Ok cool. I'll call a vote tomorrow. Colm.
On Mon, Apr 13, 2015 at 5:35 PM, Cantor, Scott <canto...@osu.edu> wrote: > On 4/13/15, 9:56 AM, "Cantor, Scott" <canto...@osu.edu> wrote: > > >On 4/13/15, 5:10 AM, "Colm O hEigeartaigh" <cohei...@apache.org> wrote: > >> > >>I'll call a vote on a 2.0.4 Java release in a few days, so shout now if > there is anything else to go into it. > > > >I (or somebody from my project) may be filing a bug soon related to what > appears to be a regression in the RSA verify code that dates back a while > (probably to before 2.0.0). We're seeing signatures fail that a lot of > other tools are reporting are valid (the C++ library included). Seems to be > related to signature length and padding issues when the signature has 00 > bytes and ends up encoded as shorter than 256 bytes (for a 2048 bit key > anyway). > > I could have held my tongue and saved the time, but Ian says he's found > pretty clear spec language in the RFCs that indicate the Java code is > right, and everything else seems to be wrong, so false alarm. It does seem > that the old 1.4 Java code accepted these signatures, so apparently it was > a bug and was fixed. > > We don't think the false positives are a big thing since it's just > implicitly padding zeros probably, but it's not strictly correct. I'm going > to file a Santuario C++ bug and look into what OpenSSL's primitives are > doing. > > -- Scott > > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
