- int length = actual.Length;
- try {
- // SignatureLength is in bits
- length = (Int32.Parse (m_signature.SignedInfo.SignatureLength) >> 3);
- }
- catch {
- }
-
- if (length != actual.Length) {
+ int length = Int32.Parse (m_signature.SignedInfo.SignatureLength);
+ // we only support signatures with a multiple of 8 bits
+ // and the value must match the signature length
+ if ((length & 7) != 0)
+ throw new CryptographicException ("Signature length must be a multiple of 8 bits.");
+
+ // SignatureLength is in bits (and we works on bytes, only in multiple of 8 bits)
+ // and both values must match for a signature to be valid
+ length >>= 3;
+ if (length != m_signature.SignatureValue.Length)
+ throw new CryptographicException ("Invalid signature length.");
+
+ // is the length "big" enough to make the signature meaningful ?
+ // we use a minimum of 80 bits (10 bytes) or half the HMAC normal output length
+ // e.g. HMACMD5 output 128 bits but our minimum is 80 bits (not 64 bits)
+ int minimum = Math.Max (10, actual.Length / 2);
+ if (length < minimum)
+ throw new CryptographicException ("HMAC signature is too small");
+
+ if (length < actual.Length) {