diff options
-rw-r--r-- | src/common/crypto.c | 15 | ||||
-rw-r--r-- | src/test/test_crypto.c | 7 |
2 files changed, 4 insertions, 18 deletions
diff --git a/src/common/crypto.c b/src/common/crypto.c index 41f81ebd77..02f3d2fbba 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -1001,8 +1001,7 @@ crypto_pk_private_sign_digest(crypto_pk_t *env, char *to, size_t tolen, * bytes of data from <b>from</b>, with padding type 'padding', * storing the results on <b>to</b>. * - * If no padding is used, the public key must be at least as large as - * <b>from</b>. + * (Padding is required; the PK_NO_PADDING value is not supported.) * * Returns the number of bytes written on success, -1 on failure. * @@ -1030,13 +1029,11 @@ crypto_pk_public_hybrid_encrypt(crypto_pk_t *env, tor_assert(from); tor_assert(to); tor_assert(fromlen < SIZE_T_CEILING); + tor_assert(padding != PK_NO_PADDING); overhead = crypto_get_rsa_padding_overhead(crypto_get_rsa_padding(padding)); pkeylen = crypto_pk_keysize(env); - if (padding == PK_NO_PADDING && fromlen < pkeylen) - return -1; - if (!force && fromlen+overhead <= pkeylen) { /* It all fits in a single encrypt. */ return crypto_pk_public_encrypt(env,to, @@ -1050,14 +1047,6 @@ crypto_pk_public_hybrid_encrypt(crypto_pk_t *env, if (!cipher) return -1; if (crypto_cipher_generate_key(cipher)<0) goto err; - /* You can't just run around RSA-encrypting any bitstream: if it's - * greater than the RSA key, then OpenSSL will happily encrypt, and - * later decrypt to the wrong value. So we set the first bit of - * 'cipher->key' to 0 if we aren't padding. This means that our - * symmetric key is really only 127 bits. - */ - if (padding == PK_NO_PADDING) - cipher->key[0] &= 0x7f; if (crypto_cipher_encrypt_init_cipher(cipher)<0) goto err; buf = tor_malloc(pkeylen+1); diff --git a/src/test/test_crypto.c b/src/test/test_crypto.c index bf0962e98b..3f9029a8f8 100644 --- a/src/test/test_crypto.c +++ b/src/test/test_crypto.c @@ -485,14 +485,11 @@ test_crypto_pk(void) /* Try with hybrid encryption wrappers. */ crypto_rand(data1, 1024); - for (i = 0; i < 3; ++i) { + for (i = 0; i < 2; ++i) { for (j = 85; j < 140; ++j) { memset(data2,0,1024); memset(data3,0,1024); - if (i == 0 && j < 129) - continue; - p = (i==0)?PK_NO_PADDING: - (i==1)?PK_PKCS1_PADDING:PK_PKCS1_OAEP_PADDING; + p = (i==0)?PK_PKCS1_PADDING:PK_PKCS1_OAEP_PADDING; len = crypto_pk_public_hybrid_encrypt(pk1,data2,sizeof(data2), data1,j,p,0); test_assert(len>=0); |