I just saw that Crypto.SHA1 and Crypto.SHA256 are missing the asn1_id method. Looking at the old crypto library the id should be
/* * SHA1 OBJECT IDENTIFIER ::= { * iso(1) identified-organization(3) oiw(14) secsig(3) * algorithm(2) 26 * } * * 0x2b0e 0302 1a */ static char sha_id[] = { 0x2b, 0x0e, 0x03, 0x02, 0x1a, };
or
(string)({ 0x2b, 0x0e, 0x03, 0x02, 0x1a });
(1) Result: "+\16\3\2\32"
but actually encoding it from start generates
Standards.ASN1.Types.Identifier(1,3,14,3,2,26)->get_der();
(2) Result: "\6\5+\16\3\2\32"
Why are the leading bytes missing/added? Similar discrepancies can be seen for MD2/MD4/MD5. SHA256 has an PKCS id (2.16.840.1.101.3.4.0.1) that should be added to that algorithm, if we can only figure out if the two extra bytes at the beginning should be there.
My guess is a length field first (6 bytes payload) and a type field (apparently NULL, according to asn.1 encoding rules).
It's been a while since I used ASN.1, but shouldn't the tag be 6 for an identifier like this?
No, it was an identifier tag (6) and a size descriptor (5) that was not part of the asn1_id. Weird API... The whole PKCS-thing should really be rewritten sometime.
Oh, the tag came first... Well, it was a while since I had to work with it, so no surprise I got it backwards.
pike-devel@lists.lysator.liu.se
-
Marcus Agehall (Roxen IS) @ Pike (-) developers forum -
Martin Nilsson (Opera Mini - AFK!) @ Pike (-) developers forum