@@ -506,35 +506,39 @@ impl Pk {
506
506
plain : & mut [ u8 ] ,
507
507
rng : & mut F ,
508
508
) -> Result < usize > {
509
- let mut ret = :: core:: mem:: MaybeUninit :: uninit ( ) ;
510
509
if self . pk_type ( ) == Type :: Rsa {
511
510
let ctx = self . inner . pk_ctx as * mut rsa_context ;
512
511
if unsafe { ( * ctx) . padding == RAW_RSA_DECRYPT } {
513
- let ret = unsafe {
512
+ let olen = self . len ( ) / 8 ;
513
+ if plain. len ( ) < olen {
514
+ return Err ( Error :: RsaOutputTooLarge ) ;
515
+ }
516
+
517
+ unsafe {
514
518
rsa_private (
515
519
ctx,
516
520
Some ( F :: call) ,
517
521
rng. data_ptr ( ) ,
518
522
cipher. as_ptr ( ) ,
519
523
plain. as_mut_ptr ( )
520
524
) . into_result ( ) ?;
521
- ret. assume_init ( )
522
525
} ;
523
- return Ok ( ret ) ;
526
+ return Ok ( olen ) ;
524
527
}
525
528
}
526
- let ret = unsafe {
529
+
530
+ let mut ret = 0usize ;
531
+ unsafe {
527
532
pk_decrypt (
528
533
& mut self . inner ,
529
534
cipher. as_ptr ( ) ,
530
535
cipher. len ( ) ,
531
536
plain. as_mut_ptr ( ) ,
532
- ret. as_mut_ptr ( ) ,
537
+ & mut ret,
533
538
plain. len ( ) ,
534
539
Some ( F :: call) ,
535
540
rng. data_ptr ( ) ,
536
541
) . into_result ( ) ?;
537
- ret. assume_init ( )
538
542
} ;
539
543
Ok ( ret)
540
544
}
@@ -581,19 +585,18 @@ impl Pk {
581
585
cipher : & mut [ u8 ] ,
582
586
rng : & mut F ,
583
587
) -> Result < usize > {
584
- let mut ret = :: core :: mem :: MaybeUninit :: uninit ( ) ;
585
- let ret = unsafe {
588
+ let mut ret = 0usize ;
589
+ unsafe {
586
590
pk_encrypt (
587
591
& mut self . inner ,
588
592
plain. as_ptr ( ) ,
589
593
plain. len ( ) ,
590
594
cipher. as_mut_ptr ( ) ,
591
- ret. as_mut_ptr ( ) ,
595
+ & mut ret,
592
596
cipher. len ( ) ,
593
597
Some ( F :: call) ,
594
598
rng. data_ptr ( ) ,
595
599
) . into_result ( ) ?;
596
- ret. assume_init ( )
597
600
} ;
598
601
Ok ( ret)
599
602
}
@@ -666,19 +669,18 @@ impl Pk {
666
669
}
667
670
_ => return Err ( Error :: PkSigLenMismatch ) ,
668
671
}
669
- let mut ret = :: core :: mem :: MaybeUninit :: uninit ( ) ;
670
- let ret = unsafe {
672
+ let mut ret = 0usize ;
673
+ unsafe {
671
674
pk_sign (
672
675
& mut self . inner ,
673
676
md. into ( ) ,
674
677
hash. as_ptr ( ) ,
675
678
hash. len ( ) ,
676
679
sig. as_mut_ptr ( ) ,
677
- ret. as_mut_ptr ( ) ,
680
+ & mut ret,
678
681
Some ( F :: call) ,
679
682
rng. data_ptr ( ) ,
680
683
) . into_result ( ) ?;
681
- ret. assume_init ( )
682
684
} ;
683
685
Ok ( ret)
684
686
}
@@ -693,8 +695,11 @@ impl Pk {
693
695
use crate :: rng:: RngCallback ;
694
696
695
697
if self . pk_type ( ) == Type :: Ecdsa || self . pk_type ( ) == Type :: Eckey {
696
- // RFC 6979 signature scheme
698
+ if sig. len ( ) < ECDSA_MAX_LEN {
699
+ return Err ( Error :: PkSigLenMismatch ) ;
700
+ }
697
701
702
+ // RFC 6979 signature scheme
698
703
let q = EcGroup :: new ( self . curve ( ) ?) ?. order ( ) ?;
699
704
let x = self . ec_private ( ) ?;
700
705
@@ -703,19 +708,18 @@ impl Pk {
703
708
704
709
let mut rng = Rfc6979Rng :: new ( md, & q, & x, hash, & random_seed) ?;
705
710
706
- let mut ret = :: core :: mem :: MaybeUninit :: uninit ( ) ;
707
- let ret = unsafe {
711
+ let mut ret = 0usize ;
712
+ unsafe {
708
713
pk_sign (
709
714
& mut self . inner ,
710
715
md. into ( ) ,
711
716
hash. as_ptr ( ) ,
712
717
hash. len ( ) ,
713
718
sig. as_mut_ptr ( ) ,
714
- ret. as_mut_ptr ( ) ,
719
+ & mut ret,
715
720
Some ( Rfc6979Rng :: call) ,
716
721
rng. data_ptr ( ) ,
717
722
) . into_result ( ) ?;
718
- ret. assume_init ( )
719
723
} ;
720
724
Ok ( ret)
721
725
} else if self . pk_type ( ) == Type :: Rsa {
@@ -1176,13 +1180,14 @@ iy6KC991zzvaWY/Ys+q/84Afqa+0qJKQnPuy/7F5GkVdQA/lfbhi
1176
1180
cipher. len( )
1177
1181
) ;
1178
1182
let mut decrypted_data1 = [ 0u8 ; 2048 / 8 ] ;
1179
- let length_without_padding = pk. decrypt ( & cipher, & mut decrypted_data1, & mut rng) . unwrap ( ) ;
1183
+ let length_with_padding = pk. decrypt ( & cipher, & mut decrypted_data1, & mut rng) . unwrap ( ) ;
1180
1184
// set raw decryption padding mode to perform raw decryption
1181
1185
pk. set_options ( Options :: Rsa {
1182
1186
padding : RsaPadding :: None
1183
1187
} ) ;
1184
1188
let mut decrypted_data2 = [ 0u8 ; 2048 / 8 ] ;
1185
- let length_with_padding = pk. decrypt ( & cipher, & mut decrypted_data2, & mut rng) . unwrap ( ) ;
1189
+ let length_without_padding = pk. decrypt ( & cipher, & mut decrypted_data2, & mut rng) . unwrap ( ) ;
1190
+ assert_eq ! ( length_without_padding, decrypted_data2. len( ) ) ;
1186
1191
// compare lengths of the decrypted texts
1187
1192
assert_ne ! ( length_without_padding, length_with_padding) ;
1188
1193
assert_eq ! ( decrypted_data2. len( ) , cipher. len( ) ) ;
0 commit comments