Crypto/rsa : OAEP documentation can lead to misunderstanding regarding max message length, is it a bug?
63 views
Skip to first unread message
AnomalRoil
Sep 20, 2016, 1:44:47 PM9/20/16
to golang-nuts
Hi there,
I was reading the Crypto/RSA documentation, since I'm using OAEP encryption for testing purposes.
So I read this which ends with:
> The message must be no longer than the length of the public modulus less twice the hash length plus 2.
Which I directly translated (maybe me being no native speaker is at fault there) into:
> len(msg) <= len(public_modulus) - 2*len(hash) + 2
which I found puzzling since I thought it should have been -2, as I had checked the standard recently, so I double-checked the RFC which says:
> RSAES-OAEP can operate on messages of length up to k - 2hLen - 2 octets, where hLen is the length of the output from the underlying hash function and k is the length in octets of the recipient's RSA modulus.
I guess it was intended to mean len(msg) <= len(public_modulus) - (2*len(hash) + 2), but those parens are not enough implied by such phrasing, in my opinion.
I've checked and the code is correct, so in the worse case a user may once end up getting an error after trying this "false-positive" border-case, if I may say so.
So here am I: should I open an issue for a trivial sign mistake in a sentence in the documentation?
I don't know what the usage is, I took a look at the guidelines for contributing and did not see any mention of such minor contribution.
I think it would be clearer written as follows (but maybe my usage of the comma is not correct in English?):
> The message must be no longer than the length of the public modulus less twice the hash length, less 2.
Or maybe it would even be better to write it in a more mathematical fashion? Like:
> The message must be no longer than the length of the public modulus - 2 * the hash length - 2.
However, any opinion would be appreciated.
Best regards,
Y.
I was reading the Crypto/RSA documentation, since I'm using OAEP encryption for testing purposes.
So I read this which ends with:
> The message must be no longer than the length of the public modulus less twice the hash length plus 2.
Which I directly translated (maybe me being no native speaker is at fault there) into:
> len(msg) <= len(public_modulus) - 2*len(hash) + 2
which I found puzzling since I thought it should have been -2, as I had checked the standard recently, so I double-checked the RFC which says:
> RSAES-OAEP can operate on messages of length up to k - 2hLen - 2 octets, where hLen is the length of the output from the underlying hash function and k is the length in octets of the recipient's RSA modulus.
I guess it was intended to mean len(msg) <= len(public_modulus) - (2*len(hash) + 2), but those parens are not enough implied by such phrasing, in my opinion.
I've checked and the code is correct, so in the worse case a user may once end up getting an error after trying this "false-positive" border-case, if I may say so.
So here am I: should I open an issue for a trivial sign mistake in a sentence in the documentation?
I don't know what the usage is, I took a look at the guidelines for contributing and did not see any mention of such minor contribution.
I think it would be clearer written as follows (but maybe my usage of the comma is not correct in English?):
> The message must be no longer than the length of the public modulus less twice the hash length, less 2.
Or maybe it would even be better to write it in a more mathematical fashion? Like:
> The message must be no longer than the length of the public modulus - 2 * the hash length - 2.
However, any opinion would be appreciated.
Best regards,
Y.
Nigel Tao
Sep 21, 2016, 9:01:22 PM9/21/16
to AnomalRoil, golang-nuts
On Wed, Sep 21, 2016 at 1:41 AM, AnomalRoil <y...@romailler.ch> wrote:
> So here am I: should I open an issue for a trivial sign mistake in a
> sentence in the documentation?
Opening an issue would have been fine. In this case, though, I just
> So here am I: should I open an issue for a trivial sign mistake in a
> sentence in the documentation?
sent the trivial change out for review:
https://go-review.googlesource.com/29496
Thanks for the note.
Reply all
Reply to author
Forward
0 new messages