Heiko Nardmann wrote:
>
> Hi!
>
> I asked about the OID 1.3.36.3.3.1.2.1024.11.
> I now found out that the prefix 1.3.36.3.3.1.2
> describes the TeleTrusT signature algorithm
> rsaSignatureWithripemd160.
> The two following numbers give the maximal keysize (1024)
> in bits and the length of the exponent in bits (11).
>
> So how can this be integrated into OpenSSL?
> Just add the (few?) possibilities to objects.h and obj_dat.h?
>
> Although I am sure about this way because the value '11'
> for the maximum length of the exponent is nothing I can find
> in the TeleTrusT documentation.
> So I am going to discuss this with the creator of the
> certificate and come back if I know more about this value.
> The document I found talks about the values 2, 3, 5, 7, 9, 17
> possible for this oid part.
>
If there are only a few possible OIDs then this might work if you add
appropriate aliases as well to NID_ripemd160WithRSA.
Using OIDs like that is evil, what should really be done is to add
appropriate structure to the AlgorithmIdentifier instead.
Thats an odd exponent restriction, the usual public exponent is 65537
which is 17 bits.
Steve.
--
Dr Stephen N. Henson. UK based freelance Cryptographic Consultant.
For info see homepage at http://www.drh-consultancy.demon.co.uk/
Email: [EMAIL PROTECTED]
NOTE NEW (13/12/98) PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
