Skip Menu |
 

This queue is for tickets about the Crypt-RSA CPAN distribution.

Report information
The Basics
Id: 45533
Status: new
Priority: 0/
Queue: Crypt-RSA

People
Owner: Nobody in particular
Requestors: benwilliams [...] mt.gov
Cc:
AdminCc:

Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)



Subject: Crypt::RSA bug in mgf1 function
Date: Tue, 28 Apr 2009 12:57:28 -0600
To: "bug-Crypt-RSA [...] rt.cpan.org" <bug-Crypt-RSA [...] rt.cpan.org>
From: "Williams, Ben" <benwilliams [...] mt.gov>
Download (untitled) / with headers
text/plain 1.2k
I am using Perl v5.10.0 built for MSWin32-x86-multi-thread and Crypt::RSA v 1.98. While trying to decrypt a message using Crypt::RSA that was encrypted with C# .NET library it was found that the mgf1 function is not implemented to match the RSA-OAEP encryption specification (ftp://ftp.rsasecurity.com/pub/rsalabs/rsa_algorithm/rsa-oaep_spec.pdf). The mfg1 function in Crypt::RSA::DataFormat iterates in intervals of twenty (0,20,40,60 ...) and passes the iterator value to the i2osp function. The RSA specification states that mgf1 should iterate by one (0,1,2,3,...) which will cause the iterator value given to i2osp to be different than what was previously implemented. When I change the function to what is below, the Crypt::RSA module then properly decrypts a message from C# .NET library. sub mgf1 { my ($seed, $l) = @_; my $hlen = 20; my ($T, $i) = ("",0); # Modified by Ben Williams to iterate 0,1,2,... instead of 0,20,40,... for (0 .. ($l/$hlen)) { my $C = i2osp (int($i), 4); $T .= sha1("$seed$C"); $i++; } my ($output) = unpack "a$l", $T; return $output; } Ben Williams Technical Services Electronics Engineer MT DOJ Gambling Control Division 406-444-9152 http://www.doj.mt.gov/gaming/


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.