4 Aug
2016
4 Aug
'16
4:05 a.m.
nisse@lysator.liu.se (Niels Möller) writes:
Do you think it is sufficient for gnutls to add an extra check that p and q are odd in nettle's rsa_compute_root? (Used also by rsa_compute_root_tr).
On second look, it can't be rsa_compute_root, since that function has no return value. Is it sufficient for gnutls to do this check in rsa_compute_root_tr instead?
I also note that a check is needed in dsa_sign, which otherwise would crash if the group is invalid, with an even p.
Regards, /Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.