[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Canonical form for signing S-expressions



Ron Rivest wrote:
> 
> 
> There needs to be a canonical form for signing S-expressions.  That is,
> a way of interpreting an S-expression as a sequence of bytes to be fed
> into a hash function.  This byte sequence does not need to be the same
> as the byte sequence used to transmit the S-expression, nor does it need
> to be the same as the memory layout of the S-expression.  It should be
> easy to generate from whatever memory layout you use for S-expressions,
> and it should be compact, so as to keep the hashing efficient.  (I note that
> the production of the canonical form byte-string can be done piecemeal, as
> most hash functions can take their input in chunks.)
> 
> Given these requirements and considerations, I have heard no technical
> arguments against the following proposal, and I suggest we go with it.
> 	-- represent all byte strings "verbatim" as e.g.
> 		#3:abc
> 	   with #,hexadecimal length,colon,byte-string 
> 	   (Using this format gives maximum efficiency for long byte strings.)
> 	-- represent lists with parentheses
> 	-- use no spaces to separate elements, and no fragmentation of
> 	   byte strings.
> 
> Example: The S-expression 
> 	(a b (cd e fgh)) 
> has canonical form for signing
> 	(#1:a#1:b(#2:cd#1:e#3:fgh))

Seems to me that the # is redundant, and should, therefore, be left out.

Cheers,

Ben.

-- 
Ben Laurie                Phone: +44 (181) 994 6435  Email: ben@algroup.co.uk
Freelance Consultant and  Fax:   +44 (181) 994 6472
Technical Director        URL: http://www.algroup.co.uk/Apache-SSL
A.L. Digital Ltd,         Apache Group member (http://www.apache.org)
London, England.          Apache-SSL author

Follow-Ups: References: