[openssl-users] RSA-PSS Certificate

Steven Madwin smadwin at adobe.com
Thu Oct 26 05:32:08 UTC 2017 

Thanks. Now all I need to do is figure out what parameter to pass the req or
ca command to get the get the subject key info to accept the new algorithm.

-----Original Message-----
From: openssl-users [mailto:openssl-users-bounces at openssl.org] On Behalf Of
Jakob Bohm
Sent: Wednesday, October 25, 2017 6:49 PM
To: openssl-users at openssl.org
Subject: Re: [openssl-users] RSA-PSS Certificate

On 26/10/2017 03:30, Steven Madwin via openssl-users wrote:
>
> Starting with the definition of the subjectPublicKeyInfo from RFC 
> 5280, Section 4.1 – Basic Certificate fields we see that the entry 
> contains two items:
>
> SubjectPublicKeyInfo ::= SEQUENCE {
>
> algorithm AlgorithmIdentifier,
>
> subjectPublicKey BIT STRING }
>
> In RFC 4055 - Additional Algorithms and Identifiers for RSA 
> Cryptography for use in the Internet X.509 Public Key Infrastructure 
> Certificate and Certificate Revocation List (CRL) Profile, Section 3 
> it states, “CAs that use the RSASSA-PSS algorithm for signing 
> certificates SHOULD include RSASSA-PSS-params in the 
> subjectPublicKeyInfo algorithm parameters in their own certificates.”
>
> This all leads to me wondering if anyone is aware if there is a plan 
> afoot to add the option of including the RSA-PSS params as a third 
> item in the Subject Public Key Info entry in a future version of OpenSSL?
>

In the X.509 standard, "AlgorithmIdentifier" is itself a structure (see for
example RFC5280 section 4.1.1.2).  The RSASSA-PSS-params is the second
element of that structure.  See RFC4055 section 6 for some (bad) examples of
AlgorithmIdentifier values, such as

rSASSA-PSS-SHA512-Identifier  AlgorithmIdentifier  ::=  {
                               algorithm id-RSASSA-PSS,
                               parameters rSSASSA-PSS-SHA512-params }

rSSASSA-PSS-SHA512-params RSASSA-PSS-params ::= {
                               hashAlgorithm sha512Identifier,
                               maskGenAlgorithm mgf1SHA512Identifier,
                               saltLength 20,
                               trailerField 1  }


-- Note: The saltLength should be 64, not 20, for
--    rSSASSA-PSS-SHA512-param, see RFC4055 section 3.1


Enjoy

Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S.
https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.wisemo.
com&data=02%7C01%7C%7C1c955d8fda014c805e2e08d51c13ca2d%7Cfa7b1b5a7b34438794a
ed2c178decee1%7C0%7C0%7C636445793698999630&sdata=izbl%2F1JP%2BpWj616mFxiNAaO
frEFAXrD6JIXjFw7L%2FdY%3D&reserved=0
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10 This public
discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

--
openssl-users mailing list
To unsubscribe:
https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmta.openssl
.org%2Fmailman%2Flistinfo%2Fopenssl-users&data=02%7C01%7C%7C1c955d8fda014c80
5e2e08d51c13ca2d%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C63644579369899
9630&sdata=rOOgAhtfdLrxpnua8Ncipz4poNQ6O8X%2FFQFID2API5c%3D&reserved=0
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5451 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20171026/1220efbc/attachment.bin>

More information about the openssl-users mailing list