[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNU Crypto] bug report wrt EMSA_PSS.java: the private method *byte[] MG
From: |
Danny De Cock |
Subject: |
[GNU Crypto] bug report wrt EMSA_PSS.java: the private method *byte[] MGF(byte[] Z, int l)* does not produce a complete mask... |
Date: |
Mon, 5 May 2008 10:30:08 +0200 (CEST) |
hi,
I just discovered a bug in the class file EMSA_PSS.java: the mask
generation function MGF does not work correctly: the last masking block
does not get filled properly...
this is due to the fact that the loop "for(int i=0;i<limit;i++){step 3.1 &
step 3.2}" stops one iteration too early, which results in trailing zeroes
in the result variable...
the problem can easily be solved: "for(int i=0;i<=limit;i++){step 3.1 &
step 3.2}" does the trick...
I discovered this thanks to an interoperability test... an rsa/pss
signature did not verify correctly with
gnu.java.security.sig.rsa.RSAPSSSignature.java
kind regards, danny.
-----------------------------------------------------------------------------
of course I am ignorant. I just worry whether or not I am ignorant enough...
-----------------------------------------------------------------------------
mail: danny.decock:at:esat:dot:kuleuven:dot:be http://godot.be
godot:at:advalvas:dot:be http://godot.studentenweb.org
godot:at:godot:dot:be web: http://www.esat.kuleuven.be/~decockd
Disclaimer: http://www.kuleuven.be/cwis/email_disclaimer.htm
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNU Crypto] bug report wrt EMSA_PSS.java: the private method *byte[] MGF(byte[] Z, int l)* does not produce a complete mask...,
Danny De Cock <=