diff -uNr a/eucrypt/manifest b/eucrypt/manifest --- a/eucrypt/manifest 55dae077e4aade75f7999b8ea93bb3177738444d809f95f8a5de7bac9a533a3fb9d75dc23c2f8de7e6fafb85ad190382e4a3e0c793b0dcea192c9b7f8409cb14 +++ b/eucrypt/manifest 36dd3853f41604790d69b6db28d86933a068b0f5d64cf2224e7fd3371497e21a92b0dbb84e4367b112c55f57f35a6ec076a8e04729ea7fd8f87bbd79d846c95d @@ -17,5 +17,5 @@ 513700 eucrypt_check_nread diana_coman Adds another check and loop to ensure that all Eucrypt has the same behaviour when requesting random bits: reject and discard any that are not exactly as many as required and simply keep trying in a loop until the required bits are obtained. 521090 eucrypt_ch13_smg_rng diana_coman Adds methods for obtaining random values directly from bits obtained from the entropy source. Following specific types are supported: unsigned int on 32 bits, unsigned int on 64 bits, dirty float between 0 and 1, float IEEE 754/1985 between 1 and 2. 527560 eucrypt_manifest diana_coman Adds this manifest file that should be modified each time a new patch is added to EuCrypt. - +543780 eucrypt_fix_256 diana_coman Fix the error in smg_oaep.adb that used 255 instead of 256 when calculating/retrieving length stored on 2 octets. diff -uNr a/eucrypt/smg_keccak/smg_oaep.adb b/eucrypt/smg_keccak/smg_oaep.adb --- a/eucrypt/smg_keccak/smg_oaep.adb fa02cb033ad63404d8e721c3eeabcf7775e42b1553cfd3e07d6f91fc67e307ac2dd754fb4009f56ce7c38b62aa32564ec309dfd69c4ecf09cf8db46742390c00 +++ b/eucrypt/smg_keccak/smg_oaep.adb ab9fd79fe71c8ba5c6015b658e2fb609449ddf8c717a0c97c3ba88e7b7c7e8172c00d93637f7697f7d040615854f6fa5865ba04ab3aea90b33cdf129f4f5589e @@ -140,8 +140,8 @@ M00( M00'First ) := Entropy( Entropy'First ); -- next 2 octets hold the used length of Msg (number of octets) - M00( M00'First + 2) := Character'Val( ( MsgLen * 8 ) mod 255 ); - M00( M00'First + 1) := Character'Val( ( (MsgLen * 8 ) / 255 ) mod 255 ); + M00( M00'First + 2) := Character'Val( ( MsgLen * 8 ) mod 256 ); + M00( M00'First + 1) := Character'Val( ( (MsgLen * 8 ) / 256 ) mod 256 ); -- next 8 octets are reserved for later use, currently "TMSR-RSA" M00( M00'First + 3 .. M00'First + 10 ) := TMSR; @@ -268,7 +268,7 @@ XOR_Strings( X, HashR, M ); -- step 4: extract length and message - Len := Character'Pos( M( M'First + 1 ) ) * 255 + + Len := Character'Pos( M( M'First + 1 ) ) * 256 + Character'Pos( M( M'First + 2 ) ); LenOctets := Len / 8;