From e049c04c07c471168f3334c42b23fa441a206643 Mon Sep 17 00:00:00 2001
From: Viktor Dragomiretskyy <Viktor.Dragomiretskyy@gmail.com>
Date: Mon, 17 Dec 2018 21:46:54 +1300
Subject: [PATCH] Padding bytes may not be zero.

Fixes #18

See pkcs1pad2 in JS_RSA.js:
...
  while(n > 2) { // random non-zero pad
    x[0] = 0;
    while(x[0] == 0) rng.nextBytes(x);
    ba[--n] = x[0];
  }
...
---
 snxconnect.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/snxconnect.py b/snxconnect.py
index 66e99b3..ceda453 100644
--- a/snxconnect.py
+++ b/snxconnect.py
@@ -380,7 +380,7 @@ def pad (self, txt) :
         if self.testing :
             r.append (b'\1' * n)
         else :
-            r.append (os.urandom (n))
+            r.append (bytes([x % 255 + 1 for x in os.urandom (n)]))
         r.append (b'\x02')
         r.append (b'\x00')
         return b''.join (reversed (r))