> -----Original Message----- > From: openssl-users [mailto:openssl-users-bounces@xxxxxxxxxxx] On Behalf > Of Ken Goldman > Sent: donderdag 9 augustus 2018 14:56 > To: openssl-users@xxxxxxxxxxx > Subject: Re: rsaOAEP OID in X509 certificate > > On 8/9/2018 4:14 AM, Stephane van Hardeveld wrote: > > Hi Ken, > > > > I am trying to do two thing: > > 1: Generate X 509 certificates, with RSA-PSS signing, with different Hashing > > and Masking (SHA1 and SHA256), including an RSA Public key as content. > This > > RSA 'content key' should specify it will be used for RSA-OAEP decryption. > > 2: Verify X 509 certificates, produced by other tools, which have the same > > format > > Do you really have to use a non-standard OID for the public key? > > If you do, you will be creating a certificate that cannot be parsed by > openssl, Java's crypto library, and perhaps others. Your users will > have to write custom code to validate the certificate and to extract the > public key. > > In addition, you'll need custom CA code to create the certificates. > > I worry that custom crypto code can open attack surfaces compared > to using well tested standards. Parsing DER securely is known to be > hard. > > Hi Ken, I will discuss this, but as far as I understand, these OID are allowed by the X 509 standard: 4.1.2.7. Subject Public Key Info This field is used to carry the public key and identify the algorithm with which the key is used (e.g., RSA, DSA, or Diffie-Hellman). The algorithm is identified using the AlgorithmIdentifier structure specified in Section 4.1.1.2. The object identifiers for the supported algorithms and the methods for encoding the public key materials (public key and parameters) are specified in [RFC3279], [RFC4055], and [RFC4491]. And in rfc4055, 4.1 Openssl is capable of parsing it, only retrieving it gives an error on unknown algorithm (which is correct, since only rsaEncryption OID is recognized). Java I did not try yet, but the online ASN.1 parsers were also capable of decoding it, see enclosed png. Regards, Stephane
Attachment:
certificate_asndecoded.png
Description: PNG image
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
