Re: How to Calculate Signatures?
hal@finney.org ("Hal Finney") Sat, 02 April 2005 20:19 UTC
Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA22916 for <openpgp-archive@lists.ietf.org>; Sat, 2 Apr 2005 15:19:05 -0500 (EST)
Received: from above.proper.com (localhost.vpnc.org [127.0.0.1]) by above.proper.com (8.12.11/8.12.9) with ESMTP id j32K2qx4032526; Sat, 2 Apr 2005 12:02:52 -0800 (PST) (envelope-from owner-ietf-openpgp@mail.imc.org)
Received: (from majordom@localhost) by above.proper.com (8.12.11/8.12.9/Submit) id j32K2qL2032525; Sat, 2 Apr 2005 12:02:52 -0800 (PST)
X-Authentication-Warning: above.proper.com: majordom set sender to owner-ietf-openpgp@mail.imc.org using -f
Received: from finney.org (226-132.adsl2.netlojix.net [207.71.226.132]) by above.proper.com (8.12.11/8.12.9) with ESMTP id j32K2qta032519 for <ietf-openpgp@imc.org>; Sat, 2 Apr 2005 12:02:52 -0800 (PST) (envelope-from hal@finney.org)
Received: by finney.org (Postfix, from userid 500) id 31E9157EE9; Sat, 2 Apr 2005 12:16:14 -0800 (PST)
To: ietf-openpgp@imc.org
Subject: Re: How to Calculate Signatures?
Message-Id: <20050402201614.31E9157EE9@finney.org>
Date: Sat, 02 Apr 2005 12:16:14 -0800
From: hal@finney.org
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
Ben Laurie writes: > The sections on calculating signatures are really confusing. I can't > currently suggest alternate text for most of it because its far from > clear to me what the actual algorithms are. If someone explains, I'll do > my best to write clarifying text. You're right, this is really messed up. The authoritative section on what to hash is 5.2.4. We should refer forward to that section and not include detailed information about what is hashed in the sections on V3 and V4 signature packets. We should make it clear that the DSA signature algorithm works directly on the hash value that results from 5.2.4. We should say that RSA signatures use that hash and prepend the sequence of bytes identified as the "full hash prefixes". We could probably remove the hexadecimal equivalents to the ASN.1 OIDs; if someone understands ASN.1 well then the OIDs are enough, and if not then they can just follow the rule to prepend the proper byte sequences and that will work. This then gets padded as in PKCS#1 v1.5 signatures. We should have a sentence clarifying that this is what gives us the value "m" used in the signature calculation. Hal
- How to Calculate Signatures? Ben Laurie
- Re: How to Calculate Signatures? "Hal Finney"
- Re: How to Calculate Signatures? Ben Laurie
- Re: How to Calculate Signatures? Ben Laurie
- Re: How to Calculate Signatures? Ben Laurie
- Re: How to Calculate Signatures? Konrad Rosenbaum
- Re: How to Calculate Signatures? Ian G
- Re: How to Calculate Signatures? Ben Laurie
- Re: How to Calculate Signatures? Ben Laurie
- Re: How to Calculate Signatures? "Hal Finney"
- Re: How to Calculate Signatures? "Hal Finney"
- Re: How to Calculate Signatures? Ian G
- Re: How to Calculate Signatures? Ben Laurie
- Re: How to Calculate Signatures? Ian G
- Re: How to Calculate Signatures? Ian G
- Re: How to Calculate Signatures? "Hal Finney"
- Re: How to Calculate Signatures? Jon Callas
- Re: How to Calculate Signatures? Jon Callas
- Re: How to Calculate Signatures? Ian G
- Re: How to Calculate Signatures? Jon Callas
- Re: How to Calculate Signatures? Ben Laurie
- Re: How to Calculate Signatures? "Hal Finney"
- Re: How to Calculate Signatures? David Shaw
- Re: How to Calculate Signatures? Jon Callas
- Re: How to Calculate Signatures? David Shaw
- Re: How to Calculate Signatures? Konrad Rosenbaum