* CryptixAESEngine: Fix bogus bounds checks

5a934050 · zzz · df8cd90b · 5a934050 · 5a934050
Commit 5a934050 authored 13 years ago by zzz
--- a/core/java/src/net/i2p/crypto/CryptixAESEngine.java
+++ b/core/java/src/net/i2p/crypto/CryptixAESEngine.java
@@ -194,7 +194,11 @@ public class CryptixAESEngine extends AESEngine {
        _prevCache.release(curA);
    }
-    /** encrypt exactly 16 bytes using the session key */
+    /** encrypt exactly 16 bytes using the session key
+     * @param payload plaintext data, 16 bytes starting at inIndex
+     * @param sessionKey private session key
+     * @param out out parameter, 16 bytes starting at outIndex
+     */
    @Override
    public final void encryptBlock(byte payload[], int inIndex, SessionKey sessionKey, byte out[], int outIndex) {
        if (sessionKey.getPreparedKey() == null) {
@@ -207,21 +211,23 @@ public class CryptixAESEngine extends AESEngine {
            }
        }
-        CryptixRijndael_Algorithm.blockEncrypt(payload, out, inIndex, outIndex, sessionKey.getPreparedKey(), 16);
+        CryptixRijndael_Algorithm.blockEncrypt(payload, out, inIndex, outIndex, sessionKey.getPreparedKey());
    }
    /** decrypt exactly 16 bytes of data with the session key provided
-     * @param payload encrypted data
+     * @param payload encrypted data, 16 bytes starting at inIndex
     * @param sessionKey private session key
+     * @param rv out parameter, 16 bytes starting at outIndex
     */
    @Override
    public final void decryptBlock(byte payload[], int inIndex, SessionKey sessionKey, byte rv[], int outIndex) {
-        if ( (payload == null) || (rv == null) )
+        // just let it throw NPE or IAE later for speed, you'll figure it out
-            throw new IllegalArgumentException("null block args");
+        //if ( (payload == null) || (rv == null) )
-        if (payload.length - inIndex > rv.length - outIndex)
+        //    throw new IllegalArgumentException("null block args");
-            throw new IllegalArgumentException("bad block args [payload.len=" + payload.length 
+        //if (payload.length - inIndex > rv.length - outIndex)
-                                               + " inIndex=" + inIndex + " rv.len=" + rv.length 
+        //    throw new IllegalArgumentException("bad block args [payload.len=" + payload.length 
-                                               + " outIndex="+outIndex);
+        //                                       + " inIndex=" + inIndex + " rv.len=" + rv.length 
+        //                                       + " outIndex="+outIndex);
        if (sessionKey.getPreparedKey() == null) {
            try {
                Object key = CryptixRijndael_Algorithm.makeKey(sessionKey.getData(), 16);
@@ -232,7 +238,7 @@ public class CryptixAESEngine extends AESEngine {
            }
        }
-        CryptixRijndael_Algorithm.blockDecrypt(payload, rv, inIndex, outIndex, sessionKey.getPreparedKey(), 16);
+        CryptixRijndael_Algorithm.blockDecrypt(payload, rv, inIndex, outIndex, sessionKey.getPreparedKey());
    }
 /******

--- a/core/java/src/net/i2p/crypto/CryptixRijndael_Algorithm.java
+++ b/core/java/src/net/i2p/crypto/CryptixRijndael_Algorithm.java
@@ -455,8 +455,8 @@ public final class CryptixRijndael_Algorithm // implicit no-argument constructor
     * @param  sessionKey The session key to use for decryption.
     */
    public static final void blockDecrypt(byte[] in, byte[] result, int inOffset, int outOffset, Object sessionKey) {
-        if (in.length - inOffset > result.length - outOffset)
+        if (result.length - outOffset <= 15)
-            throw new IllegalArgumentException("result too small: in.len=" + in.length + " in.offset=" + inOffset
+            throw new IllegalArgumentException("result too small:"
                                               + " result.len=" + result.length + " result.offset=" + outOffset);
        if (in.length - inOffset <= 15)
            throw new IllegalArgumentException("data too small: " + in.length + " inOffset: " + inOffset);