<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
On 06/25/2017 03:06 PM, <a class="moz-txt-link-abbreviated" href="mailto:weber@infotech.de">weber@infotech.de</a> wrote:<br>
<blockquote type="cite"
cite="mid:a0cff93b-f23c-631e-580c-ffc0ab595115@infotech.de">Dear
OpenSSSL users,
<br>
<br>
we recently came across a certificate with OID: id-RSASSA-PSS aka
rsassaPss in x509 subjects public key AlgorithmIdentifier.
<br>
<br>
According to rfc4056 it is legitimate to use rsaEncryption or
id-RSASSA-PSS as OID for the subject public key.
<br>
<br>
But when listing the certs's contents or during verification,
openssl v1.0.2h bails out:
<br>
<blockquote type="cite">12392:error:0609E09C:digital envelope
routines:PKEY_SET_TYPE:unsupported
algorithm:.\crypto\evp\p_lib.c:231:
<br>
12392:error:0B07706F:x509 certificate
routines:X509_PUBKEY_get:unsupported
algorithm:.\crypto\asn1\x_pubkey.c:148:
<br>
</blockquote>
which is caused by failing to assign the proper ameth structure to
the key.
<br>
<br>
Later in x_pubkey.c, only the method pub_decode is needed, which
seems to work for rsassa pubkeys.
<br>
So may we assign the same methods associated to rsaEncryption in
this case or are we breaking other functionality by doing so?
<br>
</blockquote>
<br>
It might be more interesting to just try using the current OpenSSL
master branch (or a snapshot), which has more proper RSA-PSS
support.<br>
<br>
-Ben<br>
</body>
</html>