'Re: R: [openssl.org #1951] [patch] verification of X.509'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openssl-dev
Subject:    Re: R: [openssl.org #1951] [patch] verification of X.509
From:       Martin Kaiser <lists () kaiser ! cx>
Date:       2010-02-14 16:09:50
Message-ID: 20100214160950.GA6660 () kaiser ! cx
[Download RAW message or body]

Hi Francesco and all,

Thus wrote francesco.petruzzi@innovery.it (francesco.petruzzi@innovery.it):

> I have a doubt.
> Reading rfc 3447 I see this definition

> RSASSA-PSS-params ::= SEQUENCE {
>           hashAlgorithm      [0] HashAlgorithm    DEFAULT sha1,
>           maskGenAlgorithm   [1] MaskGenAlgorithm DEFAULT mgf1SHA1,
>           saltLength         [2] INTEGER          DEFAULT 20,
>           trailerField       [3] TrailerField     DEFAULT trailerFieldBC
>       }

> And I think the params definition in the patch must be changed in

> ASN1_SEQUENCE(RSASSA_PSS_PARAMS) = {
> 	 ASN1_EXP_OPT(RSASSA_PSS_PARAMS, hashAlgorithm, X509_ALGOR,0),
> 	 ASN1_EXP_OPT(RSASSA_PSS_PARAMS, maskGenAlgorithm, X509_ALGOR,1),
> 	 ASN1_EXP_OPT(RSASSA_PSS_PARAMS, saltLength, ASN1_INTEGER,2),
> 	 ASN1_EXP_OPT(RSASSA_PSS_PARAMS, trailerField, ASN1_INTEGER,3)
> } ASN1_SEQUENCE_END(RSASSA_PSS_PARAMS)

> ASN1_EXP_OPT for ASN1_OPT

thanks for the correction. RFC3447 clearly says that the tags
are explicit. I'll update the patch accordingly.

Best regards,

   Martin
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev@openssl.org
Automated List Manager                           majordomo@openssl.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic