From f4e094aacbde15c863d6ebc06aec47926bf9b34a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Olivier=20Ch=C3=A9ron?= Date: Sun, 25 Sep 2016 09:06:35 +0200 Subject: [PATCH] Fix PKCS#1 v1.5 padding The padding string is at least 8 bytes long + 3 other bytes, so it should be 11. --- Crypto/PubKey/RSA/PKCS15.hs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Crypto/PubKey/RSA/PKCS15.hs b/Crypto/PubKey/RSA/PKCS15.hs index d3b9311..9edbf64 100644 --- a/Crypto/PubKey/RSA/PKCS15.hs +++ b/Crypto/PubKey/RSA/PKCS15.hs @@ -111,8 +111,8 @@ pad len m -- | Produce a standard PKCS1.5 padding for signature padSignature :: ByteArray signature => Int -> signature -> Either Error signature padSignature klen signature - | klen < siglen+1 = Left SignatureTooLong - | otherwise = Right (B.pack padding `B.append` signature) + | klen < siglen + 11 = Left SignatureTooLong + | otherwise = Right (B.pack padding `B.append` signature) where siglen = B.length signature padding = 0 : 1 : (replicate (klen - siglen - 3) 0xff ++ [0])