Hi everyone! So I'm trying to send RSASSA-PSS signed and AES/OAEP encrypted (with the bouncy castle library) mails without much luck.
The problem is, when I was using old sha256 with rsa signing and PKCS1Padding (P#1.5) everything was fine, but when I switched to the new P#2.1 stardand I'm getting "Thunderbird cannot decrypt this message", "The sender encrypted this message to you using one of your digital certificates, however Thunderbird was not able to find this certificate and corresponding private key." error. Can anyone here point me to the list of Thunderbird supported algorithms please? I couldn't find it anywhere. Or maybe it's the problem with my self-signed certificate? Just in case, here is how I created it: openssl req -new -x509 -nodes -sha256 -days 365 -newkey rsa:2048 -out certificate.cer -keyout private.key -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:32 -passin pass:mypass -utf8 -config _openssl.cfg -extensions v3_req openssl pkcs12 -export -out certificate.pfx -name "testname" -inkey private.key -in certificate.cer where v3_req was: basicConstraints = CA:TRUE keyUsage = digitalSignature, keyEncipherment subjectAltName = "email:my@testmail" Thanks in advance! -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto