alphasigmax at gmail.com
Fri Sep 22 02:44:50 CEST 2006
Robert J. Hansen wrote:
> I don't know off the top of my head whether DSA supports firewalled hash
> functions or not. I believe that the last time I checked the spec, I
> came to the conclusion it did not.
> RSA signing keys, on the other hand, do support firewalling.
Interesting. I'm looking at the "official" (November 1998) RFC 2440 and
it's not immediately obvious that this is the case; although both the
Version 3 and Version 4 signature packet formats say that the hash
algorithm is part of the body of the packet, it says of RSA signatures:
> With RSA signatures, the hash value is encoded as described in PKCS-1
> section 10.1.2, "Data encoding", producing an ASN.1 value of type
> DigestInfo, and then padded using PKCS-1 block type 01 [RFC2313].
> This requires inserting the hash value as an octet string into an
> ASN.1 structure. The object identifier for the type of hash being
> used is included in the structure. The hexadecimal representations
> for the currently defined hash algorithms are:
Note that it's also not immediately obvious what the format of the
signature packet used in a clearsigned message is... I haven't looked at
the "working draft" of the RFC but hopefully it's a lot clearer than the
Death to all fanatics!
Down with categorical imperative!
OpenPGP key: http://tinyurl.com/lvq4g
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 569 bytes
Desc: OpenPGP digital signature
Url : /pipermail/attachments/20060922/6d5120c0/signature-0001.pgp
More information about the Gnupg-users