On Sat, Nov 26, 2005 at 02:04:11PM +0000, Ben Laurie wrote:
I was working on my signing code and realised that some issues
previously discussed do not appear to be resolved in -15 (its possible
some of these are also new).
a) V4 signatures don't mention how one actually calculates the signature
- the text only appears for V3 signatures.
I'm not exactly sure what you mean here. Isn't this stated in 5.2.4,
in the paragraph beginning "Once the data body is hashed" ?
b) EMSA-PKCS1-v1_5 takes two parameters - the message, m, and the length
of the encoded message, emLen. emLen is not specified in -15. By
inspection of existing signatures, it seems to me it is one less than
the size of the modulus (which strikes me as theoretically wrong, but if
that's the way it is, I guess that's the way it is).
I was under the impression that emLen was equal to the size of the
modulus. I'm a bit confused with the two different descriptions of
EMSA-PKCS1-v1_5 (one in rfc-2437, and one in rfc-3447). The leading
zero seems to have been added outside of EMSA-PKCS1-v1_5 in 2437 and
within it in 3447.
David