[PATCH] Add a simple PKCS#1 padding mode
Dmitry Eremin-Solenikov
dbaryshkov at gmail.com
Mon Dec 16 19:17:26 CET 2013
Hello,
On Mon, Dec 16, 2013 at 9:05 PM, Werner Koch <wk at gnupg.org> wrote:
> On Mon, 16 Dec 2013 17:40, dbaryshkov at gmail.com said:
>
>> Allow user to specify (flags pkcs1) to enable pkcs1 padding of raw value
>> (no hash algorithm is specified). It is up to the user to verify that
>> passed value is properly formatted and includes DER-encoded ASN OID of
>> the hash function.
>
> Please xplain this too. Why shall we add a crippled pkcs#1 mode? Is
> this tfor the SHA1+MD5 hash of TLS? If so, we should add a specila
> hash-algo string.
No, this is purely for users to verify hash algorithm OID on their own.
Basically that is the way how GnuTLS expects to sign/verify to work
(ATM). This can be changed, with cooperation from GnuTLS, but for
now I wanted to be as not-intrusive, as possible.
--
With best wishes
Dmitry
More information about the Gcrypt-devel
mailing list