[43502] in cryptography@c2.net mail archive

home help back first fref pref prev next nref lref last post

Re: A note on vendor reaction speed to the e=3 problem

daemon@ATHENA.MIT.EDU (David Shaw)
Fri Sep 15 18:59:21 2006

X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Fri, 15 Sep 2006 14:22:39 -0400
From: David Shaw <dshaw@jabberwocky.com>
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>
Cc: cryptography@metzdowd.com
Mail-Followup-To: Peter Gutmann <pgut001@cs.auckland.ac.nz>,
	cryptography@metzdowd.com
In-Reply-To: <E1GOHb5-0001tE-00@medusa01.cs.auckland.ac.nz>

On Sat, Sep 16, 2006 at 05:35:27AM +1200, Peter Gutmann wrote:
> David Shaw <dshaw@jabberwocky.com> writes:
> 
> >Incidentally, GPG does not attempt to parse the PKCS/ASN.1 data at all.
> >Instead, it generates a new structure during signature verification and
> >compares it to the original.
> 
> How does it handle the NULL vs.optional parameters ambiguity?

GPG generates a new structure for each comparison, so just doesn't
include any extra parameters on it.  Any optional parameters on a
signature would cause that signature to fail validation.

RFC-2440 actually gives the exact bytes to use for the ASN.1 stuff,
which nicely cuts down on ambiguity.

David

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com

home help back first fref pref prev next nref lref last post