Those typedefs are for backwards compatibility with older versions of Crypto++. You can use the templates directly and substitute SHA256 for SHA, for example.
----- Original Message ----- From: "ol'fogey" <[EMAIL PROTECTED]> To: "Crypto++ Users" <[EMAIL PROTECTED]> Sent: Monday, September 10, 2007 12:54 PM Subject: Re: NIST FIPS Approved using Cryptopp > > Yes, Cryptopp supports the NIST approved hash codes of SHA-256 and > others SHA2 based hashes. When used alone, these are NIST/FIPS > approved. However, in its RSA digital signature functions, it uses > SHA1 which is no longer a NIST approved hash code method. Thus the > reason for my question. > > v 5.2.3 >>From rsa.h > <snip> > > // The three RSA signature schemes defined in PKCS #1 v2.0 > typedef RSASS<PKCS1v15, SHA>::Signer RSASSA_PKCS1v15_SHA_Signer; > typedef RSASS<PKCS1v15, SHA>::Verifier RSASSA_PKCS1v15_SHA_Verifier; > > typedef RSASS<PKCS1v15, MD2>::Signer RSASSA_PKCS1v15_MD2_Signer; > typedef RSASS<PKCS1v15, MD2>::Verifier RSASSA_PKCS1v15_MD2_Verifier; > > typedef RSASS<PKCS1v15, MD5>::Signer RSASSA_PKCS1v15_MD5_Signer; > typedef RSASS<PKCS1v15, MD5>::Verifier RSASSA_PKCS1v15_MD5_Verifier; > > </snip> > > If I modify cryptopp to use SHA2 hash code in its RSA signature then I > lose FIPS since I need to recompile the DLL. If I use the RSA > signatures as implemented in the DLL, I do not have FIPS compliance > either, if I understand the NIST web site correctly. I was just > looking for clarification on this from somebody who is familar with > NIST, FIPS and digital signatures. > > > On Sep 10, 2:06 pm, Robert Roessler <[EMAIL PROTECTED]> wrote: >> ol'fogey wrote: >> > ... >> >>Fromhttp://csrc.nist.gov/CryptoToolkit/tkdigsigs.htmlthere are only >> > 3 approved functions to generate a digital signature. The caveat >> > appears to be that the method chosen must use an approved hash code >> > function, as listed onhttp://csrc.nist.gov/CryptoToolkit/tkhash.html >> > When I cross reference the approved hash code functions with the hash >> > code functions used by Cryptopp, there is no match. So does this mean >> > that the digital signatures in Cryptopp are no not FIPS approved? If >> > so, could I make the signature myself by creating a hash code of the >> > file via an approved method like SHA-256 and then using RSA to encrypt >> > that hash code to create a signature? Can somebody shed some light on >> > this for me or point me in the right direction with some links? >> >> Crypto++ does indeed support the [approved] SHA-2 family of hashes, as >> shown on the first pages of both the site and reference manual... so >> what was the question? :) >> >> Robert Roessler >> [EMAIL PROTECTED]://www.rftp.com > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [EMAIL PROTECTED] More information about Crypto++ and this group is available at http://www.cryptopp.com. -~----------~----~----~----~------~----~------~--~---
