github #172 - added blowfish init check on key size

Author: dghbc

crypto/src/crypto/engines/BlowfishEngine.cs

@@ -421,7 +421,12 @@ private void ProcessTable(
 
         private void SetKey(byte[] key)
         {
-            /*
+			if (key.Length < 4 || key.Length > 56)
+			{
+				throw new ArgumentException("key length must be in range 32 to 448 bits");
+			}
+
+			/*
             * - comments are from _Applied Crypto_, Schneier, p338
             * please be careful comparing the two, AC numbers the
             * arrays from 1, the enclosed code from 0.
@@ -430,7 +435,7 @@ private void SetKey(byte[] key)
             * Initialise the S-boxes and the P-array, with a fixed string
             * This string contains the hexadecimal digits of pi (3.141...)
             */
-            Array.Copy(KS0, 0, S0, 0, SBOX_SK);
+			Array.Copy(KS0, 0, S0, 0, SBOX_SK);
             Array.Copy(KS1, 0, S1, 0, SBOX_SK);
             Array.Copy(KS2, 0, S2, 0, SBOX_SK);
             Array.Copy(KS3, 0, S3, 0, SBOX_SK);

crypto/test/src/crypto/test/BlowfishTest.cs

@@ -40,6 +40,29 @@ public void TestFunction()
         {
             string resultText = Perform().ToString();
 
+            BlowfishEngine blowfish = new BlowfishEngine();
+
+            // key range check
+            try
+            {
+                blowfish.Init(true, new KeyParameter(new byte[1]));
+                Fail("no exception");
+            }
+            catch (ArgumentException e)
+            {
+                Assert.AreEqual("key length must be in range 32 to 448 bits", e.Message);
+            }
+
+            try
+            {
+                blowfish.Init(true, new KeyParameter(new byte[59]));
+                Fail("no exception");
+            }
+            catch (ArgumentException e)
+            {
+                Assert.AreEqual("key length must be in range 32 to 448 bits", e.Message);
+            }
+
             Assert.AreEqual(Name + ": Okay", resultText);
         }