Hello,

I am trying to interop rsa-pss-sha256 with stronswan as per RFC 7427.

Question 1 : Difference in OID bytes :

The 67 bytes ASN.1 OID that should be sent as per the errata from 7427 (
https://www.rfc-editor.org/errata_search.php?rfc=7427)  and the 67 bytes
that I receive from strongswan are different.

errata specifies :

Length = 67
   0000: 3046 0609 2a86 4886 f70d 0101 0a30 39a0
   0010: 0f30 0d06 0960 8648 0165 0304 0201 0500
   0020: a11c 301a 0609 2a86 4886 f70d 0101 0830
   0030: 0d06 0960 8648 0165 0304 0201 0500 a203
|  0040: 0201 20


However, strongswan sends :

30 41 06 09  2a 86 48 86  f7 0d 01 01  0a 30 34 a0

0f 30 0d 06  09 60 86 48  01 65 03 04  02 01 05 00

a1 1c 30 1a  06 09 2a 86  48 86 f7 0d  01 01 08 30

0d 06 09 60  86 48 01 65  03 04 02 01  05 00 a2 03

02 01 20

Is there a reason for this behaviour/difference?

2nd byte and 15th byte are different.

Although both decode to the same parameters when converted from ASN.1 to
text.

To enable rsa-pss-sha256, I have added the charon option in strongswan.conf
:

rsa_pss = yes


and leftauth=rsa/pss-sha256 in ipsec.conf


Question 2 : Calculation of RSA signature


To calculate the 128 byte signature, the 67 bytes OID plus the 32 bytes
hash (sha256)  is considered right?


Is there a way to see the hash that is generated? I have all logs enabled,
but do not see the hash value. I can only see the 128 byte rss-signature
that gets added to the 204 byte long auth payload


Thank you.


Regards,

Sahana Prasad

Reply via email to