wk at gnupg
Sep 13, 2006, 2:53 AM
Post #2 of 2
(937 views)
Permalink
|
|
Re: gcry_pk_decrypt and leading zeros in the decrypted output
[In reply to]
|
|
On Tue, 12 Sep 2006 16:44, Einar Karttunen said:
> a leading zero byte. Libgcrypt seems to want to delete that
> when I use gcry_sexp_nth_data (and also with gcry_sexp_nth_mpi).
Internally these are all MPIs. Thus it makes no difference what
function you use to retrieve it.
> It seems very unsafe to assume that there was a leading zero
> byte that got deleted by libgcrypt as many programs using
Why do you think it is unsafe? Leading zeroes of numbers are
meanigless in computations. When computing m = c^d mod n there won't
be a leading zero. We need to invent it. The reason pkcs#1 requires
the leading zero is to state that this is a non-negative number and
less than n.
> What is the correct way to get the value from the decryption result
> sexp while preserving any possible leading zero bytes?
You don't need the leading zero. Take a normalized MPI and check that
it is not negative (the latter is always true for our rsa
implementation).
Salam-Shalom,
Werner
_______________________________________________
Gcrypt-devel mailing list
Gcrypt-devel [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gcrypt-devel
|
