Re: RSA sign/verify and hash generation functions

help-gnutls

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: RSA sign/verify and hash generation functions

From:	Alessandro Vesely
Subject:	Re: RSA sign/verify and hash generation functions
Date:	Sat, 11 Dec 2010 21:11:15 +0100
User-agent:	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.13) Gecko/20101207 Lightning/1.0b2 Thunderbird/3.1.7

On 09/Dec/10 23:00, Nikos Mavrogiannopoulos wrote:
> On 12/09/2010 06:59 PM, Alessandro Vesely wrote:
>> On 08/Dec/10 23:56, Murray S. Kucherawy wrote:
>>> On Wednesday, December 08, 2010 2:25 PM Nikos Mavrogiannopoulos wrote
>>>> Which signing method do you use with openssl? In gnutls we support only
>>>> PKCS #1 1.5 signatures (that one required by TLS).
>>>
>>> Ah, maybe that's the problem.  The RSA_sign() man page from OpenSSL says:
>>>
>>>        RSA_sign() signs the message digest m of size m_len using the private
>>>        key rsa as specified in PKCS #1 v2.0.
>> 
>> I'd be surprised if PKCS#1 v2.0 introduced incompatibilities with the
>> previous version.  At any rate, RFC 4871 says: [it uses PKCS#1 v1.5]
> 
> It uses RSA-OAEP and RSA-PSS which are not compatible with PKCS #1 1.5.

Yes, you're right.  Naive users like me tend to confuse RSA-PSS with
RSASP1...

However, according to [1], RSA-PSS is actually specified only in
PKCS#1 v2.1.  Hence, that OpenSSL function should still be
RSASSA-PKCS1-v1_5.

[1] http://www.rsa.com/rsalabs/node.asp?id=2125

[Prev in Thread]

Current Thread

[Next in Thread]

Re: RSA sign/verify and hash generation functions, Nikos Mavrogiannopoulos, 2010/12/01
- RE: RSA sign/verify and hash generation functions, Murray S. Kucherawy, 2010/12/06
  - RE: RSA sign/verify and hash generation functions, Murray S. Kucherawy, 2010/12/07
    - RE: RSA sign/verify and hash generation functions, Murray S. Kucherawy, 2010/12/08
    - Re: RSA sign/verify and hash generation functions, Nikos Mavrogiannopoulos, 2010/12/08
    - RE: RSA sign/verify and hash generation functions, Murray S. Kucherawy, 2010/12/08
    - Re: RSA sign/verify and hash generation functions, Nikos Mavrogiannopoulos, 2010/12/08
    - RE: RSA sign/verify and hash generation functions, Murray S. Kucherawy, 2010/12/08
    - Re: RSA sign/verify and hash generation functions, Alessandro Vesely, 2010/12/09
    - Re: RSA sign/verify and hash generation functions, Nikos Mavrogiannopoulos, 2010/12/09
    - Re: RSA sign/verify and hash generation functions, Alessandro Vesely <=
    - Re: RSA sign/verify and hash generation functions, Nikos Mavrogiannopoulos, 2010/12/08
    - RE: RSA sign/verify and hash generation functions, Murray S. Kucherawy, 2010/12/08
    - Re: RSA sign/verify and hash generation functions, Nikos Mavrogiannopoulos, 2010/12/09
    - RE: RSA sign/verify and hash generation functions, Murray S. Kucherawy, 2010/12/09
    - Re: RSA sign/verify and hash generation functions, Nikos Mavrogiannopoulos, 2010/12/13
    - RE: RSA sign/verify and hash generation functions, Murray S. Kucherawy, 2010/12/14
    - Re: RSA sign/verify and hash generation functions, Nikos Mavrogiannopoulos, 2010/12/14
    - RE: RSA sign/verify and hash generation functions, Murray S. Kucherawy, 2010/12/14
    - RE: RSA sign/verify and hash generation functions, Murray S. Kucherawy, 2010/12/15
    - Re: RSA sign/verify and hash generation functions, Nikos Mavrogiannopoulos, 2010/12/16

Prev by Date: Re: RSA sign/verify and hash generation functions
Next by Date: Re: RSA sign/verify and hash generation functions
Previous by thread: Re: RSA sign/verify and hash generation functions
Next by thread: Re: RSA sign/verify and hash generation functions
Index(es):
- Date
- Thread