[gnutls-dev] bug in _gnutls_pkcs1_rsa_encrypt
Matthias Urlichs
smurf at smurf.noris.de
Wed Aug 18 11:58:19 CEST 2004
Hi,
Werner Koch:
> > This line doesn't make sense, IMHO.
>
> The idea is that when requesting K new random bytes to replace zero
> bytes of the initial random string, we request a few bytes more so
> that we have some spare random bytes in case the K new bytes contain
> zero bytes.
>
I thought so.
However, it would help a great deal if you'd actually skip zero bytes in
the new string when you replace the zeroes in the old string. ;-)
> Agreed, requesting just one extra byte for replacing 128 zero bytes is
> too less.
s/is too less/isn't enough/. (OK, OK, I'll shut up now.)
To be reasonably safe, add three more bytes.
--
Matthias Urlichs | {M:U} IT Design @ m-u-it.de | smurf at smurf.noris.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: </pipermail/attachments/20040818/69b5e44a/attachment.pgp>
More information about the Gnutls-devel
mailing list