RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

Found 1 record.

Status: Reported (1)

RFC 5753, "Use of Elliptic Curve Cryptography (ECC) Algorithms in Cryptographic Message Syntax (CMS)", January 2010

Source of RFC: smime (sec)

Errata ID: 4777
Status: Reported
Type: Technical
Publication Format(s) : TEXT

Reported By: Jim Schaad
Date Reported: 2016-08-13

Section 3.1.1 says:

-  originator MUST be the alternative originatorKey.  The
      originatorKey algorithm field MUST contain the id-ecPublicKey
      object identifier (see Section 7.1.2).  The parameters associated
      with id-ecPublicKey MUST be absent, ECParameters, or NULL.  The
      parameters associated with id-ecPublicKey SHOULD be absent or
      ECParameters, and NULL is allowed to support legacy
      implementations.  The previous version of this document required
      NULL to be present.  If the parameters are ECParameters, then they
      MUST be namedCurve.  The originatorKey publicKey field MUST
      contain the DER encoding of the value of the ASN.1 type ECPoint
      (see Section 7.2), which represents the sending agent's ephemeral
      EC public key.  The ECPoint in uncompressed form MUST be
      supported.

It should say:

-  originator MUST be the alternative originatorKey.  The
      originatorKey algorithm field MUST contain the id-ecPublicKey
      object identifier (see Section 7.1.2).  The parameters associated
      with id-ecPublicKey MUST be absent, ECParameters, or NULL.  The
      parameters associated with id-ecPublicKey SHOULD be absent or
      ECParameters, and NULL is allowed to support legacy
      implementations.  The previous version of this document required
      NULL to be present.  If the parameters are ECParameters, then they
      MUST be namedCurve.  The originatorKey publicKey field MUST
      contain the encoded public key as defined in [X9.62].  The hybred
      form MUST NOT be used.  The ECPoint in uncompressed form MUST be
      supported.  This mirrors the same format used in public key 
      certificates as defined in Section 2.2 of [RFC5480].

Notes:

There is a problem in that for ECPoints, the public key is defined to be encoded differently in this document than it is in a public key certificate. The difference is the presence of the ASN.1 OCTET STRING wrapper.

OpenSSL and BouncyCastle both use the unwrapped version per Dr. Stephen Henson note to me in mail.

This error is also present in sections 3.1.2, 3.1.3, 3.2.1, 3.2.2, 7.2

Report New Errata



Advanced Search