[gnutls-dev] bug in _gnutls_pkcs1_rsa_encrypt

Werner Koch wk at gnupg.org
Wed Aug 18 11:33:47 CEST 2004

On Tue, 17 Aug 2004 23:19:51 +0200, Matthias Urlichs said:

>> k += k/128; /* better get some more */

> This line doesn't make sense, IMHO.

The idea is that when requesting K new random bytes to replace zero
bytes of the initial random string, we request a few bytes more so
that we have some spare random bytes in case the K new bytes contain
zero bytes.

Agreed, requesting just one extra byte for replacing 128 zero bytes is
too less. 


More information about the Gnutls-devel mailing list