X-Git-Url: http://git.silcnet.org/gitweb/?a=blobdiff_plain;f=lib%2Fsilccrypt%2Fpkcs1.c;h=98963739d8565565e05cb5624b4f41107449e0c6;hb=413da0f8686910f5e627393157566ae729ca99c4;hp=6e5a6a4a560b181774b0ab82364fb5e5503458dd;hpb=a818c5b5411bbc4436d1c5f011236985c96bb787;p=silc.git

diff --git a/lib/silccrypt/pkcs1.c b/lib/silccrypt/pkcs1.c
index 6e5a6a4a..98963739 100644
--- a/lib/silccrypt/pkcs1.c
+++ b/lib/silccrypt/pkcs1.c
@@ -256,6 +256,9 @@ RSA_DecodeOneBlock(unsigned char *data,
     if (blockType != bt)
       return NULL;
 
+    if (modulusLen < 2 + 1)
+      return NULL;
+
     dp += 2;
 
     switch (blockType) {
@@ -317,7 +320,7 @@ SILC_PKCS_API_ENCRYPT(pkcs1)
   SilcMPInt mp_tmp;
   SilcMPInt mp_dst;
   unsigned char *padded;
-  SilcUInt32 padded_len, len = key->bits / 8;
+  SilcUInt32 padded_len, len = (key->bits + 7) / 8;
 
   /* Pad data */
   if (!RSA_FormatBlock(&padded, &padded_len, len,
@@ -326,8 +329,6 @@ SILC_PKCS_API_ENCRYPT(pkcs1)
 
   silc_mp_init(&mp_tmp);
   silc_mp_init(&mp_dst);
-  silc_mp_set_ui(&mp_tmp, 0);
-  silc_mp_set_ui(&mp_dst, 0);
 
   /* Data to MP */
   silc_mp_bin2mp(padded, padded_len, &mp_tmp);
@@ -357,8 +358,6 @@ SILC_PKCS_API_DECRYPT(pkcs1)
 
   silc_mp_init(&mp_tmp);
   silc_mp_init(&mp_dst);
-  silc_mp_set_ui(&mp_tmp, 0);
-  silc_mp_set_ui(&mp_dst, 0);
 
   /* Data to MP */
   silc_mp_bin2mp(src, src_len, &mp_tmp);
@@ -367,7 +366,7 @@ SILC_PKCS_API_DECRYPT(pkcs1)
   rsa_en_de_crypt(&mp_dst, &mp_tmp, &key->d, &key->n);
 
   /* MP to data */
-  padded = silc_mp_mp2bin(&mp_dst, key->bits / 8, &padded_len);
+  padded = silc_mp_mp2bin(&mp_dst, (key->bits + 7) / 8, &padded_len);
 
   /* Unpad data */
   unpadded = RSA_DecodeOneBlock(padded, padded_len, 0, 
@@ -401,7 +400,7 @@ SILC_PKCS_API_SIGN(pkcs1)
   SilcMPInt mp_dst;
   unsigned char *padded;
   SilcUInt32 padded_len;
-  SilcUInt32 len = key->bits / 8;
+  SilcUInt32 len = (key->bits + 7) / 8;
 
   /* Pad data */
   if (!RSA_FormatBlock(&padded, &padded_len, len, RSA_BlockPrivate, 
@@ -410,8 +409,6 @@ SILC_PKCS_API_SIGN(pkcs1)
 
   silc_mp_init(&mp_tmp);
   silc_mp_init(&mp_dst);
-  silc_mp_set_ui(&mp_tmp, 0);
-  silc_mp_set_ui(&mp_dst, 0);
 
   /* Data to MP */
   silc_mp_bin2mp(padded, len, &mp_tmp);
@@ -438,12 +435,10 @@ SILC_PKCS_API_VERIFY(pkcs1)
   SilcMPInt mp_tmp2;
   SilcMPInt mp_dst;
   unsigned char *verify, *unpadded;
-  SilcUInt32 verify_len, len = key->bits / 8;
+  SilcUInt32 verify_len, len = (key->bits + 7) / 8;
 
   silc_mp_init(&mp_tmp2);
   silc_mp_init(&mp_dst);
-  silc_mp_set_ui(&mp_tmp2, 0);
-  silc_mp_set_ui(&mp_dst, 0);
 
   /* Format the signature into MP int */
   silc_mp_bin2mp(signature, signature_len, &mp_tmp2);