Ryan Sleevi <[email protected]> wrote:
> - It assumes all the parameters can be expressed via a SECOidTag. That
> is, it's missing hash alg, mgf alg, salt length (e.g. the
> RSASSA-PSS-params construction)
I believe there are only a small number of (hashAlgorithm, mgf alg,
salt length) combinations that need to be supported, namely these two:
(sha256, mgf1-SHA256, 32 bytes)
(sha384, mgf1-SHA384, 48 bytes)
I think that in NSS, these combinations can be identified internally
with some new OID, perhaps in the Netscape OID tree.
Note that the PSS RFC says that SHA-1 is the default for everything.
By not supporting SHA-1 at all, we avoid having to deal with any
implicit encodings of the various parameters. The PSS RFC also says
that SHA-1 is mandatory, but that silliness is just an invitation for
somebody to get their name as an author of a new, reasonable, RFC.
Thoughts?
Cheers,
Brian
--
dev-tech-crypto mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-tech-crypto
