Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authentication intermittently fails due to incorrect padding. #18

Open
uunicorn opened this issue Dec 17, 2018 · 0 comments · May be fixed by #19
Open

Authentication intermittently fails due to incorrect padding. #18

uunicorn opened this issue Dec 17, 2018 · 0 comments · May be fixed by #19

Comments

@uunicorn
Copy link

Random bytes in the PW_Encode.pad() are not allowed to be zero:
See JS_RSA.js:

// PKCS#1 (type 2, random) pad input string s to n bytes, and return a bigint
function pkcs1pad2(s,n) {
...
  while(n > 2) { // random non-zero pad
    x[0] = 0;
    while(x[0] == 0) rng.nextBytes(x);
    ba[--n] = x[0];
  }
...
}
uunicorn added a commit to uunicorn/snxvpn that referenced this issue Dec 17, 2018
@uunicorn
Padding bytes may not be zero.
e049c04 
Fixes schlatterbeck#18

See pkcs1pad2 in JS_RSA.js:
...
  while(n > 2) { // random non-zero pad
    x[0] = 0;
    while(x[0] == 0) rng.nextBytes(x);
    ba[--n] = x[0];
  }
...
@uunicorn uunicorn linked a pull request Dec 17, 2018 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Padding bytes may not be zero. uunicorn/snxvpn
1 participant
@uunicorn