"John W. Noerenberg" <jwn2(_at_)qualcomm(_dot_)com>:
When Jon posts the -06 draft, we will consider it for one more week.
[...]
WG Last Call is closed. A draft which incorporates the changes we've
discussed with be submitted to the IESG, as soon as possible.
We just stumbled upon a bug in draft-ietf-openpgp-formats-06.txt.
The CRC-24 sample implementation given in the draft is as
follows:
6.1. An Implementation of the CRC-24 in "C"
#define CRC24_INIT 0xb704ce
#define CRC24_POLY 0x1864cfb
typedef long crc24;
crc24 crc_octets(unsigned char *octets, size_t len)
{
crc24 crc = CRC24_INIT;
int i;
while (len--) {
crc ^= *octets++;
for (i = 0; i < 8; i++) {
crc <<= 1;
if (crc & 0x1000000)
crc ^= CRC24_POLY;
}
}
return crc;
}
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
This does not comply with what PGP 2.x expects.
The fix is to replace
crc ^= *octets++;
by
crc ^= ((*octets++) << 16);
(i. e., the MSB of the data is aligned with the MSB of the
initialization value; thus, viewing everything as polynomials in X,
we have
CRC = (init * X^(8*len) + data * X^24) MOD poly,
which is probably what CRCs are usually expected to look like).
Bodo M"oller
<bmoeller(_at_)acm(_dot_)org>