On Thu, 2010-09-23 at 14:19 +0200, Umberto Rustichelli aka Ubi wrote: > > Dear all, I have been digging a bit into the OpenSC and OpenSSL code > because I have a doubt. > > Using keys on smart cards via the OpenSC engine, I am almost sure that > by producing a PKCS7 the signature is of type "sha1WithRSAEncryption" > (at least without any special options), that implies using specific > kinds of padding for the digest before the RSA encryption, for instance. > > The signature in the PKCS7, though, is marked as an object of type > "rsaEncryption" (can tell with the asn1parse command). > > Is it correct to say that they are are the same, or, better, that > > 1) "rsaEncryption" includes the "sha1WithRSAEncryption" type > > 2) "sha1WithRSAEncryption" is what the PKCS7 API does by default? > (I know, this is rather an OpenSSL-related question)
You can find the corresponding definitions in [1] section 11. My conclusion is, that both algorithms apply a pkcs1 padding before exponentiation. And "sha1WithRSAEncryption" hashes input data before padding but "rsaEncryption" doesn't do that. "Signature algorithms are always used in conjunction with a one-way hash function." [2] Therefore it is an error when the algorithm identifier carried with a signature is "rsaEncryption". Right? [1] http://tools.ietf.org/html/rfc2313 [2] http://tools.ietf.org/html/rfc3279#section-2.2 _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
