[OpenID] Random failures when validating signatures
Breno de Medeiros
breno at google.com
Thu Nov 13 17:22:04 UTC 2008
On Thu, Nov 13, 2008 at 9:08 AM, Breno de Medeiros <breno at google.com> wrote:
> See
>
> ==quote
> 4.2. Integer Representations
>
> Arbitrary precision integers MUST be encoded as big-endian signed
> two's complement binary strings. Henceforth, "btwoc" is a function
> that takes an arbitrary precision integer and returns its shortest
> big-endian two's complement representation. All integers that are used
> with Diffie-Hellman Key Exchange are positive. This means that the
> left-most bit of the two's complement representation MUST be zero. If
> it is not, implementations MUST add a zero byte at the front of the
> string.
> ==/quote
>
> This applies, for instance, to the nonce.
Sorry, that is not true. It does not apply to the nonce, but it would
cause you to interpret the "server_public" value incorrectly, and
compute the wrong mac key 50% of the time.
>
>
>
> On Thu, Nov 13, 2008 at 9:04 AM, Richard Davies
> <richard at richarddavies.us> wrote:
>> I'm not sure... could you please elaborate on what I need to do in
>> regards to handling signed types correctly. Thanks.
>>
>> On Nov 13, 8:50 am, Breno de Medeiros <br... at google.com> wrote:
>>> Are you handling signed types correctly? This would cause a 50/50 error rate.
>> _______________________________________________
>> general mailing list
>> general at openid.net
>> http://openid.net/mailman/listinfo/general
>>
>
>
>
> --
> --Breno
>
> +1 (650) 214-1007 desk
> +1 (408) 212-0135 (Grand Central)
> MTV-41-3 : 383-A
> PST (GMT-8) / PDT(GMT-7)
>
--
--Breno
+1 (650) 214-1007 desk
+1 (408) 212-0135 (Grand Central)
MTV-41-3 : 383-A
PST (GMT-8) / PDT(GMT-7)
More information about the general
mailing list