Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Authentication intermittently fails due to incorrect padding. #18

Open
uunicorn opened this issue Dec 17, 2018 · 0 comments · May be fixed by #19
Open

Authentication intermittently fails due to incorrect padding. #18

uunicorn opened this issue Dec 17, 2018 · 0 comments · May be fixed by #19

Comments

@uunicorn
Copy link

Random bytes in the PW_Encode.pad() are not allowed to be zero:
See JS_RSA.js:

// PKCS#1 (type 2, random) pad input string s to n bytes, and return a bigint
function pkcs1pad2(s,n) {
...
  while(n > 2) { // random non-zero pad
    x[0] = 0;
    while(x[0] == 0) rng.nextBytes(x);
    ba[--n] = x[0];
  }
...
}
uunicorn added a commit to uunicorn/snxvpn that referenced this issue Dec 17, 2018
@uunicorn
Padding bytes may not be zero.
e049c04 
Fixes schlatterbeck#18

See pkcs1pad2 in JS_RSA.js:
...
  while(n > 2) { // random non-zero pad
    x[0] = 0;
    while(x[0] == 0) rng.nextBytes(x);
    ba[--n] = x[0];
  }
...
@uunicorn uunicorn linked a pull request Dec 17, 2018 that will close this issue
Open
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Padding bytes may not be zero. uunicorn/snxvpn
1 participant
@uunicorn