Re: [pkix] Clarification on "zero" hash value in SigPolicyHash (CAdES)

Ernst G Giessmann <giessman@informatik.hu-berlin.de> Wed, 17 July 2019 06:33 UTC

Return-Path: <giessman@informatik.hu-berlin.de>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7E468120162 for <pkix@ietfa.amsl.com>; Tue, 16 Jul 2019 23:33:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.299
X-Spam-Level:
X-Spam-Status: No, score=-4.299 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=informatik.hu-berlin.de
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KYV9HGpXr2yw for <pkix@ietfa.amsl.com>; Tue, 16 Jul 2019 23:33:57 -0700 (PDT)
Received: from mailout2.informatik.hu-berlin.de (mailout2.informatik.hu-berlin.de [141.20.20.102]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 32FB612006D for <pkix@ietf.org>; Tue, 16 Jul 2019 23:33:56 -0700 (PDT)
Received: from mailbox.informatik.hu-berlin.de (mailbox [141.20.20.63]) by mailslv1.informatik.hu-berlin.de (8.15.1/8.15.1/INF-2.0-MA-SOLARIS-2.10-25) with ESMTPS id x6H6XO0j017717 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 17 Jul 2019 08:33:24 +0200 (MEST)
Received: from [192.168.2.110] (p548E67AE.dip0.t-ipconnect.de [84.142.103.174]) (authenticated bits=0) by mailbox.informatik.hu-berlin.de (8.15.1/8.15.1/INF-2.0-MA-SOLARIS-2.10-AUTH-26-465-587) with ESMTPSA id x6H6XKZj021680 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=OK); Wed, 17 Jul 2019 08:33:23 +0200 (MEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=informatik.hu-berlin.de; s=mailbox; t=1563345204; bh=g9ub9FP6DJ7bT2rXRRAXCO5ktDsXdwOgP0IwWH8TmCQ=; h=Subject:To:References:From:Date:In-Reply-To; b=XvOag+B6rpzA4Fq758YY87gMxrCuvev8C2HMWvJQ71NkxwRXPcQZr5eZ+aP6NQCVI 6YImFd2AKvg+mJUs6Q40sSA0lWik2qSwadXDd9F5ZxPrUH78S/SkZPapDQgYzl7IGn aR+04B4HS2p2K3mDO1CPnt8bd5GInSPoQyhPT+9Y=
To: Stefan Santesson <stefan@aaa-sec.com>, Peter Gutmann <pgut001@cs.auckland.ac.nz>, "pkix@ietf.org" <pkix@ietf.org>, "esi : etsi tc esi (electronic signatures and infrastructures)" <ESI@LIST.ETSI.ORG>
References: <20190712200549.2kgzjqodj5afnxlt@nmhq.net> <0FDBEEC9-0FBA-4C47-BD04-EE7F6053426D@aaa-sec.com> <1563269533626.58560@cs.auckland.ac.nz> <218E69B7-036E-45FF-AD3B-9F017FCAF40E@aaa-sec.com>
From: Ernst G Giessmann <giessman@informatik.hu-berlin.de>
Openpgp: preference=signencrypt
Autocrypt: addr=giessman@informatik.hu-berlin.de; prefer-encrypt=mutual; keydata= xsBNBEs9Ow0BCACmbNqkEfzjXjR9MmVQxUsJVwMNeFNR//ErnstG+Giessmann//XRR+v7Ux HGaFHyzuR1aVPlRqjd7FyGt2RdjoumhVG9neqThI6B7BApKqD+z8XofzBwtmOVog/bQel/CH IbRTlKaoLz6X/5stCnYS9GUj3oqrnIoqr41DpMlipXHAEQstUSNtHa8uTa8zolCtaaKYm2gs A9k2D02M+jJBtOwFZeOfMcStxp+epnA1qygDRgWvCqEc5lyG9pQw8V8ZmGiULjQlUSmjvkNh SN+gKY2vGJcxVuLr64fCDTtCHFHin471n+MvCMdetAnzk869M4vHVyQeYhd2Jx59qc2jABdA AIHNNEVybnN0IEcgR2llc3NtYW5uIDxnaWVzc21hbkBpbmZvcm1hdGlrLmh1LWJlcmxpbi5k ZT7CwLsEEwEIAGUCG6MCHgECF4AFCRLV3ec4Gmh0dHA6Ly93d3cuaW5mb3JtYXRpay5odS1i ZXJsaW4uZGUvfmdpZXNzbWFuL2dwZy1jcC50eHQCGQEFAlvEXDwHCwkIBwMCAQYVCAoJCwIE FgIDAQAKCRAOAnyymmjvHY6zB/9BxC+TAWxjR0/Qgds40aaIBysDjXxtGwfCO4Ny2RP8EkSY OVDsq5fdb/xzfqN5x5yjlYQhYK6WtD/vG0WFJYOGGueH3L0KGhlIhZUB/7I7Uh87rwVG8ZB9 ArJHdwGXiQbKLLsELnu9KyJXPZOJNmFWitoC93UZkhfFHzits7g5LgtbIfscPbRBUYUVz1Xy 2VY6YUrr7uoTxEkC7NlTIIxWIsJ1Aqctg5PhVxjiad/L+rYGc9wh2GHTCUWmKExbgkKvbm9a jE1vXXt7kaMZ9hjLrrogQUQnlOEZyGaseIW4UTWUiSQz9N3nF/o5Ckn4iHB+HhAH2nxI5SPd pVANUWDnzsBFBEtHGqMBB8C226uIsivcmIJ0p8h1s3hZkXWNT/OsWgr/XClW8DNNQ0hehn3d scxNiQCToavpkqRfQMumRCuhUoYpbqV09q1eNnIlmWTQwsvxjbe4RGeKKiuVIGScMDZC94CE S0HBhGtwcw3zgORvJ8bgm+yjFt5HO/EMuQr8bbK5WIgT7SmywCz/wyMzpulM3LDB70pyrUCY DyHbz8sWUN/yOwAKpEl1hU6PHFJu9eWOx3WpBxLJE77unUKvBiBJZRoxXq+OBjSl4ShBSWp1 61PSvTWu1s2OtdGJIR0BijIf3Jt2zO5TrO1AwD1qrrzf2GravNxVxbbPogsalCn/EwARAQAB wsBfBBgBCAAJBQJLRxqjAhsMAAoJEA4CfLKaaO8dNpsIAKL/Rqud7r2RtNHxMpKlFbUw/WVd WSaN3ZGLlnlYx/rKgH5YLEB2Vft6wab6/C4BPaD0E/gRi7Uw1/bbvqhyyMHbf/QVR2qkOQUW Ettyj+LzOjftdg59UyBqaX9CRtJcqwVOqZYSUKH1l+Ip/NoP0lO/nfoF2jdum09uRIQOoPHM uoT7IT7DwdcJ1URkUqGD9QV6uiT3oGXdJmkyCCURm5EksXG0Inbo28d+cuHkNV0O+DpXDgep ja1934KN5guvaNQqXJQEo5V9f/m4LgRUd+KCbYfyFvbTEu6WIhD3wCxzlvNuAfPAKrV7VU3h 3wKe/PMysE+k8LdtVs6GeYWCfqA=
Message-ID: <66ca08a2-13e5-3c6a-c7db-2c95104c1e2d@informatik.hu-berlin.de>
Date: Wed, 17 Jul 2019 08:33:19 +0200
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0
MIME-Version: 1.0
In-Reply-To: <218E69B7-036E-45FF-AD3B-9F017FCAF40E@aaa-sec.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: clamav-milter 0.100.2 at mailbox
X-Virus-Status: Clean
X-Greylist: Sender succeeded STARTTLS authentication, not delayed by milter-greylist-4.6.1 (mailslv1.informatik.hu-berlin.de [141.20.20.51]); Wed, 17 Jul 2019 08:33:24 +0200 (MEST)
Archived-At: <https://mailarchive.ietf.org/arch/msg/pkix/DOZtbPGlNtd6FH-Qj5648VUc0Yk>
Subject: Re: [pkix] Clarification on "zero" hash value in SigPolicyHash (CAdES)
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pkix/>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Jul 2019 06:33:59 -0000

Stefan,
what about the implementation of EC-RDSA (RFC 7091), where exactly this
"one out of all" is required:
https://tools.ietf.org/html/rfc7091#section-6.1

-----
Step 2.
...
If e = 0, then assign e = 1.
-----

;-)

/Ernst.

Note, that in this case it is crystal clear said what to do, which is
missing in the TS.

Am 2019-07-16 um 15:29 schrieb Stefan Santesson:
> To assign a specific meaning to one out of all possible but
> syntactically valid hash values, is exactly the type of specification
> work that leads to implementation errors and security vulnerabilities.
> Stefan Santesson 
...