I have a technical detail question. I would appreciate if someone
could provide me assistance.
The interpretation of the SIGNED macro in PEM is still unclear to me.
RFC 1423 para. 4.3.1 reads
There is some ambiguity in X.509 regarding the definition of the
SIGNED macro and, in particular, the representation of a signature in
a certificate or a CRL. The interpretation selected for PEM requires
that the data to be signed (in our case, an MD2 message digest) is
first ASN.1 encoded as an OCTET STRING and the result is encrypted
(in our case, using RSAEncryption) to form the signed quantity, which
is then ASN.1 encoded as a BIT STRING.
I interpreted this as follows:
1. The 16 octets md2-output are ASN.1-encoded as OCTET STRING. The resulting
18 octets are subject to the RSAEncryption process for MIC encryption,
described in para. 4.2.1.
2. The RSAEncryption process of 4.2.1 requires to produce the ASN.1 code of
SEQUENCE {
digestAlgorithm AlgorithmIdentifier,
digest OCTET STRING
}
In para. 4.2.1 the octets of digest are referred to as MIC. This means
obviously that the 18 octets resulting from 1. are again ASN.1-encoded
as OCTET STRING as part of the SEQUENCE.
Is that correct? It sounds a bit odd to me.
Wolfgang Schneider