On 01/26/2012 12:04 AM, helpcrypto helpcrypto wrote:
Robert Relyea<rrel...@redhat.com> wrote:
Sorry my bad, I wasn't clear. The double decrypt happens in the case where
you first call C_Decrypt with pData = NULL. In that case you can return 128
instead of decrypting the data just to get the length. In the case where
C_Decrypt is called with pData != NULL, you need to return the actual number
of bytes coded by the PKCS #1 encoding because you are actually returning
the decrypted data at this point.
AFAIK
first call C_Decrypt with pData=NULL and pulDataLen=0 should return
the decrypt bytes length (X).
Then, second call should have pData!=NULL and pulDataLen=y.
if y<X ->CKR_BUFFER_TOO_SMALL
Returning 128 doesnt work (and shouldnt), cause the decrypted data is
24 (always?) bytes length
In the first call you need to return a value at least big enough to hold
the decrypted data. 128 bytes (size of encrypted data) is big enough for
RSA. This isn't ideal, however. You keep saying the data is 24 bytes,
but that's not a given, it's only true in the case you were talking. If
you receive a different type of key it could be a different size. Even
if I know the key type is RC5, for instance, I still don't know the key
length. That is encoded in the PKCS #1. In order to get that you need to
decrypt the block. That is why I was saying using the first call/second
call method could lead to needing to double decrypt (once to find the
length and once to return the data).
Anyhow, i now return the correct size (24) and dont "trust" on
C_Decrypt input pulDataLen.
err, are you hard coding the size at 24. That is not what I said to do.
You function that use used to decrypt your PKCS #1 data returns a data
length somewhere. It has to or the function is incomplete (it's not
really processing the PKCS #1 data). That data length is what you need
to return.
bob
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
