DDS-Security 1.0 FTF Avatar
  1. OMG Issue

DDSSEC_ — The padding used when encrypting the shared secret is not specified

Open Closed All
  • Key: DDSSEC_-38
  • Status: closed  
  • Source: eProsima ( Mr. Jaime Martin-Losa)
  • Summary:

    RTI's secure DDS implementation uses RSA_PKCS1_OAEP_PADDING to encrypt the shared secret during the handshake process, but this is not present in the specification.
  • Reported: DDS-Security 1.0b1 — Mon, 28 Sep 2015 06:09 GMT
  • Disposition: Resolved — DDS-Security 1.0
  • Disposition Summary:

    On section 9.3.4 specify the padding used when using the PublicKey to encrypt something.

    Modify Table 36 in section 9.3.4.1 to specify that the operation Encrypt(PubK, data) should use EME-OAEP padding as defined in PKCS #1 v2.0 with SHA-1, MGF1 and an empty encoding parameter.

    Note: This corresponds to using the RSA_PKCS1_OAEP_PADDING option when calling RSA_public_encrypt() on the OpenSSL library.
  • Updated: Tue, 12 Jul 2016 14:45 GMT