I'm forwarding this to the GNU Classpath list. We're maintaining GNU
Crypto as a part of GNU Classpath now, and in the near term there are
no plans for a new release of GNU Crypto.
The bug report may still be valid for GNU Classpath though. Do you
have a test case that we can use?
On Mon, May 5, 2008 at 1:30 AM, Danny De Cock <decockd@xxxxxxxxxxxxxxxx> wrote:
> hi,
>
> I just discovered a bug in the class file EMSA_PSS.java: the mask
> generation function MGF does not work correctly: the last masking block
> does not get filled properly...
>
> this is due to the fact that the loop "for(int i=0;i<limit;i++){step 3.1 &
> step 3.2}" stops one iteration too early, which results in trailing zeroes
> in the result variable...
>
> the problem can easily be solved: "for(int i=0;i<=limit;i++){step 3.1 &
> step 3.2}" does the trick...
>
> I discovered this thanks to an interoperability test... an rsa/pss
> signature did not verify correctly with
> gnu.java.security.sig.rsa.RSAPSSSignature.java
>
> kind regards, danny.
>
> -----------------------------------------------------------------------------
> of course I am ignorant. I just worry whether or not I am ignorant enough...
>
> -----------------------------------------------------------------------------
> mail: danny.decock:at:esat:dot:kuleuven:dot:be http://godot.be
> godot:at:advalvas:dot:be http://godot.studentenweb.org
> godot:at:godot:dot:be web: http://www.esat.kuleuven.be/~decockd
>
>
> Disclaimer: http://www.kuleuven.be/cwis/email_disclaimer.htm
>
>
>
> _______________________________________________
> gnu-crypto-discuss mailing list
>
> gnu-crypto-discuss@xxxxxxx
> http://lists.gnu.org/mailman/listinfo/gnu-crypto-discuss
>
