On Sat, May 28, 2005 at 09:48:35PM +0100, Ben Laurie wrote:
David Shaw wrote:
On Wed, May 25, 2005 at 12:26:53PM +0100, Ben Laurie wrote:
I realise they're deprecated, but I still need to know the format. Where
can I find it? Should it be in the RFC?
The problem being, of course, that things exist out there that use them.
I don't think it should be in the RFC. The new RFC does not permit
Elgamal signatures, so putting it in there serves little purpose.
2440 will continue to exist once the new RFC is out, so anyone looking
for 2440-specific formats can look there.
They aren't in 2440 either. Or I missed something.
Indeed, much to my surprise, they're not in 2440. I thought I had
seen them in there.
To me this is another reason to not put them in the new RFC. They
were underspecified in 2440, and they're verboten in 2440bis.
Specifying something that is not permitted now, and was not fully
specified in the past seems odd to me.
The format that GnuPG used (past tense) is similar to RSA in the PKCS
encoding. If you look at the sign() function in
http://cvs.gnupg.org/cgi-bin/viewcvs.cgi/*checkout*/gnupg/cipher/elgamal.c?content-type=text%2Fplain&rev=1.35
you can see exactly what is done. MPI a and b in that function are
the two MPIs that wind up in the Elgamal signature packet.
David