Skip to content

guard minimum length in sm2 decrypt and gost/dstu/desede/rc2 unwrap#2359

Open
rootvector2 wants to merge 1 commit into
bcgit:mainfrom
rootvector2:wrap-engine-min-length-guard
Open

guard minimum length in sm2 decrypt and gost/dstu/desede/rc2 unwrap#2359
rootvector2 wants to merge 1 commit into
bcgit:mainfrom
rootvector2:wrap-engine-min-length-guard

Conversation

@rootvector2

Copy link
Copy Markdown
Contributor

SM2Engine.decrypt and the GOST28147/DSTU7624/DESede/RC2 key-wrap unwrap engines sized their output as new byte[inLen - overhead] without first checking inLen covers that overhead, so a short attacker-supplied ciphertext threw NegativeArraySizeException/ArrayIndexOutOfBoundsException instead of the declared InvalidCipherTextException; found auditing these against the already-guarded IESEngine/RFC3394WrapEngine/RFC5649WrapEngine and adds the same minimum-length check.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant