"+" bug in mac_key?

Wechsler wechsler at phase.org
Sat Aug 6 13:38:11 PDT 2005

meepbear * wrote:
>> Now, I appreciate that this is a bit of a weird bug, but I thought I'd 
>> throw it into the mix and see if it meant anything to anyone.
> Version 1.2.7 doesn't appear to do any padding in case the high bit is 
> set which will result in mismatched calculated mac keys.
> Another thing I noticed is that your generated keys have 160 bit entropy 
> while the default mod is (rounded up) a 1024 bit number.

Sorry 'bout the delay here, but I've been out of action with the flu 
since I last posted.

Now, I suspect that the answer that I need may be in your reply, but I 
can't follow it (possibly because I know nowt about crypto). Firstly, I 
assume you're referring to revision 127 of my code - it doesn't have 
x.y.z version numbers.

Secondly, I'm far from clear *what* I should be prepending (a 
zero-byte?) to, to prevent sign errors. All arbitrary-precision numbers? 
  (I assume it can't hurt to zero-pad anything that doesn't have the top 
bit set).

Thirdly - the DH public key (determined by the randomly selected private 
key?) needs to be longer? GMP docs on the PHP site are very vague on 
what the parameter to gmp_random actually means, so I'm guessing.

I suspect I'm asking what many will think rather basic questions here, 
but this is ground with which I'm rather unfamiliar, is tricky to test, 
and which seems to stretch PHP somewhat, for that matter.

That said, I doubt I'm the only web coder out there who's new to all the 
crypto stuff...

Looking forward to clarifications on this.


More information about the yadis mailing list