[pycrypto] Bug in PyCrypto 2.6.1

Mirko Dziadzka mirko.dziadzka at gmail.com
Mon Dec 1 09:23:05 PST 2014


Oh, I totally agree. Either the name or the implementation has a problem.

I was just pointing out that the behavior is consistent with the documentation in https://www.dlitz.net/software/pycrypto/api/current/Crypto.PublicKey.RSA._RSAobj-class.html#size

    Mirko


On 01.12.2014, at 17:31, Paul Koning <paul_koning at dell.com> wrote:

> To me, key_size means the size of the key.  It doesn’t mean the largest value you can encrypt.  If that is what is intended, or if it has to stay that way for historical reasons, fine, but it needs to be very clearly pointed out in the documentation because it is unexpected and counterintuitive.
> 
> 	paul
> 
>> On Dec 1, 2014, at 11:13 AM, Mirko Dziadzka <mirko.dziadzka at gmail.com> wrote:
>> 
>> HI
>> 
>> Some thoughts about this …
>> 
>>> _RSA.RSAobj.size.__doc__ says: Return the maximum number of bits that can be handled by this key
>> 
>> An RSA key can only encrypt data smaller than this key. So if we have an 2048 bit RSA key, it can encrypt some 2048 bit values, but not all. So 2047 should be the safe value here.
>> 
>> IMHO this -1 is correct here.
>> 
>> Mirko
> 
> _______________________________________________
> pycrypto mailing list
> pycrypto at lists.dlitz.net
> http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto



More information about the pycrypto mailing list