gpgsm --import of CA certificate: Bad signature?

Werner Koch wk at
Wed Apr 18 15:11:41 CEST 2007

On Wed, 18 Apr 2007 14:11, simon at said:

> It is possible to avoid a DER/BER decoder if you generate two
> structures, one with NULL parameters and one with absent parameters,
> and compare both against what's in the decrypted signatures.

There is a plan tomove pkcs#1 decoding into libgcrypt.  This would allow
us to do a second compare without too much changes.  I'll put it onto my
todo list but don't expect it to happen anytime soon.

> GnuTLS accepts both variants, so I made the change.  I'll release an
> updated stable version to help get it out as soon as possible.

Would it be sufficient to do that just for SHA-1?  In that case a hack
in cipher/rsa.c would do the trick without too much fear of regression.



More information about the Gnupg-users mailing list