To all,
One final clarifying question re 2440:
After looking at 5.2.3 and 5.2.4 regarding "what" is hashed and "how" it is
hashed before being fed into the DSA, I'm still slightly confused.
-----BEGIN QUOTES-----
5.2.3 states: "The data being signed is hashed, and then the signature data
from the version number through the hashed subpacket data (inclusive) is
hashed."
5.2.4 states: "Once the data body is hashed, then a trailer is hashed.
<snip> . A version 4 signature hashes the packet body starting from its
first field, the version number, through the end of the hashed subpacket data."
"V4 signatures also hash in a final trailer of six octets:..."
"After all this has been hashed , the resulting hash field is used in the
signature algorithm,..."
-----END QUOTES-----
Let's assume: (a) = actual data, (b) = signature data to be hashed (incl.
subpackets), (c) = last six octets
My question is, for a version 4 sig using DSA and SHA1, do we:
1) H(a) + H(b) + H(c) = 480 bit value, then hash this to produce the final
hash value (before sig. alg.)
2) H(a + b + c) = 160 bit value to be fed into the sig. alg.
3)
i) Initialise the SHA1 hashing alg. with the values A=0x67452301,
B=0xEFCDAB89, C=0x98BADCFE, D=0x10325476, E=0xC3D2E1F0
ii) Hash (a) then split the 160 bit result into 5x 32 bit values,
representing the next five 32 bit initialization numbers (A,B, C, D, E)
for the hashing algorithm.
iii) Hash (b) then split the 160 bit result into 5x 32 bit values,
representing the next five 32 bit initialization numbers (A,B, C, D, E)
for the hashing algorithm.
iv) Hash (c) then use the 160 bit result in the signature algorithm (DSA).
Thanks for any replies as I am reading these three possibilities from the
doc and I'm not sure which one to use.
Regards
Erron Criddle
Comasp Ltd.
Level 2, 45 Stirling Hwy
NEDLANDS WA 6009
Australia
Fax: 08 9386 9473
Tel: 08 9386 9534
http://www.comasp.com
ejc(_at_)comasp(_dot_)com