[prev in list] [next in list] [prev in thread] [next in thread]
List: openssl-dev
Subject: Re: R: [openssl.org #1951] [patch] verification of X.509
From: Martin Kaiser <lists () kaiser ! cx>
Date: 2010-02-14 16:09:50
Message-ID: 20100214160950.GA6660 () kaiser ! cx
[Download RAW message or body]
Hi Francesco and all,
Thus wrote francesco.petruzzi@innovery.it (francesco.petruzzi@innovery.it):
> I have a doubt.
> Reading rfc 3447 I see this definition
> RSASSA-PSS-params ::= SEQUENCE {
> hashAlgorithm [0] HashAlgorithm DEFAULT sha1,
> maskGenAlgorithm [1] MaskGenAlgorithm DEFAULT mgf1SHA1,
> saltLength [2] INTEGER DEFAULT 20,
> trailerField [3] TrailerField DEFAULT trailerFieldBC
> }
> And I think the params definition in the patch must be changed in
> ASN1_SEQUENCE(RSASSA_PSS_PARAMS) = {
> ASN1_EXP_OPT(RSASSA_PSS_PARAMS, hashAlgorithm, X509_ALGOR,0),
> ASN1_EXP_OPT(RSASSA_PSS_PARAMS, maskGenAlgorithm, X509_ALGOR,1),
> ASN1_EXP_OPT(RSASSA_PSS_PARAMS, saltLength, ASN1_INTEGER,2),
> ASN1_EXP_OPT(RSASSA_PSS_PARAMS, trailerField, ASN1_INTEGER,3)
> } ASN1_SEQUENCE_END(RSASSA_PSS_PARAMS)
> ASN1_EXP_OPT for ASN1_OPT
thanks for the correction. RFC3447 clearly says that the tags
are explicit. I'll update the patch accordingly.
Best regards,
Martin
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic