gnutls-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [gnutls-dev] bug in _gnutls_pkcs1_rsa_encrypt

From: Robey Pointer
Subject: Re: [gnutls-dev] bug in _gnutls_pkcs1_rsa_encrypt
Date: Wed, 18 Aug 2004 13:58:49 -0700
User-agent: Mozilla Thunderbird 0.7.1 (Macintosh/20040626) 
Matthias Urlichs wrote:


Hi,

Werner Koch:

This line doesn't make sense, IMHO.

The idea is that when requesting K new random bytes to replace zero
bytes of the initial random string, we request a few bytes more so
that we have some spare random bytes in case the K new bytes contain
zero bytes.


I thought so.

However, it would help a great deal if you'd actually skip zero bytes in
the new string when you replace the zeroes in the old string.  ;-)


Agreed, requesting just one extra byte for replacing 128 zero bytes is
too less. 

s/is too less/isn't enough/.  (OK, OK, I'll shut up now.)

To be reasonably safe, add three more bytes.
IMHO, best to just leave the loop as-is and not bother to fetch the extra k/128 byte(s). The simplicity outweighs the very very small chance that you might avoid an extra loop iteration by obsessively checking for (and skipping) zeros in the replacement buffer. 

robey
reply via email to
[Prev in Thread] Current Thread [Next in Thread]