On Saturday, 20 January 2007 02:46, Michal Schmidt wrote:
> Rafael J. Wysocki wrote:
> > Hm, as far as I remember, key_data is not just plain key and it can be
> > greater than 512 bytes. And that would explain one bug report related
> > to
> > the encryption with RSA.
>
> (struct encrypted_key).data contains the encrypted pair (k, i). The
> session key (k) is 16 bytes and the initialization vector (i) is 8
> bytes. The result can't be greater than the 512 bytes long RSA modulus.
OK
> > Frankly, I have to check the code, but that will need to wait for a couple
> > of
> > days.
> >
> > Now, I think we can fix all that by using two pages for the header, but it
> > would complicate things a bit (not too much, but still).
>
>
> BTW, I played with shrinking the header even more. I realized that we
> don't really need all the RSA components (n, e, d, p, q, u) for
> decryption. Only the modulus (n) and the private exponent (d) are
> absolutely necessary. It is nice to have the public exponent (e) too,
> for RSA blinding (anyway, libgcrypt always generates 65537 for (e),
> unless told otherwise).
>
> You can take a look at the attached patch, which shrinks struct
> swsusp_info to 2028 bytes on i386. This is achieved by only saving the
> components (n, e, d).
> I am _not_ proposing to merge this one, because it requires a slightly
> modified libgcrypt to work. Original libgcrypt insists on knowing all
> the six components,
Exactly.
> even though it doesn't really need them. I consider that a bug in libgcrypt.
I think OpenSSL started to do this too at some point.
Anyway, you evidently know libgcrypt much better than I do. ;-)
I'm going to apply your previous patch as a short term fix. In the long run
I'd like to fix this by using a separate page for storing the encryption-related
data.
Greetings,
Rafael
--
If you don't have the time to read,
you don't have the time or the tools to write.
- Stephen King
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Suspend-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/suspend-devel
