From a90dbba4bf529b6f69ad732dd2a1bd141badcc94 Mon Sep 17 00:00:00 2001 From: Klas Lindfors Date: Mon, 29 Sep 2014 15:49:58 +0200 Subject: [PATCH] add the length of the padding when checking RSA length --- lib/ykpiv.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/ykpiv.c b/lib/ykpiv.c index afb9662..ee89484 100644 --- a/lib/ykpiv.c +++ b/lib/ykpiv.c @@ -501,7 +501,7 @@ ykpiv_rc ykpiv_sign_data(ykpiv_state *state, if(pad_len == 0) { pad_len = 256; } - if(in_len > pad_len) { + if(in_len + RSA_PKCS1_PADDING_SIZE > pad_len) { return YKPIV_SIZE_ERROR; } RSA_padding_add_PKCS1_type_1(sign_in, pad_len, raw_in, in_len);