[Top] [All Lists]

Re: [openpgp] "OpenPGP Simple"

2015-03-22 08:54:54
Derek Atkins <derek(_at_)ihtfp(_dot_)com> writes:

Have you tried to have them read the CMS/PKIX set of specs??  And they still
think that 4880 is too complex??

Having implemented both 3369 and 4880 (I'm not going to touch 5280 et al, no-
one has that much asbestos), 3369 is much easier to work with.  The reason for
this is that there's a single overall type (ContentInfo) for everything and
then consistent subtypes (SignedData, EnvelopedData) within that, all
collected together inside type-specific containers.  PGP OTOH is a series of
packets with somewhat arbitrary fields (look at the literal-data packet for
example), all concatenated together in a rather ad hoc order, which means you
have to hand-craft parsing code for almost everything.  When a new type
(AuthEnvelopedData) was added to CMS I just added an OID and a function
pointer to the decoding table and a bit of glue code and I was done.  The PGP
equivalent OTOH, MDC'd data... ugh.

openpgp mailing list

<Prev in Thread] Current Thread [Next in Thread>