[Top] [All Lists]

Re: Message Integrity

1999-04-22 19:25:25
On Thu, 22 Apr 1999 hal(_at_)rain(_dot_)org wrote:

tzeruch(_at_)ceddec(_dot_)com writes:
The patch is now 83 lines affecting 3 files (sigchk sigmak elitmk).  I
think the DER version would be a few more, and it took less than 30
minutes.  I am using a keyid of zero to trigger the MIC mode (internally I
derive the algorithm from the keyid, but I could a flag or something

Do you have a sense of how big the code would be to implement the MDC in
the encryption layer as originally proposed?  Possibly if the MDC were
in a separate packet so you could identify it easily?

My estimate would be over 300 lines (which for me is about 6%).  If the
MDC were in a separate packet (with an indicator at front similar to the 1
pass signature packet, or the MDC has to go up front), it would not be too
much worse than my current changes.  Although it would be a new packet
type, it would be fall into the structure in parallel with the signatures,
i.e. where I have signatures started, I could add an else if (MDC_PRESENT)
and fire up the same hashing routines.

Basically instead of adding algorithm 0 to the signature generator/checks,
I add a new MDC packet type where the signature packets are processed.

Let me give it a try (probably this weekend), and see.  I will use my own
packet format and IDs.

So I would need either the MDC itself or an indicator packet *before* the
MDC-ed stream for this to be easy.

Functionally this is the elstrippo signature packet for MDC/MICs with a
different ID.  But it should be easier to parse.

<Prev in Thread] Current Thread [Next in Thread>