Stricter RSA PKCS #1 1.5 encoding. Reported by Kikuchi Masashi.

2 files changed, 5 insertions, 2 deletions

diff --git a/NEWS b/NEWS
index 7174c9b8fb..2156d12138 100644
--- a/NEWS
+++ b/NEWS
@@ -7,6 +7,9 @@ See the end for copying conditions.
 ** libgnutls: Fixed record padding parsing issue. Reported by Kenny
 Patterson and Nadhem Alfardan.
 
+** libgnutls: Stricter RSA PKCS #1 1.5 encoding. Reported
+by Kikuchi Masashi.
+
 ** libgnutls-guile: Fixed parallel compilation issue.
 
 ** API and ABI modifications:
diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c
index fc3275cf17..7a8833f7d5 100644
--- a/lib/nettle/pk.c
+++ b/lib/nettle/pk.c
@@ -208,7 +208,7 @@ _wrap_nettle_pk_encrypt (gnutls_pk_algorithm_t algo,
         mpz_powm (p, p, TOMPZ (pk_params->params[1]) /*e */ ,
                   TOMPZ (pk_params->params[0] /*m */ ));
 
-        ret = _gnutls_mpi_dprint_size (p, ciphertext, plaintext->size);
+        ret = _gnutls_mpi_dprint_size (p, ciphertext, nettle_mpz_sizeinbase_256_u(TOMPZ (pk_params->params[0])));
         _gnutls_mpi_release (&p);
 
         if (ret < 0)
@@ -487,7 +487,7 @@ _wrap_nettle_pk_sign (gnutls_pk_algorithm_t algo,
 
         rsa_unblind (nc, ri, pk_params->params[0] /*m */ );
 
-        ret = _gnutls_mpi_dprint (nc, signature);
+        ret = _gnutls_mpi_dprint_size (nc, signature, nettle_mpz_sizeinbase_256_u(TOMPZ (pk_params->params[0])));
 
 rsa_fail:
         _gnutls_mpi_release (&nc);