On Tue, Oct 10, 2006, Erik Leunissen wrote: > When computing DSA signatures, the first eight bytes of the signature > appear to follow a rather predictable pattern, which I am concerned about. > > I've tested this to be so using two slightly different input texts: > 1. "Mary had a little lamb" > 2. "Mary had a little lama" > > For each of these two texts, I computed 10 signatures (all from the same > signing key). The signatures (if expressed in hexadecimal format) all > start with an 8 byte sequence that matches the regular expression: > > 302[cde]021[45] > > > Because DSA signatures are computed from SHA1 hashes, I also computed > these SHA! hashes for each of the two inputs. I was relieved to see that > the hashes were very different. > > Therefore, the observed pattern must come from whatever DSA_sign() does > after the hash has been computed. > > (The test script and its output for one run over > the two texts are appended to this message) > > > Is the observed pattern normal? > >
Yes, the standards require the signature to be placed in a DSS-Sig structure which is the r+s compoents as ASN1 INTEGER types wrapped up in a SEQUENCE. Pass the result through asn1parse and you'll see the result. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
