On Saturday, 20 January 2007 02:46, Michal Schmidt wrote: > Rafael J. Wysocki wrote: > > Hm, as far as I remember, key_data is not just plain key and it can be > > greater than 512 bytes. And that would explain one bug report related > > to > > the encryption with RSA. > > (struct encrypted_key).data contains the encrypted pair (k, i). The > session key (k) is 16 bytes and the initialization vector (i) is 8 > bytes. The result can't be greater than the 512 bytes long RSA modulus.
OK > > Frankly, I have to check the code, but that will need to wait for a couple > > of > > days. > > > > Now, I think we can fix all that by using two pages for the header, but it > > would complicate things a bit (not too much, but still). > > > BTW, I played with shrinking the header even more. I realized that we > don't really need all the RSA components (n, e, d, p, q, u) for > decryption. Only the modulus (n) and the private exponent (d) are > absolutely necessary. It is nice to have the public exponent (e) too, > for RSA blinding (anyway, libgcrypt always generates 65537 for (e), > unless told otherwise). > > You can take a look at the attached patch, which shrinks struct > swsusp_info to 2028 bytes on i386. This is achieved by only saving the > components (n, e, d). > I am _not_ proposing to merge this one, because it requires a slightly > modified libgcrypt to work. Original libgcrypt insists on knowing all > the six components, Exactly. > even though it doesn't really need them. I consider that a bug in libgcrypt. I think OpenSSL started to do this too at some point. Anyway, you evidently know libgcrypt much better than I do. ;-) I'm going to apply your previous patch as a short term fix. In the long run I'd like to fix this by using a separate page for storing the encryption-related data. Greetings, Rafael -- If you don't have the time to read, you don't have the time or the tools to write. - Stephen King ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Suspend-devel mailing list Suspend-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/suspend-devel