[openssl-users] rsaOAEP OID in X509 certificate

Ken Goldman kgoldman at us.ibm.com
Thu Aug 9 12:56:01 UTC 2018

On 8/9/2018 4:14 AM, Stephane van Hardeveld wrote:
> Hi Ken,
> I am trying to do two thing:
> 1: Generate X 509 certificates, with RSA-PSS signing, with different Hashing
> and Masking (SHA1 and SHA256), including an RSA Public key as content. This
> RSA 'content key' should specify it will be used for RSA-OAEP decryption.
> 2: Verify X 509 certificates, produced by other tools, which have the same
> format

Do you really have to use a non-standard OID for the public key?

If you do, you will be creating a certificate that cannot be parsed by
openssl, Java's crypto library, and perhaps others.  Your users will
have to write custom code to validate the certificate and to extract the 
public key.

In addition, you'll need custom CA code to create the certificates.

I worry that custom crypto code can open attack surfaces compared
to using well tested standards.  Parsing DER securely is known to be

More information about the openssl-users mailing list