ietf-openpgp
[Top] [All Lists]

Re: Glitch in section 3.2

2001-05-02 14:28:52
-----BEGIN PGP SIGNED MESSAGE-----

No, the cause is completely different.  The unencrypted actual MPI
determines the bit length and should not include any leading zeroes,
but encryption might introduce them (and it's probably not wise to
adjust the bit length accordingly).

This sounds like a bug I found in the OpenPGP engine inside Mixmaster
2.9beta23...  it (wrongly) treats the encrypted data as an MPI and
puts out the wrong bit count.  (Note that the "encrypted MPI" could
have a bit count that's a whole byte or more shorter.  The bit
counting in Mix2.9b23 serendipitously avoids an accident here.)
This resulted in other PGP versions reporting checksum errors
(because they did not adjust the bit count after decrypting).

All that said, this is an implementation bug, not a spec issue.

-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.3

iQEVAwUBOvB7j2NDnIII+QUHAQG/igf9FLnJVP/0L+TftmumWdiCUQgzjG/vby1u
6JMq9tuD5gTz4V/gdgQfUX0bw/eKfVDtdev6SZWS5C+3bbOSOh3rQuxJhgWK/q1w
j5BepP0GelUlzpo0NQfMPouWKxccLvXBX54w9/AYhxRXJk191SazwGyaCHt8WQjs
ajHIAVSCbkrKdxQk8TDa14QdJypnOAhy1YDblT/7ve34dPeAS/slQF6K8xD6ojzT
zMd6s3Ft7SIRLbUD3YLvwjzUVw4BL9dxZWmaYmchDIOMG57wMqF9loeEXkHnxvns
YL4ke1wtOD+zCiVjqBjEn7k2AizwgFvH+7v9WOSr8GP/aypy6CFHsQ==
=pi9p
-----END PGP SIGNATURE-----



<Prev in Thread] Current Thread [Next in Thread>