Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Incorrect bits passed to EMSA-PSS-ENCODE #213

Open
blake-watkins opened this issue Oct 2, 2023 · 0 comments
Open

Incorrect bits passed to EMSA-PSS-ENCODE #213

blake-watkins opened this issue Oct 2, 2023 · 0 comments

Comments

@blake-watkins
Copy link

blake-watkins commented Oct 2, 2023

Apologies if this is the incorrect place to raise this. I was looking at the draft and the number of bits passed to EMSA-PSS-ENCODE here seems wrong (section 4.2 step 1):
encoded_msg = EMSA-PSS-ENCODE(msg, bit_len(n))

The argument needs to be bit_len(n) - 1 to ensure that the encoded message is less than the modulus. I think the minus one was there originally but got left off as part of the change from bytes to bits in #173.

The python implementation is working despite passing the modulus bit length to EMSA-PSS-ENCODE because the implementation of EMSA-PSS-ENCODE subtracts one from that argument immediately (which isn't specified in the RFC

def EMSA_PSS_ENCODE(kBits: int, msg: bytes, sLen: int, salt: bytes = None) -> bytes:
    m_hash = H.new(msg).digest()
    hLen = H.digest_size

    emBits = kBits - 1 ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant