Re: -15 still not clear on signatures

[David Shaw <dshaw@xxxxxxxxxxxxxxx>]

On Sat, Nov 26, 2005 at 02:04:11PM +0000, Ben Laurie wrote:
> 
> I was working on my signing code and realised that some issues
> previously discussed do not appear to be resolved in -15 (its possible
> some of these are also new).
> 
> a) V4 signatures don't mention how one actually calculates the signature
> - the text only appears for V3 signatures.

I'm not exactly sure what you mean here.  Isn't this stated in 5.2.4,
in the paragraph beginning "Once the data body is hashed" ?

> b) EMSA-PKCS1-v1_5 takes two parameters - the message, m, and the length
> of the encoded message, emLen. emLen is not specified in -15. By
> inspection of existing signatures, it seems to me it is one less than
> the size of the modulus (which strikes me as theoretically wrong, but if
> that's the way it is, I guess that's the way it is).

I was under the impression that emLen was equal to the size of the
modulus.  I'm a bit confused with the two different descriptions of
EMSA-PKCS1-v1_5 (one in rfc-2437, and one in rfc-3447).  The leading
zero seems to have been added outside of EMSA-PKCS1-v1_5 in 2437 and
within it in 3447.

David