ietf-smime
[Top] [All Lists]

Re: Q: Is possible indefinite form of length encoding in DER?

2000-09-19 07:40:48
ChungKil Kim <chkim(_at_)initech(_dot_)com> wrote:

In some S/MIME messages, there are indefinite form of length encoding.
Is it possible?

In PKCS specs, only use DER?

An important thing to remember is that although it's often specified
that a signature must be over the DER encoding of an object, it's not
necessarily true that what is transmitted has to be that encoding.

On the ridiculous end of this rule is a certificate in which everything
is indefinite length encoded - perfectly valid AFAIK, as long as you
re-encode before verifying.

On the more practical end, it is often impossible to know when composing
a PKCS#7 SignedData how long the data being signed is. As a result all
the layers surrounding the Content (ContentInfo, SignedData,
EncapsulatedContentInfo) are encoded indefinite length, and the content
itself is encoded as a contructed octet string. The signature is over
the contents octets of the DER encoding, and so it is never necessary
even to count the length of the assembled octetstring. The individual
strings are simply fed to the digests as they appear.

Andrew

<Prev in Thread] Current Thread [Next in Thread>