Adding standalone RSA code
Colin Percival
colin.percival at wadham.ox.ac.uk
Sat Dec 11 13:00:30 PST 2004
David Schultz wrote:
> For
> instance, as we discussed privately, your RSA encryption routine
> is insecure unless the caller appropriately preprocesses the input
> with a random pad
... or is using it to encode data with at least 128 bits of entropy...
> and the documentation doesn't seem to mention
> this caveat. I'm sure *you* know how to use your library
> securely, but it could be dangerous to someone else.
True enough, but I was planning on revising my interface (e.g., to use
OAEP) and documentation before committing anyway.
> That said, it still puzzles me that you don't want to use
> OpenSSL's rsautl.
I wrote my RSA code long before I started working on FreeBSD Update; so
when I needed some code for signing my update index, I used the most
convenient code -- the code which I had written, understood intimately,
and trusted.
Colin Percival
More information about the freebsd-arch
mailing list