Skip to content

Commit

Permalink
Tweak OAEP's constant
Browse files Browse the repository at this point in the history
  • Loading branch information
newpavlov committed Jun 26, 2024
1 parent 429a137 commit a8078bb
Showing 1 changed file with 10 additions and 7 deletions.
17 changes: 10 additions & 7 deletions src/algorithms/oaep.rs
Original file line number Diff line number Diff line change
Expand Up @@ -11,9 +11,12 @@ use zeroize::Zeroizing;
use super::mgf::{mgf1_xor, mgf1_xor_digest};
use crate::errors::{Error, Result};

// 2**61 -1 (pow is not const yet)
// TODO: This is the maximum for SHA-1, unclear from the RFC what the values are for other hashing functions.
const MAX_LABEL_LEN: u64 = 2_305_843_009_213_693_951;
/// Maximum label size (2^64 bits) for SHA-1 and SHA-256 hash functions.
///
/// In theory, other hash functions (e.g. SHA-512 and SHA-3) can process longer labels,
/// but such huge inputs are practically impossible on one machine, so we use this limit
/// for all hash functions.
const MAX_LABEL_LEN: u64 = 1 << 61;

#[inline]
fn encrypt_internal<R: CryptoRngCore + ?Sized, MGF: FnMut(&mut [u8], &mut [u8])>(
Expand Down Expand Up @@ -65,7 +68,7 @@ pub(crate) fn oaep_encrypt<R: CryptoRngCore + ?Sized>(
let h_size = digest.output_size();

let label = label.unwrap_or_default();
if label.len() as u64 > MAX_LABEL_LEN {
if label.len() as u64 >= MAX_LABEL_LEN {
return Err(Error::LabelTooLong);
}

Expand Down Expand Up @@ -99,7 +102,7 @@ pub(crate) fn oaep_encrypt_digest<
let h_size = <D as Digest>::output_size();

let label = label.unwrap_or_default();
if label.len() as u64 > MAX_LABEL_LEN {
if label.len() as u64 >= MAX_LABEL_LEN {
return Err(Error::LabelTooLong);
}

Expand Down Expand Up @@ -133,7 +136,7 @@ pub(crate) fn oaep_decrypt(
let h_size = digest.output_size();

let label = label.unwrap_or_default();
if label.len() as u64 > MAX_LABEL_LEN {
if label.len() as u64 >= MAX_LABEL_LEN {
return Err(Error::Decryption);
}

Expand Down Expand Up @@ -173,7 +176,7 @@ pub(crate) fn oaep_decrypt_digest<D: Digest, MGD: Digest + FixedOutputReset>(
let h_size = <D as Digest>::output_size();

let label = label.unwrap_or_default();
if label.len() as u64 > MAX_LABEL_LEN {
if label.len() as u64 >= MAX_LABEL_LEN {
return Err(Error::LabelTooLong);
}

Expand Down

0 comments on commit a8078bb

Please sign in to comment.