[or-cvs] r17685: {tor} Ben confirms that the MUST in rfc2631 is only for compatibil (tor/trunk/src/common)
nickm at seul.org
nickm at seul.org
Thu Dec 18 16:11:17 UTC 2008
Author: nickm
Date: 2008-12-18 11:11:16 -0500 (Thu, 18 Dec 2008)
New Revision: 17685
Modified:
tor/trunk/src/common/crypto.c
Log:
Ben confirms that the MUST in rfc2631 is only for compatibility with X9.42, and isn't actually a security thing.
Modified: tor/trunk/src/common/crypto.c
===================================================================
--- tor/trunk/src/common/crypto.c 2008-12-18 16:11:12 UTC (rev 17684)
+++ tor/trunk/src/common/crypto.c 2008-12-18 16:11:16 UTC (rev 17685)
@@ -1643,13 +1643,6 @@
goto error;
}
secret_len = result;
- /* sometimes secret_len might be less than 128, e.g., 127. that's ok. -RD */
- /* Actually, http://www.faqs.org/rfcs/rfc2631.html says:
- * Leading zeros MUST be preserved, so that ZZ occupies as many
- * octets as p. For instance, if p is 1024 bits, ZZ should be 128
- * bytes long.
- * XXX021 What are the security implications here? -NM
- */
if (crypto_expand_key_material(secret_tmp, secret_len,
secret_out, secret_bytes_out)<0)
goto error;
More information about the tor-commits
mailing list