OpenSSL › OpenSSL - Dev

What version of PKCS#1 does openssl support

_‹ Previous Topic Next Topic _›

Classic

List

Threaded

3 messages Options

Prashant Kumar-9

What version of PKCS#1 does openssl support

Hello Group,

What version of PKCS#1 does openssl support. Is it PKCS#1 v2.1?

Thanks,

Prashant Kumar.

Discover Yahoo!
Use Yahoo! to plan a weekend, have fun online & more. Check it out!

Dr. Stephen Henson

Re: What version of PKCS#1 does openssl support

On Fri, Jun 03, 2005, Prashant Kumar wrote:

> Hello Group,
>
> What version of PKCS#1 does openssl support. Is it PKCS#1 v2.1?
>

PKCS#1 v2.1 defines a number of schemes and structures.

The PKCS#1 v1.5 compatible schemes in PKCS#1 v2.1 have been supported since the
SSLeay days.

OAEP has been added more recently but for SHA1 only.

PSS has been added in the last week but it isn't fully integrated into the
API: meaning the pad checking and generating functions need to be called
manually. Full integration will need an extension to the basic RSA API and/or
the EVP_MD sign/verify interface.

That covers all the main schemes of PKCS#1 v2.1 but with the qualifications
above.

Not all of the structures in PKCS#1 v2.1 are currently supported though: only
the PCKCS#1 v1.5 versions.

Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [hidden email]
Automated List Manager [hidden email]

Prashant Kumar-9

Re: What version of PKCS#1 does openssl support

Dr. Stephen/Jack,

Thank you so much for your answers.

Regards,

Prashant.

"Dr. Stephen Henson" <[hidden email]> wrote:

On Fri, Jun 03, 2005, Prashant Kumar wrote:

> Hello Group,
>
> What version of PKCS#1 does openssl support. Is it PKCS#1 v2.1?
>

PKCS#1 v2.1 defines a number of schemes and structures.

The PKCS#1 v1.5 compatible schemes in PKCS#1 v2.1 have been supported since the
SSLeay days.

OAEP has been added more recently but for SHA1 only.

PSS has been added in the last week but it isn't fully integrated into the
API: meaning the pad checking and generating functions need to be called
manually. Full integration will need an extension to the basic RSA API and/or
the EVP_MD sign/verify interface.

That covers all the main schemes of PKCS#1 v2.1 but with the qualifications
above.

Not all of the structures in PKCS#1 v2.1 are currently supported though: only
the PCKCS#1 v1.5 versions.

Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [hidden email]
Automated List Manager [hidden email]

__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com