[gnutls-dev] bug in _gnutls_pkcs1_rsa_encrypt
Matthias Urlichs
smurf at smurf.noris.de
Thu Aug 19 10:29:28 CEST 2004
Hi,
Werner Koch:
> The loop does now read:
>
It's still wrong.
> k += 3; /* better get some more */ /* <========= */
No, what I meant was
> k += 3+(k/128); /* better get some more, plus safety margin */
That should be adequate; a quick run-through with B() in OpenOffice says
that it is the 99.5% solution.
Anyway, your code is still broken (think about it... in fact it's even
worse: if this version hits a zero byte in pp you effectively stop doing
*anything* in the current iteration!):
> for(j=0; j < i && k ; j++)
> if( !p[j] && pp[k-1] ) /* <========= */
> p[j] = pp[--k];
Replace with:
> for(j=0; j < i && k ; )
> if(! p[j])
> p[j] = pp[--k];
> if(p[j])
> j++;
> if (k)
> break; /* we know we got them all */
> Does this look better?
NOW it does. ;-)
--
Matthias Urlichs | {M:U} IT Design @ m-u-it.de | smurf at smurf.noris.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : /pipermail/attachments/20040819/a2540f32/attachment.bin
More information about the Gnutls-dev
mailing list