From beaed3940085f322ab4293f8514aa4cd638b913c Mon Sep 17 00:00:00 2001 From: Evgeny Pokhilko Date: Sun, 10 Mar 2019 14:57:20 +1100 Subject: [PATCH] Replace upper_bound with lower_bound in pgp_s2k Fix: RFC4880_encode_count doesn't return consistent results when processing exact iterations. It returns RFC4880 code + 1. Update PGP_S2K_Iter test to verify PGP formula Add test to verify that encoded values match the PGP formula --- src/lib/pbkdf/pgp_s2k/pgp_s2k.cpp | 2 +- src/tests/test_pbkdf.cpp | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/src/lib/pbkdf/pgp_s2k/pgp_s2k.cpp b/src/lib/pbkdf/pgp_s2k/pgp_s2k.cpp index d04fb47b36a..8bcf9239fcc 100644 --- a/src/lib/pbkdf/pgp_s2k/pgp_s2k.cpp +++ b/src/lib/pbkdf/pgp_s2k/pgp_s2k.cpp @@ -61,7 +61,7 @@ uint8_t RFC4880_encode_count(size_t desired_iterations) if(desired_iterations >= OPENPGP_S2K_ITERS[255]) return 255; - auto i = std::upper_bound(OPENPGP_S2K_ITERS, OPENPGP_S2K_ITERS + 256, desired_iterations); + auto i = std::lower_bound(OPENPGP_S2K_ITERS, OPENPGP_S2K_ITERS + 256, desired_iterations); return static_cast(i - OPENPGP_S2K_ITERS); } diff --git a/src/tests/test_pbkdf.cpp b/src/tests/test_pbkdf.cpp index 20a25165ba0..34ed64c3fec 100644 --- a/src/tests/test_pbkdf.cpp +++ b/src/tests/test_pbkdf.cpp @@ -214,6 +214,9 @@ class PGP_S2K_Iter_Test final : public Test const size_t dec = Botan::RFC4880_decode_count(static_cast(c)); const size_t comp_dec = (16 + (c & 0x0F)) << ((c >> 4) + 6); result.test_eq("Decoded value matches PGP formula", dec, comp_dec); + + const size_t enc = Botan::RFC4880_encode_count(comp_dec); + result.test_eq("Encoded value matches PGP formula", enc, c); } uint8_t last_enc = 0;