On March 25, 2004 09:03 am, Richard Levitte - VMS Whacker wrote: > In message <[EMAIL PROTECTED]> on Wed, 24 Mar > 2004 10:40:14 -0500, Geoff Thorpe <[EMAIL PROTECTED]> said: > > geoff> Well I was meaning counter-intuitive at the nit-picking level > geoff> more than anything warranting CVS action. To my mind, they > geoff> *both* RSA_NO_PADDING and RSA_ALREADY_PADDED mean "don't > geoff> prepend any padding", but only one of them means "because I've > geoff> already ensured the required conditions are met". But other > geoff> readings are possible (and clearly, RSA_NO_PADDING has survived > geoff> this far for the simple reason that nobody has seen anything to > geoff> justify meddling with it). > > You know, nothing says we can't have both macros, one basically being > an alias for the other. Reeedundant, sure, but allows the programmer > to express what he does in a possibly more readable way for some (and > it might very well be that some padding has already been applied to > the message, making RSA_ALREADY_PADDED the more appropriate to use, > but it may also be that the message has the required size to begin > with, which makes RSA_NO_PADDING more appropriate).
Well I'm not sure it's wise to introduce an aliased flag that could be interpreted differently, implying falsely that there's some behavioural difference between the two when there isn't. The only thing that would genuinely change the landscape of this issue IMHO would be to rerig the RSA API to allow input lengths to be specified independantly of the modulus/output length. Right now, output buffers are supplied without a length parameter and the API has no choice but to assume this matches the input length, and the problems stem from there. But I think this is more trouble for less gain than most people would be willing to take on :-) Cheers, Geoff -- Geoff Thorpe [EMAIL PROTECTED] http://www.geoffthorpe.net/ ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
