Weijun Max Wang wrote:
According to RFC 3370 (ftp://ftp.rfc-editor.org/in-notes/rfc3370.txt)
2.1 SHA-1:
The AlgorithmIdentifier parameters field is OPTIONAL. If present,
the parameters field MUST contain a NULL. Implementations MUST
accept SHA-1 AlgorithmIdentifiers with absent parameters.
Implementations MUST accept SHA-1 AlgorithmIdentifiers with NULL
parameters. Implementations SHOULD generate SHA-1
AlgorithmIdentifiers with absent parameters.
But it seems openssl is still using the with-NULL mode
(crypto/rsa/rsa_sign.c). Is there any particular reason for this?
pkcs#1
Nils
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [EMAIL PROTECTED]
