"Kuehn, Ulrich" <[EMAIL PROTECTED]> writes: > 10.2.3 Data decoding > > The data D shall be BER-decoded to give an ASN.1 value of > type DigestInfo, which shall be separated into a message > digest MD and a message-digest algorithm identifier. The > message-digest algorithm identifier shall determine the > "selected" message-digest algorithm for the next step. > >Here, any trailing garbage would be included in data D. But does an ASN.1 >value allow such a thing? I am asking this independently of our discussion >here.
I don't think it's a problem, you just take the ASN.1 DigestInfo value, since the trailing garbage isn't part of the DigestInfo, you ignore it. Specifically, the ASN.1 object is entirely self-contained, so you can tell exactly where it ends and what it contains. Anything outside it is beyond the scope of this specification :-). (When the spec was written, I think the thought that someone would append trailing garbage never cropped up, so it's never explicitly addressed). >Anyway, I think we agree on the point that the spec (even version 2.1) is in >some point unprecise which should be considered a bug, as it can lead to >implementation flaws. And yes, given what we know, e=3 is a good candidate >for elimination :) Yup :-). Peter. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]