[gnutls-dev] bug in _gnutls_pkcs1_rsa_encrypt
Robey Pointer
robey at danger.com
Wed Aug 18 22:58:49 CEST 2004
Matthias Urlichs wrote:
>Hi,
>
>Werner Koch:
>
>
>>>This line doesn't make sense, IMHO.
>>>
>>>
>>The idea is that when requesting K new random bytes to replace zero
>>bytes of the initial random string, we request a few bytes more so
>>that we have some spare random bytes in case the K new bytes contain
>>zero bytes.
>>
>>
>>
>I thought so.
>
>However, it would help a great deal if you'd actually skip zero bytes in
>the new string when you replace the zeroes in the old string. ;-)
>
>
>
>>Agreed, requesting just one extra byte for replacing 128 zero bytes is
>>too less.
>>
>>
>
>s/is too less/isn't enough/. (OK, OK, I'll shut up now.)
>
>To be reasonably safe, add three more bytes.
>
>
IMHO, best to just leave the loop as-is and not bother to fetch the
extra k/128 byte(s). The simplicity outweighs the very very small
chance that you might avoid an extra loop iteration by obsessively
checking for (and skipping) zeros in the replacement buffer.
robey
More information about the Gnutls-devel
mailing list