From c4bce4aa60e62b55e2f7781a2aa55c2e30db2112 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Mon, 13 Jun 2011 12:33:08 +0200
Subject: Fixed a pkcs#1 v1.5 flaw regarding leading zero bytes

With these changes the entire new pkcs#1 test suite passes fine.

The leading zero bytes used to appear due to mixed signed/unsigned use
of our internal representation of the values as MPIs.  The changed code
also detected another bug in the DSA selftest which used the pkcs1
flag - this was certainly wrong but didn't throw an error.  The code
in GnuPG does the right thing thus I believe not too many applications
got it as wrong as we in our own selftest.
---
 NEWS | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'NEWS')

diff --git a/NEWS b/NEWS
index d3e3b95a..b2aca57d 100644
--- a/NEWS
+++ b/NEWS
@@ -10,9 +10,11 @@ Noteworthy changes in version 1.5.x (unreleased)
 
  * Support for OAEP and PSS methods as described by RFC-3447.
 
+ * Fixed PKCS v1.5 code to always return the leading zero.
+
  * New format specifiers "%M" and "%u" for gcry_sexp_build.
 
- * gcry_sexp_build does now support opaque MPIs with "%m" and "%M".
+ * Support opaque MPIs with "%m" and "%M" in gcry_sexp_build.
 
  * New functions gcry_pk_get_curve and gcry_pk_get_param to map ECC
    parameters to a curve name and to retrieve parameter values.
-- 
cgit v1.2.1