You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
According to RFC 8017: PKCS#1 v2.2, all cryptographic primitives should be performing range checks on their inputs. Specifically, section 5.1.2. says for RSADP
If the ciphertext representative c is not between 0 and n - 1, output "ciphertext representative out of range" and stop
and section 5.2.1. says for RSASP1
If the message representative m is not between 0 and n - 1, output "message representative out of range" and stop.
These two functions are the same and correspond to decrypt_int/decrypt_int_fast in Python-RSA. These functions should be updated since they do not have the necessary range checks. This would result in a minor API change because the user would have to consider handling new possible exceptions.
According to RFC 8017: PKCS#1 v2.2, all cryptographic primitives should be performing range checks on their inputs. Specifically, section 5.1.2. says for RSADP
and section 5.2.1. says for RSASP1
These two functions are the same and correspond to
decrypt_int
/decrypt_int_fast
in Python-RSA. These functions should be updated since they do not have the necessary range checks. This would result in a minor API change because the user would have to consider handling new possible exceptions.See #234 for more context.
The text was updated successfully, but these errors were encountered: