[gnutls-dev] bug in _gnutls_pkcs1_rsa_encrypt

Matthias Urlichs smurf at smurf.noris.de
Wed Aug 18 11:58:19 CEST 2004


Werner Koch:
> > This line doesn't make sense, IMHO.
> The idea is that when requesting K new random bytes to replace zero
> bytes of the initial random string, we request a few bytes more so
> that we have some spare random bytes in case the K new bytes contain
> zero bytes.
I thought so.

However, it would help a great deal if you'd actually skip zero bytes in
the new string when you replace the zeroes in the old string.  ;-)

> Agreed, requesting just one extra byte for replacing 128 zero bytes is
> too less. 

s/is too less/isn't enough/.  (OK, OK, I'll shut up now.)

To be reasonably safe, add three more bytes.

Matthias Urlichs   |   {M:U} IT Design @ m-u-it.de   |  smurf at smurf.noris.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: </pipermail/attachments/20040818/69b5e44a/attachment.pgp>

More information about the Gnutls-devel mailing list