Date: Sat, 11 Dec 2004 13:00:28 -0800 From: Colin Percival <colin.percival@wadham.ox.ac.uk> To: David Schultz <das@freebsd.org> Cc: freebsd-arch@freebsd.org Subject: Re: Adding standalone RSA code Message-ID: <41BB5FEC.30100@wadham.ox.ac.uk> In-Reply-To: <20041211201821.GA37211@VARK.MIT.EDU> References: <41B92CF3.2090302@wadham.ox.ac.uk> <20041211020518.GA74718@dragon.nuxi.com> <41BA6BDE.5070909@wadham.ox.ac.uk> <20041211035012.GB93068@dragon.nuxi.com> <41BA702C.3010909@wadham.ox.ac.uk> <20041211201821.GA37211@VARK.MIT.EDU>
next in thread | previous in thread | raw e-mail | index | archive | help
David Schultz wrote: > For > instance, as we discussed privately, your RSA encryption routine > is insecure unless the caller appropriately preprocesses the input > with a random pad ... or is using it to encode data with at least 128 bits of entropy... > and the documentation doesn't seem to mention > this caveat. I'm sure *you* know how to use your library > securely, but it could be dangerous to someone else. True enough, but I was planning on revising my interface (e.g., to use OAEP) and documentation before committing anyway. > That said, it still puzzles me that you don't want to use > OpenSSL's rsautl. I wrote my RSA code long before I started working on FreeBSD Update; so when I needed some code for signing my update index, I used the most convenient code -- the code which I had written, understood intimately, and trusted. Colin Percival
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?41BB5FEC.30100>