On Thu, 2010-09-23 at 15:50 +0200, Andre Zepezauer wrote: > On Thu, 2010-09-23 at 14:19 +0200, Umberto Rustichelli aka Ubi wrote: > > > > Dear all, I have been digging a bit into the OpenSC and OpenSSL code > > because I have a doubt. > > > > Using keys on smart cards via the OpenSC engine, I am almost sure that > > by producing a PKCS7 the signature is of type "sha1WithRSAEncryption" > > (at least without any special options), that implies using specific > > kinds of padding for the digest before the RSA encryption, for instance. > > > > The signature in the PKCS7, though, is marked as an object of type > > "rsaEncryption" (can tell with the asn1parse command). > > > > Is it correct to say that they are are the same, or, better, that > > > > 1) "rsaEncryption" includes the "sha1WithRSAEncryption" type > > > > 2) "sha1WithRSAEncryption" is what the PKCS7 API does by default? > > (I know, this is rather an OpenSSL-related question) > > You can find the corresponding definitions in [1] section 11. My > conclusion is, that both algorithms apply a pkcs1 padding before > exponentiation. And "sha1WithRSAEncryption" hashes input data before > padding but "rsaEncryption" doesn't do that. > > "Signature algorithms are always used in conjunction with a one-way hash > function." [2] > > Therefore it is an error when the algorithm identifier carried with a > signature is "rsaEncryption". Right?
Ooops. Excerpt [2] only applies to X509 certificates and crls. What is required for pkcs7 signatures? > [1] http://tools.ietf.org/html/rfc2313 > [2] http://tools.ietf.org/html/rfc3279#section-2.2 > > > _______________________________________________ > opensc-devel mailing list > opensc-devel@lists.opensc-project.org > http://www.opensc-project.org/mailman/listinfo/opensc-devel _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
