Hi everyone!
So I'm trying to send RSASSA-PSS signed and AES/OAEP encrypted (with the bouncy
castle library) mails without much luck.
The problem is, when I was using old sha256 with rsa signing and PKCS1Padding
(P#1.5) everything was fine, but when I switched to the new P#2.1 stardand I'm
getting "Thunderbird cannot decrypt this message", "The sender encrypted this
message to you using one of your digital certificates, however Thunderbird was
not able to find this certificate and corresponding private key." error.
Can anyone here point me to the list of Thunderbird supported algorithms
please? I couldn't find it anywhere.
Or maybe it's the problem with my self-signed certificate?
Just in case, here is how I created it:
openssl req -new -x509 -nodes -sha256 -days 365 -newkey rsa:2048 -out
certificate.cer -keyout private.key -sigopt rsa_padding_mode:pss -sigopt
rsa_pss_saltlen:32 -passin pass:mypass -utf8 -config _openssl.cfg -extensions
v3_req
openssl pkcs12 -export -out certificate.pfx -name "testname" -inkey
private.key -in certificate.cer
where v3_req was:
basicConstraints = CA:TRUE
keyUsage = digitalSignature, keyEncipherment
subjectAltName = "email:my@testmail"
Thanks in advance!
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
