Hello, I am trying to interop rsa-pss-sha256 with stronswan as per RFC 7427.
Question 1 : Difference in OID bytes : The 67 bytes ASN.1 OID that should be sent as per the errata from 7427 ( https://www.rfc-editor.org/errata_search.php?rfc=7427) and the 67 bytes that I receive from strongswan are different. errata specifies : Length = 67 0000: 3046 0609 2a86 4886 f70d 0101 0a30 39a0 0010: 0f30 0d06 0960 8648 0165 0304 0201 0500 0020: a11c 301a 0609 2a86 4886 f70d 0101 0830 0030: 0d06 0960 8648 0165 0304 0201 0500 a203 | 0040: 0201 20 However, strongswan sends : 30 41 06 09 2a 86 48 86 f7 0d 01 01 0a 30 34 a0 0f 30 0d 06 09 60 86 48 01 65 03 04 02 01 05 00 a1 1c 30 1a 06 09 2a 86 48 86 f7 0d 01 01 08 30 0d 06 09 60 86 48 01 65 03 04 02 01 05 00 a2 03 02 01 20 Is there a reason for this behaviour/difference? 2nd byte and 15th byte are different. Although both decode to the same parameters when converted from ASN.1 to text. To enable rsa-pss-sha256, I have added the charon option in strongswan.conf : rsa_pss = yes and leftauth=rsa/pss-sha256 in ipsec.conf Question 2 : Calculation of RSA signature To calculate the 128 byte signature, the 67 bytes OID plus the 32 bytes hash (sha256) is considered right? Is there a way to see the hash that is generated? I have all logs enabled, but do not see the hash value. I can only see the 128 byte rss-signature that gets added to the 204 byte long auth payload Thank you. Regards, Sahana Prasad
