I was working on my signing code and realised that some issues
previously discussed do not appear to be resolved in -15 (its possible
some of these are also new).
a) V4 signatures don't mention how one actually calculates the signature
- the text only appears for V3 signatures.
b) EMSA-PKCS1-v1_5 takes two parameters - the message, m, and the length
of the encoded message, emLen. emLen is not specified in -15. By
inspection of existing signatures, it seems to me it is one less than
the size of the modulus (which strikes me as theoretically wrong, but if
that's the way it is, I guess that's the way it is).
I proposed patches to clarify this stuff back in April:
These appear to be wrong about emLen (off by one), BTW.
** ApacheCon - Dec 10-14th - San Diego - http://apachecon.com/ **
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff