Hi,
in section 12.2., the text says, that _the_ two-octet packet length
comes after the 0x99 octet.
Does that mean, that the public key data may not be larger than 65536
bytes?
If so: Is that stated anywhere?
And... is this good? Considering permanently growing key sizes or the
possible existence of practically useful public key algorithms using
(for example) a variable number of integers[1].
So, if there is no 64k limit on public key data, a further question
occurs:
Is the "two-octet packet length" the packet length modulo 65536?[2]
But then, isn't the
a.2) high order length octet of (b)-(f) (1 octet) [3]
some kind of "second low order length octet"? ;-)
Or is (a.2) the "most significant octet of the length" while (a.3) is
the "least significant octet"? ;-)
I looked what GnuPG does, and - note the first comment - ...
-- snip g10/keyid.c --
/* What does it mean if n is greater than than 0xFFFF ? */
md_putc( md, n >> 8 ); /* 2 byte length header */
md_putc( md, n );
-- snap --
...they use the "modulo 65536" variant. ;-)
Kind Regards,
Stephan Beyer
Footnotes:
1. Although it is not considered secure, think of a knapsack-based
methods with n integers.
2. By the way, is it correct to say "packet length" when you don't
actually mean the length of the packet, but the length of
(b)-(e) in the example? ;-)
3. Note, that there is a further mistake: (f) doesn't even exist.
The list ends with (e).
--
Stephan Beyer <s-beyer(_at_)gmx(_dot_)net>, PGP 0x6EDDD207FCC5040F
signature.asc
Description: Digital signature