[openssl-users] RSA-PSS Certificate
Jakob Bohm
jb-openssl at wisemo.com
Thu Oct 26 01:48:56 UTC 2017
On 26/10/2017 03:30, Steven Madwin via openssl-users wrote:
>
> Starting with the definition of the subjectPublicKeyInfo from RFC
> 5280, Section 4.1 – Basic Certificate fields we see that the entry
> contains two items:
>
> SubjectPublicKeyInfo ::= SEQUENCE {
>
> algorithm AlgorithmIdentifier,
>
> subjectPublicKey BIT STRING }
>
> In RFC 4055 - Additional Algorithms and Identifiers for RSA
> Cryptography for use in the Internet X.509 Public Key Infrastructure
> Certificate and Certificate Revocation List (CRL) Profile, Section 3
> it states, “CAs that use the RSASSA-PSS algorithm for signing
> certificates SHOULD include RSASSA-PSS-params in the
> subjectPublicKeyInfo algorithm parameters in their own certificates.”
>
> This all leads to me wondering if anyone is aware if there is a plan
> afoot to add the option of including the RSA-PSS params as a third
> item in the Subject Public Key Info entry in a future version of OpenSSL?
>
In the X.509 standard, "AlgorithmIdentifier" is itself a structure (see
for example RFC5280 section 4.1.1.2). The RSASSA-PSS-params is the
second element of that structure. See RFC4055 section 6 for some (bad)
examples of AlgorithmIdentifier values, such as
rSASSA-PSS-SHA512-Identifier AlgorithmIdentifier ::= {
algorithm id-RSASSA-PSS,
parameters rSSASSA-PSS-SHA512-params }
rSSASSA-PSS-SHA512-params RSASSA-PSS-params ::= {
hashAlgorithm sha512Identifier,
maskGenAlgorithm mgf1SHA512Identifier,
saltLength 20,
trailerField 1 }
-- Note: The saltLength should be 64, not 20, for
-- rSSASSA-PSS-SHA512-param, see RFC4055 section 3.1
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
More information about the openssl-users
mailing list