IETF Logo Mail Archive

Re: How to Calculate Signatures?

Ben Laurie <ben@algroup.co.uk> Sun, 03 April 2005 03:10 UTC

Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id WAA17002 for <openpgp-archive@lists.ietf.org>; Sat, 2 Apr 2005 22:10:33 -0500 (EST)
Received: from above.proper.com (localhost.vpnc.org [127.0.0.1]) by above.proper.com (8.12.11/8.12.9) with ESMTP id j332tToB052964; Sat, 2 Apr 2005 18:55:29 -0800 (PST) (envelope-from owner-ietf-openpgp@mail.imc.org)
Received: (from majordom@localhost) by above.proper.com (8.12.11/8.12.9/Submit) id j332tT9s052963; Sat, 2 Apr 2005 18:55:29 -0800 (PST)
X-Authentication-Warning: above.proper.com: majordom set sender to owner-ietf-openpgp@mail.imc.org using -f
Received: from mail.links.org (mail.links.org [217.155.92.109]) by above.proper.com (8.12.11/8.12.9) with ESMTP id j332tRe9052956 for <ietf-openpgp@imc.org>; Sat, 2 Apr 2005 18:55:28 -0800 (PST) (envelope-from ben@algroup.co.uk)
Received: from [193.133.15.218] (localhost [127.0.0.1]) by mail.links.org (Postfix) with ESMTP id CB29F33C45; Sun, 3 Apr 2005 03:55:26 +0100 (BST)
Message-ID: <424F5AA6.1060001@algroup.co.uk>
Date: Sun, 03 Apr 2005 03:53:26 +0100
From: Ben Laurie <ben@algroup.co.uk>
User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Hal Finney <hal@finney.org>
Cc: ietf-openpgp@imc.org
Subject: Re: How to Calculate Signatures?
References: <20050402201614.31E9157EE9@finney.org>
In-Reply-To: <20050402201614.31E9157EE9@finney.org>
X-Enigmail-Version: 0.89.6.0
X-Enigmail-Supports: pgp-inline, pgp-mime
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
Content-Transfer-Encoding: 7bit

Hal Finney wrote:
> Ben Laurie writes:
> 
> 
>>The sections on calculating signatures are really confusing. I can't 
>>currently suggest alternate text for most of it because its far from 
>>clear to me what the actual algorithms are. If someone explains, I'll do 
>>my best to write clarifying text.
> 
> 
> You're right, this is really messed up.
> 
> The authoritative section on what to hash is 5.2.4.  We should refer
> forward to that section and not include detailed information about
> what is hashed in the sections on V3 and V4 signature packets.
> 
> We should make it clear that the DSA signature algorithm works directly
> on the hash value that results from 5.2.4.
> 
> We should say that RSA signatures use that hash and prepend the sequence
> of bytes identified as the "full hash prefixes".  We could probably remove
> the hexadecimal equivalents to the ASN.1 OIDs; if someone understands
> ASN.1 well then the OIDs are enough, and if not then they can just
> follow the rule to prepend the proper byte sequences and that will work.
> This then gets padded as in PKCS#1 v1.5 signatures.  We should have a
> sentence clarifying that this is what gives us the value "m" used in
> the signature calculation.

We also need to specify emLen, which I presume (by logic and experiment) 
is equal to the RSA key size.

I will send diffs soon. Thanks for the clarification.

Cheers,

Ben.

-- 
http://www.apache-ssl.org/ben.html       http://www.thebunker.net/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

v2.23.0 | Report a Bug | By Email