Re: openssl cms resign with RSA-PSS corrupts the CMS(?)

Done[1] [1] https://github.com/openssl/openssl/issues/14257 On Fri, Feb 19, 2021 at 11:09 PM Dmitry Belyavsky wrote: > > Would you mind to raise the issue on GitHub with the reproduction? > > On Fri, 19 Feb 2021, 21:44 Alon Bar-Lev, wrote: >> >> Hi, >> >> I am trying to analyze openssl

Re: openssl cms resign with RSA-PSS corrupts the CMS(?)

Would you mind to raise the issue on GitHub with the reproduction? On Fri, 19 Feb 2021, 21:44 Alon Bar-Lev, wrote: > Hi, > > I am trying to analyze openssl sources, and it looks like the resign > is implemented in an naive path that does not handle all cases. > > In other words, the CMS resign

Re: openssl cms resign with RSA-PSS corrupts the CMS(?)

Hi, I am trying to analyze openssl sources, and it looks like the resign is implemented in an naive path that does not handle all cases. In other words, the CMS resign is not working in any case other than the default execution path. For example the -noattr is also not working. I updated my

Re: openssl cms resign with RSA-PSS corrupts the CMS(?)

Thanks. I managed to narrow this, it is not related to pss also if I pass pkcs1 I can reproduce. It has something to do with CMS_KEY_PARAM flag and add signer. On Fri, 19 Feb 2021 at 22:03 Thulasi Goriparthi < thulasi.goripar...@gmail.com> wrote: > With PSS, for the first signature, PSS alg ID

Re: openssl cms resign with RSA-PSS corrupts the CMS(?)

With PSS, for the first signature, PSS alg ID and params are encoded correctly, but not for the second signature(resign). 2542:d=7 hl=2 l= 9 prim: OBJECT:S/MIME Capabilities 2553:d=7 hl=2 l= 108 cons: SET 2555:d=8 hl=2 l= 106 cons: SEQUENCE 2557:d=9 hl=2 l= 11 cons:

Re: openssl cms resign with RSA-PSS corrupts the CMS(?)

Thanks! Was about to write... I tested both 1.1 and master branches and result is the same. On Fri, 19 Feb 2021 at 21:04 Thulasi Goriparthi < thulasi.goripar...@gmail.com> wrote: > I am able to reproduce this issue with 1.1.1j too. > > openssl version -a > > OpenSSL 1.1.1j 16 Feb 2021 > >

Re: openssl cms resign with RSA-PSS corrupts the CMS(?)

I am able to reproduce this issue with 1.1.1j too. openssl version -a OpenSSL 1.1.1j 16 Feb 2021 built on: Fri Feb 19 18:56:06 2021 UTC platform: darwin64-x86_64-cc options: bn(64,64) rc4(16x,int) des(int) idea(int) blowfish(ptr) compiler: cc -fPIC -arch x86_64 -g -Wall -DL_ENDIAN

Re: openssl cms resign with RSA-PSS corrupts the CMS(?)

On Fri, Feb 19, 2021 at 11:19:42PM +0530, Thulasi Goriparthi wrote: > I am able to reproduce this issue with 1.1.1i OpenSSL 1.1.1j has been released. Do you still see the problem with 1.1.1j? -- Viktor.

Re: openssl cms resign with RSA-PSS corrupts the CMS(?)

gt;> I am trying to resign a CMS using the openssl tool. >> >> When I use RSA-PKCS1 everything is working fine. >> >> When I use RSA-PSS it seems like the asn1 is produced corrupted, I do not >> see the signature in asn1dump. >> >> I prepared a demo[1] to help p

Re: openssl cms resign with RSA-PSS corrupts the CMS(?)

Hello OpenSSL masters, Can someone please try to reproduce the below issue? Thanks, Alon On Sat, 13 Feb 2021 at 23:23 Alon Bar-Lev wrote: > Hello, > > I am trying to resign a CMS using the openssl tool. > > When I use RSA-PKCS1 everything is working fine. > > When I use

Re: openssl cms resign with RSA-PSS corrupts the CMS(?)

On Sat, Feb 13, 2021 at 11:34 PM Quanah Gibson-Mount wrote: > --On Saturday, February 13, 2021 11:23 PM +0200 Alon Bar-Lev > wrote: > > > I prepared a demo[1] to help people reproduce the issue, tested with > > openssl-1.1.1i. > > Maybe ? >

Re: openssl cms resign with RSA-PSS corrupts the CMS(?)

--On Saturday, February 13, 2021 11:23 PM +0200 Alon Bar-Lev wrote: I prepared a demo[1] to help people reproduce the issue, tested with openssl-1.1.1i. Maybe ? --Quanah -- Quanah Gibson-Mount Product Architect Symas Corporation

openssl cms resign with RSA-PSS corrupts the CMS(?)

Hello, I am trying to resign a CMS using the openssl tool. When I use RSA-PKCS1 everything is working fine. When I use RSA-PSS it seems like the asn1 is produced corrupted, I do not see the signature in asn1dump. I prepared a demo[1] to help people reproduce the issue, tested with openssl

Re: Can RSA PSS-R be done simply with OpenSSL?

There is example code for doing RSA PSS with OpenSSL at https://www.idrix.fr/Root/Samples/openssl_pss_signature.c On Tue, May 12, 2020 at 11:59 AM John McCabe wrote: > Hi, > I've searched around, but found nothing that appears to help. > > I'm developing some software where I

Can RSA PSS-R be done simply with OpenSSL?

Hi, I've searched around, but found nothing that appears to help. I'm developing some software where I may be given a file that's been created (signed) by using the Crypto++ library's implementation of RSA PSS-R, with a SHA1 hash. As I understand it, the complete file contents then effectively

Re: RSA-PSS - Backwards compatability - EVP_PKEY_get0_RSA

rsa value. > > I'd like to know if there is any workaround to get the RSA key (RSA-PSS) . > I have to support openssl 1.0.1h and 1.1.1b. It's horrible, and it's a hack, but this would probably work: RSA *key = (RSA *)EVP_PKEY_get0(outkey) Matt

RSA-PSS - Backwards compatability - EVP_PKEY_get0_RSA

Hello, I'm assigning the RSA key as EVP_PKEY_RSA_PSS: RSA* key; EVP_PKEY_assign(*outKey, EVP_PKEY_RSA_PSS, key); As is known EVP_PKEY_get0_RSA was recently updated to also accepts EVP_PKEY_RSA_PSS and return the rsa value. I'd like to know if there is any workaround to get the RSA key (RSA-PSS

Re: RSA PSS RSAE Cert Generation

ts/gen_rsa_cert.sh > > Can some one help me to find out the command for generating rsa_pss_rsae cert > (Public key of rsaEncryption OID and Signature of RSA PSS OID) ? It's not entirely clear to me what you are asking for. In your script you generate a root certificate and a server

RSA PSS RSAE Cert Generation

rsa_pss_rsae cert (Public key of rsaEncryption OID and Signature of RSA PSS OID) ? Thanks in advance ! Raja Ashok

Re: Using RSA-PSS in OpenSSL 1.1.1b

On Tue, Mar 26, 2019 at 12:25:21AM +0100, Tobias Nießen wrote: > I am using OpenSSL 1.1.1b and I have two questions regarding RSA-PSS. I > am using the following command to generate the private key: > > $ openssl genpkey -algorithm RSA-PSS -pkeyopt rsa_keygen_bits:2048 \ &

Using RSA-PSS in OpenSSL 1.1.1b

Hello, I am using OpenSSL 1.1.1b and I have two questions regarding RSA-PSS. I am using the following command to generate the private key:     openssl genpkey -algorithm RSA-PSS -pkeyopt rsa_keygen_bits:2048 -pkeyopt rsa_keygen_pubexp:65537 -pkeyopt rsa_pss_keygen_md:sha256 -pkeyopt

[openssl-users] RSA-PSS Param File

Hi All, My ultimate goal is to generate an RSA-PSS key that will have the PSS parameters in the subjectPublicKey section of the TBSCertificate. In order to do that the first need is a paramfile. Here's the command being used to to generate the parameter file: OpenSSL> genpkey -genpa

Re: [openssl-users] RSA-PSS Certificate

, 2017 6:49 PM To: openssl-users@openssl.org Subject: Re: [openssl-users] RSA-PSS Certificate On 26/10/2017 03:30, Steven Madwin via openssl-users wrote: > > Starting with the definition of the subjectPublicKeyInfo from RFC > 5280, Section 4.1 – Basic Certificate fields we see that

Re: [openssl-users] RSA-PSS Certificate

SHOULD include RSASSA-PSS-params in the subjectPublicKeyInfo algorithm parameters in their own certificates.” This all leads to me wondering if anyone is aware if there is a plan afoot to add the option of including the RSA-PSS params as a third item in the Subject Public Key Info entry

[openssl-users] RSA-PSS Certificate

yInfo algorithm parameters in their own certificates." This all leads to me wondering if anyone is aware if there is a plan afoot to add the option of including the RSA-PSS params as a third item in the Subject Public Key Info entry in a future version of OpenSSL? Than

Re: [openssl-users] RSA PSS Sigalgs for 1.1.0

On Wed, Oct 11, 2017, Wallboy wrote: > > Browsers in the last year or so have added support for the the new TLS 1.3 > RSA-PSS Signature Algorithms (0x0804, 0x0805,...). > > I see them added in 1.1.1 dev and they even work without TLS 1.3 enabled in > the build. Is there any p

[openssl-users] RSA PSS Sigalgs for 1.1.0

Hi, Browsers in the last year or so have added support for the the new TLS 1.3 RSA-PSS Signature Algorithms (0x0804, 0x0805,...). I see them added in 1.1.1 dev and they even work without TLS 1.3 enabled in the build. Is there any plan to add support for them to 1.1.0? Thanks, Adam -- Sent

Re: [openssl-users] FIPS OpenSSL Test Harness and RSA PSS

We have moved to just using Salt 0 for now but would like to get some help with the Salt Len 62 issues. Does anyone have any special instructions for this? -- View this message in context: http://openssl.6102.n7.nabble.com/FIPS-OpenSSL-Test-Harness-and-RSA-PSS-tp60789p60798.html Sent from

[1.0.1f] RSA-PSS signing through EVP interface

Hello, I'm having a hard time figuring out how to use the EVP interface to get a RSA-PSS signature. I can successfully call RSA_padding_add_PKCS1_PSS, but when I try to call the various macros for EVP_PKEY_CTX_ctrl. The thing is, I'm not sure in which order (if any) these functions should

Re: [1.0.1f] RSA-PSS signing through EVP interface

an all-purpose public key structure used for all operations. Sorry for spamming the list! - Original Message - From: Kevin Le Gouguec kevin.le-goug...@insa-lyon.fr To: openssl-users@openssl.org Sent: Tuesday, March 4, 2014 12:16:21 PM Subject: [1.0.1f] RSA-PSS signing through EVP

Trying to generate RSA PSS signatures consistently

Hi folks - I've been struggling mightily with attempting to generate signatures for arbitrary payload in a correct and consistent fashion. I've managed to generate (some kind of) signature in C, and in Python (the two languages I have to exchange between), both are validated by the openssl dgst

Verify certificate with RSA-PSS

Hello! I have read earlier messages about support of RSA-PSS, but I'm confused. I'm trying to verify certificate that signed using RSA-PSS. OpenSSL version is 1.0.0a. == X509_STORE_CTX cert_ctx

Re: Verify certificate with RSA-PSS

On Wed, Nov 03, 2010, Alexei Soloview wrote: Hello! I have read earlier messages about support of RSA-PSS, but I'm confused. I'm trying to verify certificate that signed using RSA-PSS. OpenSSL version is 1.0.0a. PSS certificate signatures are not supported in OpenSSL 1.0.0a. Currently

RSA-PSS

Hi, I would like to add rsa-pss support to my application and I have a few questions: RSA-PSS support exists in the current stable code base correct? Is there anyway to use it from the command line? As far as I can tell to use RSA-PSS I compute a hash as I normally would and then call

Re: RSA-PSS

On Thu, Oct 28, 2010, Bram Cymet wrote: Hi, I would like to add rsa-pss support to my application and I have a few questions: RSA-PSS support exists in the current stable code base correct? OpenSSL 0.9.8 has padding support and a rather crude EVP support: primarily so PSS could

RSA-PSS

Hi, I have been able to use RSA-PSS to sign some data with OpenSSL. I am wondering if OpenSSL supports creating certs where the signature algorithm uses RSA-PSS. In other words, when viewing the properties of the cert you would get: Signature Algorithm: 1.2.840.113549.1.1.10 Thanks, -- Bram

Re: RSA-PSS

Hello Bram, Thus wrote Bram Cymet (bcy...@cbnco.com): I have been able to use RSA-PSS to sign some data with OpenSSL. I am wondering if OpenSSL supports creating certs where the signature algorithm uses RSA-PSS. In other words, when viewing the properties of the cert you would get

Re: RSA-PSS

On Wed, May 19, 2010, Martin Kaiser wrote: Hello Bram, Thus wrote Bram Cymet (bcy...@cbnco.com): I have been able to use RSA-PSS to sign some data with OpenSSL. I am wondering if OpenSSL supports creating certs where the signature algorithm uses RSA-PSS. In other words, when viewing