Collaborate Disseminate
I’m totally lost with is standard RSASSA-PKCS1-v1_5.
I have commands that signs document and checks signature below.
openssl dgst -sha256 -sign private-key.pem -out aaa.txt.sha256 aaa.txt
openssl dgst -sha256 -verify public-key.pem -signa… Continue reading Sign according RSASSA-PKCS1-v1_5 standard
Reading RFC3447, Section 8.2.1, primitive RSASSA-PKCS1-V1_5-SIGN requires an encoding into ASN.1/DER. Why not just sign the raw hash bytes rather then wrapping them as ASN1?
Continue reading Why does PCKS1-v1.5 signing require DER wrapping?
A few months ago a colleague who left generated a CA certificate from GoDaddy. I am not sure the exact steps he took but currently we would like to install the CA certificate on a server to fully comply with EFRIS regulations which mandate… Continue reading Obtaining .p12 certificate from PEM file and CRT file provided by GoDaddy
RFC4055 describes RSAES-OAEP keys and RSASSA-PSS keys.
OpenSSL’s genpkey utility supports let’s you generate RSASSA-PSS keys (you have to set the aglorithm parameter to RSA-PSS) but if it supports RSAES-OAEP keys the documentation certainl… Continue reading how to generate RSAES-OAEP keys?
I read about SSL (version 3.0) and that the PreMasterSecret (pms) is encoded with PKCS#1-1.5 before the client encrypts it with the given public RSA key and sends the encryption to the server.
So the pms looks like this:
I have a server CA cert, device cert and the device private key. I am using mbedtls and want to be able to create a mutual authentication connection between the device and the server. I also have to RSA PKCS and am getting … Continue reading mbedtls mutual authentication [on hold]
In RFC 4055 Additional Algorithms the application of PKCS#1 2.1 RSAES-OAEP (RFC 3446) for key transport is described.
The (key transport) parameters of RSAES-OAEP in this RFC define a hash function, a parameterized mask gene… Continue reading Is L and P the same for OAEP in CMS
Im currently writing a authentication app based on RSA, for Android that should be impossible to copy, even if you have physical access to a phone without lockscreen/PIN.
However, the HSM inside the phone, that ensures the p… Continue reading Does PKCS 1.5 padding make it possible for an attacker to extract the private key or not? Is PKCS 1.5 safe to use in authentication context?
Im currently writing a authentication app based on RSA, for Android that should be impossible to copy, even if you have physical access to a phone without lockscreen/PIN.
However, the HSM inside the phone, that ensures the p… Continue reading Does PKCS 1.5 padding make it possible for an attacker to extract the private key or not? Is PKCS 1.5 safe to use in authentication context?
PKCS#1 defines SHA1 as a default hash function and all implementations support this hash function and the mask generation functions based on SHA1. In some implementations you can change the hash function used for OAEP Padding… Continue reading Should SHA-1 be used with RSA-OAEP?