC3394WrapEngine.cs @@ -128,6 +128,10 @@ namespace Org.BouncyCastle.Crypto.Engines { throw new InvalidOperationException("not set for unwrapping"); } + if (inLen < iv.Length) + { + throw new InvalidCipherTextException("unwrap data too short"); + } int n = inLen / 8; diff --git a/crypto/test/src/crypto/test/AESWrapTest.cs b/crypto/test/src/crypto/test/AESWrapTest.cs index beaa3d3cd..7d9bcd497 100644 --- a/crypto/test/src/crypto/test/AESWrapTest.cs +++ b/crypto/test/src/crypto/test/AESWrapTest.cs @@ -163,23 +163,35 @@ namespace Org.BouncyCastle.Crypto.Tests } // - // short test + // short tests // try { wrapper.Init(false, key); - wrapper.Unwrap(buf, 0, buf.Length / 2); + wrapper.Unwrap(buf, 0, 0); - return new SimpleTestResult(false, Name + ": failed unwrap short test."); + return new SimpleTestResult(false, Name + ": failed unwrap short test 1."); } catch (InvalidCipherTextException) { // expected } + try + { + wrapper.Init(false, key); - try - { + wrapper.Unwrap(buf, 0, buf.Length / 2); + + return new SimpleTestResult(false, Name + ": failed unwrap short test 2."); + } + catch (InvalidCipherTextException) + { + // expected + } + + try + { wrapper.Init(true, key); wrapper.Wrap(buf, 0, 15); |