What version of PKCS#1 does openssl support

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

What version of PKCS#1 does openssl support

Prashant Kumar-9
Hello Group,
 
What version of PKCS#1 does openssl support. Is it PKCS#1 v2.1?
 
Thanks,
Prashant Kumar.


Discover Yahoo!
Use Yahoo! to plan a weekend, have fun online & more. Check it out!
Reply | Threaded
Open this post in threaded view
|

Re: What version of PKCS#1 does openssl support

Dr. Stephen Henson
On Fri, Jun 03, 2005, Prashant Kumar wrote:

> Hello Group,
>  
> What version of PKCS#1 does openssl support. Is it PKCS#1 v2.1?
>  

PKCS#1 v2.1 defines a number of schemes and structures.

The PKCS#1 v1.5 compatible schemes in PKCS#1 v2.1 have been supported since the
SSLeay days.

OAEP has been added more recently but for SHA1 only.

PSS has been added in the last week but it isn't fully integrated into the
API: meaning the pad checking and generating functions need to be called
manually. Full integration will need an extension to the basic RSA API and/or
the EVP_MD sign/verify interface.

That covers all the main schemes of PKCS#1 v2.1 but with the qualifications
above.

Not all of the structures in PKCS#1 v2.1 are currently supported though: only
the PCKCS#1 v1.5 versions.

Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: What version of PKCS#1 does openssl support

Prashant Kumar-9
Dr. Stephen/Jack,
 
Thank you so much for your answers.
 
Regards,
Prashant.

"Dr. Stephen Henson" <[hidden email]> wrote:
On Fri, Jun 03, 2005, Prashant Kumar wrote:

> Hello Group,
>
> What version of PKCS#1 does openssl support. Is it PKCS#1 v2.1?
>

PKCS#1 v2.1 defines a number of schemes and structures.

The PKCS#1 v1.5 compatible schemes in PKCS#1 v2.1 have been supported since the
SSLeay days.

OAEP has been added more recently but for SHA1 only.

PSS has been added in the last week but it isn't fully integrated into the
API: meaning the pad checking and generating functions need to be called
manually. Full integration will need an extension to the basic RSA API and/or
the EVP_MD sign/verify interface.

That covers all the main schemes of PKCS#1 v2.1 but with the qualifications
above.

Not all of the structures in PKCS#1 v2.1 are currently supported though: only
the PCKCS#1 v1.5 versions.

Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [hidden email]
Automated List Manager [hidden email]

__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com