[43892] in cryptography@c2.net mail archive

home help back first fref pref prev next nref lref last post

Re: A note on vendor reaction speed to the e=3 problem

daemon@ATHENA.MIT.EDU (David Shaw)
Sun Sep 17 11:23:04 2006

X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Sat, 16 Sep 2006 17:34:23 -0400
From: David Shaw <dshaw@jabberwocky.com>
To: cryptography@metzdowd.com
Mail-Followup-To: cryptography@metzdowd.com
In-Reply-To: <450B62DC.1090206@echeque.com>

On Sat, Sep 16, 2006 at 12:35:08PM +1000, James A. Donald wrote:
>     --
> Peter Gutmann wrote:
> > > How does [GPG] handle the NULL vs.optional
> > > parameters ambiguity?
> 
> David Shaw:
> > GPG generates a new structure for each comparison, so
> > just doesn't include any extra parameters on it.  Any
> > optional parameters on a signature would cause that
> > signature to fail validation.
> >
> > RFC-2440 actually gives the exact bytes to use for the
> > ASN.1 stuff, which nicely cuts down on ambiguity.
> 
> This amounts to *not* using ASN.1 - treating the ASN.1
> data as mere arbitrary padding bits, devoid of
> information content.

That is correct.  OpenPGP passes the hash identification in the
OpenPGP data as well as encoded in ASN.1 for the PKCS-1 structure.
Since there is another source for the information, it is unnecessary
to generate or parse ASN.1.  In the case of GPG specifically (other
implementations may do the same, but I can't say for sure), all ASN.1
data is hardcoded opaque strings.

David

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com

home help back first fref pref prev next nref lref last post