Chris,
SHA-1 and DSA can be used with authenticated attributes. A SHA-1 hash can
be calculated for the content. The resulting SHA-1 hash value is then
included in the messageDigest authenticated attributes. A SHA-1 hash is
then calculated for the ASN.1 encoded authenticatedAttributes. The
resulting SHA-1 hash value is input to the DSA algorithm which outputs the
digital signature value.
- John Pawling
At 02:04 PM 1/23/98 -0500, Bonatti, Chris wrote:
Russ,
Is the converse of this statement true? If using DSA, does that
essentially mean that authenticated attributes cannot be used?
I would assume that you could specify DSA as the signature algorithm, and
specify an arbitrary hash algorithm to address the messageDigest attribute.
Chris
___________________
Russ Housley wrote:
Stephen:
I understand that S/MIME v1 can't support DSA keys because it requires
the messageDigest, which DSA does not provide. And if authenticated
attributes are present, the messageDigest attribute (among others) MUST
be present.
This is not correct. If you look at the signed-data syntax in PKCS#7
version 1.5, you can see that encryptedDigest can easily carry a DSA
signature value. The syntax works fine, although the english desciption of
the process is RSA specific. I do not think that any implementation would
be confused is the appropriate OIDs are used.
DSA is not one of the algorithms supported by any S/MIME v2 implementation
that I know about. I am sure that someone on the list will correct me if I
am unaware of one.