Add length guards

peterdettman · peterdettman · commit dd133cb844bd · 2022-10-04T20:20:31.000+07:00
diff --git a/core/src/main/java/org/bouncycastle/math/ec/rfc7748/X25519.java b/core/src/main/java/org/bouncycastle/math/ec/rfc7748/X25519.java
@@ -53,6 +53,11 @@ private static void decodeScalar(byte[] k, int kOff, int[] n)
 
     public static void generatePrivateKey(SecureRandom random, byte[] k)
     {
+        if (k.length != SCALAR_SIZE)
+        {
+            throw new IllegalArgumentException("k");
+        }
+
         random.nextBytes(k);
 
         k[0] &= 0xF8;
diff --git a/core/src/main/java/org/bouncycastle/math/ec/rfc7748/X448.java b/core/src/main/java/org/bouncycastle/math/ec/rfc7748/X448.java
@@ -53,6 +53,11 @@ private static void decodeScalar(byte[] k, int kOff, int[] n)
 
     public static void generatePrivateKey(SecureRandom random, byte[] k)
     {
+        if (k.length != SCALAR_SIZE)
+        {
+            throw new IllegalArgumentException("k");
+        }
+
         random.nextBytes(k);
 
         k[0] &= 0xFC;
diff --git a/core/src/main/java/org/bouncycastle/math/ec/rfc8032/Ed25519.java b/core/src/main/java/org/bouncycastle/math/ec/rfc8032/Ed25519.java
@@ -358,6 +358,11 @@ private static int encodePoint(PointAccum p, byte[] r, int rOff)
 
     public static void generatePrivateKey(SecureRandom random, byte[] k)
     {
+        if (k.length != SECRET_KEY_SIZE)
+        {
+            throw new IllegalArgumentException("k");
+        }
+
         random.nextBytes(k);
     }
 
diff --git a/core/src/main/java/org/bouncycastle/math/ec/rfc8032/Ed448.java b/core/src/main/java/org/bouncycastle/math/ec/rfc8032/Ed448.java
@@ -340,6 +340,11 @@ private static int encodePoint(PointProjective p, byte[] r, int rOff)
 
     public static void generatePrivateKey(SecureRandom random, byte[] k)
     {
+        if (k.length != SECRET_KEY_SIZE)
+        {
+            throw new IllegalArgumentException("k");
+        }
+
         random.nextBytes(k);
     }
 

Original file line number	Diff line number	Diff line change
`@@ -358,6 +358,11 @@ private static int encodePoint(PointAccum p, byte[] r, int rOff)`
`358`	`358`
`359`	`359`	`public static void generatePrivateKey(SecureRandom random, byte[] k)`
`360`	`360`	`{`
	`361`	`+ if (k.length != SECRET_KEY_SIZE)`
	`362`	`+ {`
	`363`	`+ throw new IllegalArgumentException("k");`
	`364`	`+ }`
	`365`	`+`
`361`	`366`	`random.nextBytes(k);`
`362`	`367`	`}`
`363`	`368`
Original file line number	Diff line number	Diff line change
`@@ -340,6 +340,11 @@ private static int encodePoint(PointProjective p, byte[] r, int rOff)`
`340`	`340`
`341`	`341`	`public static void generatePrivateKey(SecureRandom random, byte[] k)`
`342`	`342`	`{`
	`343`	`+ if (k.length != SECRET_KEY_SIZE)`
	`344`	`+ {`
	`345`	`+ throw new IllegalArgumentException("k");`
	`346`	`+ }`
	`347`	`+`
`343`	`348`	`random.nextBytes(k);`
`344`	`349`	`}`
`345`	`350`