[strongSwan-dev] RSA-PSS-SHA256
Andreas Steffen
andreas.steffen at strongswan.org
Mon Feb 5 08:16:01 CET 2018
Hi Sahana,
the 2nd and 15th octets are ASN.1 length fields which are incorrect
if your algorithmIdentifier comprises 67 octets as well (see ASN.1
decoded attachments). Your length values are too large by 5 octets.
Regards
Andreas
On 05.02.2018 06:45, Sahana Prasad wrote:
> Hello,
>
> I am trying to interop rsa-pss-sha256 with stronswan as per RFC 7427.
>
> Question 1 : Difference in OID bytes :
>
> The 67 bytes ASN.1 OID that should be sent as per the errata from 7427
> (https://www.rfc-editor.org/errata_search.php?rfc=7427) and the 67
> bytes that I receive from strongswan are different.
>
> errata specifies :
>
> Length = 67 0000: 3046 0609 2a86 4886 f70d 0101 0a30 39a0 0010: 0f30
> 0d06 0960 8648 0165 0304 0201 0500 0020: a11c 301a 0609 2a86 4886 f70d
> 0101 0830 0030: 0d06 0960 8648 0165 0304 0201 0500 a203 | 0040: 0201 20
>
>
> However, strongswan sends :
>
> 30 41 06 09 2a 86 48 86 f7 0d 01 01 0a 30 34 a0
>
> 0f 30 0d 06 09 60 86 48 01 65 03 04 02 01 05 00
>
> a1 1c 30 1a 06 09 2a 86 48 86 f7 0d 01 01 08 30
>
> 0d 06 09 60 86 48 01 65 03 04 02 01 05 00 a2 03
>
> 02 01 20
>
>
> Is there a reason for this behaviour/difference?
>
> 2nd byte and 15th byte are different.
>
> Although both decode to the same parameters when converted from ASN.1 to
> text.
>
> To enable rsa-pss-sha256, I have added the charon option
> in strongswan.conf :
>
> rsa_pss = yes
>
>
> and leftauth=rsa/pss-sha256 in ipsec.conf
>
>
> Question 2 : Calculation of RSA signature
>
>
> To calculate the 128 byte signature, the 67 bytes OID plus the 32 bytes
> hash (sha256) is considered right?
>
>
> Is there a way to see the hash that is generated? I have all logs
> enabled, but do not see the hash value. I can only see the 128
> byte rss-signature that gets added to the 204 byte long auth payload
>
>
> Thank you.
>
>
> Regards,
>
> Sahana Prasad
>
--
======================================================================
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Networked Solutions
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[INS-HSR]==
-------------- next part --------------
strongSwan algorithmIdentifier
30 41 # len = 65
06 09 # len = 9
2a 86 48 86 f7 0d 01 01 0a
30 34 # len = 52
a0 0f # len = 15
30 0d # len = 13
06 09 # len = 9
60 86 48 01 65 03 04 02 01
05 00 # len = 0
a1 1c # len = 28
30 1a # len = 26
06 09 # len = 9
2a 86 48 86 f7 0d 01 01 08
30 0d # len = 13
06 09 # len = 9
60 86 48 01 65 03 04 02 01
05 00 # len = 0
a2 03 # len = 3
02 01 # len = 1
20
--------------------------------------------
your algorithmIdentifier
30 46 # len = 70
06 09 # len = 9
2a 86 48 86 f7 0d 01 01 0a
30 39 # len = 57
a0 0f # len = 15
30 0d # len = 13
06 09 # len = 9
60 86 48 01 65 03 04 02 01
05 00 # len = 0
a1 1c # len = 28
30 1a # len = 26
06 09 # len = 9
2a 86 48 86 f7 0d 01 01 08
30 0d # len = 13
06 09 # len = 9
60 86 48 01 65 03 04 02 01
05 00 # len = 0
a2 03 # len = 3
02 01 # len = 1
20
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4150 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20180205/9514f21b/attachment.bin>
More information about the Dev
mailing list