On Tue, Apr 23, 2019 at 10:28:26AM +0200, Werner Koch wrote:
On Mon, 22 Apr 2019 08:55, HeikoStamer(_at_)gmx(_dot_)net said:
There is no distinction between V3, V4, and V5 signatures resp. keys.
However, GnuPG computes the hash in function hash_public_key() for V5
keys in a different way: starting with octet 0x9a and a four-octet
length is given before the body of key packet is hashed.
That is because 12.2 (Key IDS and Fingerprints) has
A V4 fingerprint is the 160-bit SHA-1 hash of the octet 0x99,
followed by the two-octet packet length, followed by the entire
[...]
A V5 fingerprint is the 256-bit SHA2-256 hash of the octet 0x9A,
followed by the four-octet packet length, followed by the entire
I think it makes sense to keep the signature computation in sync with
the fingerprint computation. Using the four-octet length and thus 0x9a
is important because it remove ambiguities if the key material is larger
than 2^16.
A move to easily enable key material > 2^16 bytes seems to be in
conflict with dkg's work on trying to reinvigorate the usefulness of key
servers + the suggestion to limit key material packets to < 8383 bytes.
J.
--
I have seen the future - the future is Channel 3.
This .sig brought to you by the letter S and the number 38
Product of the Republic of HuggieTag
signature.asc
Description: PGP signature
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp