[Help-gnutls] Re: PKCS#8 incompatibility? between OpenSSL and GnuTLS

help-gnutls

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Help-gnutls] Re: PKCS#8 incompatibility? between OpenSSL and GnuTLS

From:	Simon Josefsson
Subject:	[Help-gnutls] Re: PKCS#8 incompatibility? between OpenSSL and GnuTLS
Date:	Wed, 10 Jun 2009 16:24:12 +0200
User-agent:	Gnus/5.110011 (No Gnus v0.11) Emacs/23.0.94 (gnu/linux)

Hi Tomas.  I identified the problem, and it happens when an addition in
the PKCS#12 string-to-key algorithm results in a small result due to MSB
being 00, which happens on average for 1 out of 128 random inputs -- not
1 out of 256 because the code is run in a loop that does two iterations,
so the problem is triggered if the MSB is 00 in either loop.

See patch:
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=dc901197329570394d75d82a5e9d82f17f56106a

This patch will be part of the soon to be released v2.8.1.

Thanks again for the good bug report of an interesting problem.

/Simon

[Prev in Thread]

Current Thread

[Next in Thread]

[Help-gnutls] PKCS#8 incompatibility? between OpenSSL and GnuTLS, Kukosa, Tomas, 2009/06/03
- [Help-gnutls] Re: PKCS#8 incompatibility? between OpenSSL and GnuTLS, Simon Josefsson, 2009/06/03
  - [Help-gnutls] Re: PKCS#8 incompatibility? between OpenSSL and GnuTLS, Simon Josefsson, 2009/06/03
    - [Help-gnutls] Re: PKCS#8 incompatibility? between OpenSSL and GnuTLS, Simon Josefsson <=

Prev by Date: [Help-gnutls] Re: Strange problem with SVN and mod_gnutls
Next by Date: [Help-gnutls] GnuTLS 2.8.1
Previous by thread: [Help-gnutls] Re: PKCS#8 incompatibility? between OpenSSL and GnuTLS
Next by thread: [Help-gnutls] Still replacing OpenSSL function with GnuTLS
Index(es):
- Date
- Thread