<br><font size=2 face="sans-serif">I had two bugs in my Java implementation
early on with the same symptom.</font>
<br>
<br><font size=2 face="sans-serif">One was to do with BigInteger.xor returning
a negative (so for some of the data types I switched to byte[] and did
thing manually).</font>
<br>
<br><font size=2 face="sans-serif">The other was more subtle. When generating
a random private key dor my association "y", I wasn't always
making sure that:</font>
<br>
<br><font size=2 face="sans-serif">1 <= y < p-1</font>
<br>
<br><font size=2 face="sans-serif">This was much harder to track down.
(see http://openid.net/specs/openid-authentication-1_1.html section 4.1.3)</font>
<br>
<br><font size=2 face="sans-serif">Hope this helps.</font>
<br>
<br><font size=2 face="sans-serif">Regards,<br>
Shane.</font>
<br>
<br>
<br>
<br>
<br>
<table width=100%>
<tr valign=top>
<td width=40%><font size=1 face="sans-serif"><b>Breno de Medeiros <breno@google.com></b>
</font>
<br><font size=1 face="sans-serif">Sent by: general-bounces@openid.net</font>
<p><font size=1 face="sans-serif">14/11/2008 10:09 AM</font>
<td width=59%>
<table width=100%>
<tr valign=top>
<td>
<div align=right><font size=1 face="sans-serif">To</font></div>
<td><font size=1 face="sans-serif">Richard Davies <richard@richarddavies.us></font>
<tr valign=top>
<td>
<div align=right><font size=1 face="sans-serif">cc</font></div>
<td><font size=1 face="sans-serif">general@openid.net</font>
<tr valign=top>
<td>
<div align=right><font size=1 face="sans-serif">Subject</font></div>
<td><font size=1 face="sans-serif">Re: [OpenID] Random failures when validating
signatures</font></table>
<br>
<table>
<tr valign=top>
<td>
<td></table>
<br></table>
<br>
<br>
<br><tt><font size=2>I would introduce tests to ensure that the BigIntegers
are positive<br>
everywhere, just to make sure.<br>
<br>
On Thu, Nov 13, 2008 at 4:06 PM, Richard Davies<br>
<richard@richarddavies.us> wrote:<br>
> On Nov 13, 9:30 am, Richard Davies <rich...@richarddavies.us>
wrote:<br>
>> Oh. Good suggestion. I have a btwoc() function to convert my integers<br>
>> into strings, but I don't think I was paying particular attention
to<br>
>> how I was "unbtwoc()" the server_public value. I'll
take a look at<br>
>> that. Thanks.<br>
><br>
> I'm using Java BigIntegers to store my numbers. As far as I can tell,<br>
> it looks like this class stores them internally in the same format<br>
> that btwoc() produces. In other words, the BigInteger.toByteArray()<br>
> method seems to be equivalent to btwoc(). And when I create a<br>
> BigInteger from a byte array (such as the server_public value), it<br>
> correctly accounts for the leading 0 byte to make the number positive.<br>
> So, as far as I can tell, I am handling the signed numbers correctly<br>
> because BigInteger handles those details for me behind the scenes.<br>
><br>
> So I'm back to square one. About half of the time, it's reporting
that<br>
> the signature is invalid and I'm not where where I'm messing up in
the<br>
> validation process. I still think it may be a character encoding<br>
> issue, but I'm not sure. Any other suggestions?<br>
> _______________________________________________<br>
> general mailing list<br>
> general@openid.net<br>
> http://openid.net/mailman/listinfo/general<br>
><br>
<br>
<br>
<br>
-- <br>
--Breno<br>
<br>
+1 (650) 214-1007 desk<br>
+1 (408) 212-0135 (Grand Central)<br>
MTV-41-3 : 383-A<br>
PST (GMT-8) / PDT(GMT-7)<br>
_______________________________________________<br>
general mailing list<br>
general@openid.net<br>
http://openid.net/mailman/listinfo/general<br>
</font></tt>
<br>