Dr Stephen Henson wrote:
[...]
> If there are only a few possible OIDs then this might work if you add
> appropriate aliases as well to NID_ripemd160WithRSA.
>
> Using OIDs like that is evil, what should really be done is to add
> appropriate structure to the AlgorithmIdentifier instead.
>
> Thats an odd exponent restriction, the usual public exponent is 65537
> which is 17 bits.
>
As you can see from my previous mail it was my fault: taking the 11 as
decimal instead of hex.
Now I have a patched objects.h but I seem to have to go deeper.
These algorithms are able to do RSA, aren't they?
Do I have to change crypto/evp/p_lib.c, too?
There is this function EVP_PKEY_type() which returns whether such
a certificates algorithm can do RSA, DSA or DH.
Is it ok to add the new types to the RSA case?
I assume yes so I have changed the file and attached the patch.
Just another question (programming aspect):
why are these types always C-int and not an enum?
Using enums instead of int gives the possibility to let the
compiler do some typechecking.
--
Ciao ... Heiko Nardmann (Dipl.-Ing.)
Software Development, secunet (www.secunet.de)
Security Networks GmbH, Weidenauer Str. 223-225, D-57076 Siegen
Tel. : +49 271 48950-13 Fax : +49 271 48950-50
--- p_lib.c.orig Thu Sep 30 00:00:00 1999
+++ p_lib.c Thu Sep 30 00:00:01 1999
@@ -230,6 +230,37 @@
{
case EVP_PKEY_RSA:
case EVP_PKEY_RSA2:
+ case NID_ripemd160WithRSA:
+ case NID_ripemd160WithRSA_l512_l2:
+ case NID_ripemd160WithRSA_l640_l2:
+ case NID_ripemd160WithRSA_l768_l2:
+ case NID_ripemd160WithRSA_l896_l2:
+ case NID_ripemd160WithRSA_l1024_l2:
+ case NID_ripemd160WithRSA_l512_l3:
+ case NID_ripemd160WithRSA_l640_l3:
+ case NID_ripemd160WithRSA_l768_l3:
+ case NID_ripemd160WithRSA_l896_l3:
+ case NID_ripemd160WithRSA_l1024_l3:
+ case NID_ripemd160WithRSA_l512_l5:
+ case NID_ripemd160WithRSA_l640_l5:
+ case NID_ripemd160WithRSA_l768_l5:
+ case NID_ripemd160WithRSA_l896_l5:
+ case NID_ripemd160WithRSA_l1024_l5:
+ case NID_ripemd160WithRSA_l512_l9:
+ case NID_ripemd160WithRSA_l640_l9:
+ case NID_ripemd160WithRSA_l768_l9:
+ case NID_ripemd160WithRSA_l896_l9:
+ case NID_ripemd160WithRSA_l1024_l9:
+ case NID_ripemd160WithRSA_l512_l11:
+ case NID_ripemd160WithRSA_l640_l11:
+ case NID_ripemd160WithRSA_l768_l11:
+ case NID_ripemd160WithRSA_l896_l11:
+ case NID_ripemd160WithRSA_l1024_l11:
+ case NID_ripemd160WithRSA_l512_l17:
+ case NID_ripemd160WithRSA_l640_l17:
+ case NID_ripemd160WithRSA_l768_l17:
+ case NID_ripemd160WithRSA_l896_l17:
+ case NID_ripemd160WithRSA_l1024_l17:
return(EVP_PKEY_RSA);
case EVP_PKEY_DSA:
case EVP_PKEY_DSA1:
