[pycrypto] documentation for PKCS1_PSS.py is incorrect, plus minor issue w/ _slowmath.py

Gurney, John-Mark john-mark at cryptography.com
Thu May 24 19:36:22 EDT 2012

Since that is for compatibility w/ _fastmath, I agree that it shouldn't go there then.

How about a fix to RSA's construct method that attempts to convert the tuple's contents to longs?

Such as:
key = self._math.rsa_construct(*(long(x) for x in tup))

on line 539.

Thanks for fixing the doc bug!

-----Original Message-----
From: Dwayne C. Litzenberger [mailto:dlitz at dlitz.net] 
Sent: Thursday, May 24, 2012 3:58 PM
To: Gurney, John-Mark
Cc: pycrypto at lists.dlitz.net
Subject: Re: [pycrypto] documentation for PKCS1_PSS.py is incorrect, plus minor issue w/ _slowmath.py

On Wed, May 23, 2012 at 10:48:03AM -0700, Gurney, John-Mark wrote:
>In the file on lines 41 & 42 it has:
>>>> signer = PKCS1_PSS.new(key)
>>>> signature = PKCS1_PSS.sign(key)
>The second line is incorrect.  It should be:
>>>> signature = signer.sign(h)

I've committed a fix.  Thanks!

>Oh, there is also a bogus assertion in _slowmath.py:
>On line 85, it asserts that e is long.  If you have an e of 3, it is reasonable for e to be a normal int, and not a long.  Maybe the asserts should be changed to:
>n = long(n)
>e = long(e)
>So that python will convert the types properly.

No, those assertions in _slowmath are there so that we catch usage that would break when using _fastmath.

_fastmath.rsa_construct (which is written in C) requires long parameters in order to keep the C code simple.  If we do the implicit conversions in _slowmath, we should also have do the conversions in _fastmath.  Since _fastmath is an internal module, I see no reason for the added complexity (and risk of bugs).

- Dwayne

Dwayne C. Litzenberger <dlitz at dlitz.net>
  OpenPGP: 19E1 1FE8 B3CF F273 ED17  4A24 928C EC13 39C2 5CF7

More information about the pycrypto mailing list