Branch: Tag:

2013-10-28

2013-10-28 17:29:31 by Martin Nilsson <nilsson@opera.com>

Fixed a bias in the PKCS#1 1.5 RSA type 2 padding (EME-PKCS1-V1_5_ENCODE).

304:   Gmp.mpz rsa_pad(string message, int(1..2) type,    function(int:string)|void random)   { -  string cookie; +  string cookie = "";    int len;       len = size - 3 - sizeof(message);
318:    break;    case 2:    if( !random ) random = this_program::random; -  cookie = replace( random(len), "\0", "\1"); +  do { +  cookie += random(len-sizeof(cookie)) - "\0"; +  } while( sizeof(cookie)<len );    break;    default:    error( "Unknown type.\n" );