gpgsm --import of CA certificate: Bad signature?
simon at josefsson.org
Wed Apr 18 17:34:30 CEST 2007
Werner Koch <wk at gnupg.org> writes:
> On Wed, 18 Apr 2007 14:11, simon at josefsson.org said:
>> It is possible to avoid a DER/BER decoder if you generate two
>> structures, one with NULL parameters and one with absent parameters,
>> and compare both against what's in the decrypted signatures.
> There is a plan tomove pkcs#1 decoding into libgcrypt. This would allow
> us to do a second compare without too much changes. I'll put it onto my
> todo list but don't expect it to happen anytime soon.
Doing PKCS#1 in libgcrypt would be useful for GnuTLS too. I'd like to
remove that code in the long run... OTOH, it seems likely that GnuTLS
will use some assuan-like protocol and an agent to do private key
signing operations, so maybe this concern will be moot.
>> GnuTLS accepts both variants, so I made the change. I'll release an
>> updated stable version to help get it out as soon as possible.
> Would it be sufficient to do that just for SHA-1? In that case a hack
> in cipher/rsa.c would do the trick without too much fear of regression.
I don't know. If you do it for SHA-1, that will cover many practical
situations and that may be enough.
More information about the Gnupg-users