From 524db20702dbeeac2dd9b48558e0a18d8c0199df Mon Sep 17 00:00:00 2001
From: Peter Dettman <peter.dettman@bouncycastle.org>
Date: Fri, 5 Apr 2024 14:49:12 +0700
Subject: Fix CCM input length check

---
 crypto/src/crypto/modes/CcmBlockCipher.cs | 24 ++++++++++++++++++++++--
 1 file changed, 22 insertions(+), 2 deletions(-)

diff --git a/crypto/src/crypto/modes/CcmBlockCipher.cs b/crypto/src/crypto/modes/CcmBlockCipher.cs
index fa583fdef..2f9ec216f 100644
--- a/crypto/src/crypto/modes/CcmBlockCipher.cs
+++ b/crypto/src/crypto/modes/CcmBlockCipher.cs
@@ -274,7 +274,17 @@ namespace Org.BouncyCastle.Crypto.Modes
             if (q < 4)
             {
                 int limitLen = 1 << (8 * q);
-                if (inLen >= limitLen)
+
+                // no input length adjustment for encryption
+                int inputAdjustment = 0;
+
+                if (!forEncryption)
+                {
+                    // input includes 16 additional bytes: CCM flags and n+q values.
+                    inputAdjustment = 1 /* flags */ + 15 /* n + q */;
+                }
+
+                if (inLen - inputAdjustment >= limitLen)
                     throw new InvalidOperationException("CCM packet too large for choice of q.");
             }
 
@@ -375,7 +385,17 @@ namespace Org.BouncyCastle.Crypto.Modes
             if (q < 4)
             {
                 int limitLen = 1 << (8 * q);
-                if (inLen >= limitLen)
+
+                // no input length adjustment for encryption
+                int inputAdjustment = 0;
+
+                if (!forEncryption)
+                {
+                    // input includes 16 additional bytes: CCM flags and n+q values.
+                    inputAdjustment = 1 /* flags */ + 15 /* n + q */;
+                }
+
+                if (inLen - inputAdjustment >= limitLen)
                     throw new InvalidOperationException("CCM packet too large for choice of q.");
             }
 
-- 
cgit 1.4.1