On Thu, Aug 25, 2005 at 02:25:43PM +0300, mkuusio(_at_)surfeu(_dot_)fi wrote:
My question is relating in public key signature calculation. Chapter 5.2.4
Computing signatures in the RFC2440 says: When a signature is made over a
key, the hash data starts with the octet 0x99, followed by a two-octet
length of the key, and then the body of the key packet. What about in the
situation when the public key packet length is 256 or smaller in bytes. In
that case the length is only 1 octet and the tag is 0x98. Is the octet
0x98 replaced to 0x99 and one length octet (0x00) is inserted between
packet tag and length octet to form a two-octet length? Am I right in
this?
The hash data always starts with the octet 0x99, even if the key
length is smaller than 256 bytes. That is the canonical key form used
when making signatures or calculating fingerprints. For example, data
that is hashed for a key that is 200 bytes long (a pretty small key)
would begin: 0x99 0x00 0xC8.
David