openssl/test/smime-certs/smrsa1024.pem

35 lines
2.0 KiB
Plaintext
Raw Normal View History

signature: Clamp PSS salt len to MD len FIPS 186-4 section 5 "The RSA Digital Signature Algorithm", subsection 5.5 "PKCS #1" says: "For RSASSA-PSS […] the length (in bytes) of the salt (sLen) shall satisfy 0 <= sLen <= hLen, where hLen is the length of the hash function output block (in bytes)." Introduce a new option RSA_PSS_SALTLEN_AUTO_DIGEST_MAX and make it the default. The new value will behave like RSA_PSS_SALTLEN_AUTO, but will not use more than the digest length when signing, so that FIPS 186-4 is not violated. This value has two advantages when compared with RSA_PSS_SALTLEN_DIGEST: (1) It will continue to do auto-detection when verifying signatures for maximum compatibility, where RSA_PSS_SALTLEN_DIGEST would fail for other digest sizes. (2) It will work for combinations where the maximum salt length is smaller than the digest size, which typically happens with large digest sizes (e.g., SHA-512) and small RSA keys. J.-S. Coron shows in "Optimal Security Proofs for PSS and Other Signature Schemes. Advances in Cryptology – Eurocrypt 2002, volume 2332 of Lecture Notes in Computer Science, pp. 272 – 287. Springer Verlag, 2002." that longer salts than the output size of modern hash functions do not increase security: "For example,for an application in which at most one billion signatures will be generated, k0 = 30 bits of random salt are actually sufficient to guarantee the same level of security as RSA, and taking a larger salt does not increase the security level." Signed-off-by: Clemens Lang <cllang@redhat.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19724)
2022-11-18 19:35:33 +08:00
-----BEGIN PRIVATE KEY-----
MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBAKuDWQObVMeON25c
MY1YprdkKdZhyJ3zisFHyJ1jmXQ13aMqaBlNYzx9ECAGQTSw2De6tsJF0jpX3IHO
X7OcZyhg8XkBdFJvJ2RsYwyghcWLvoAznCt/Pqi3m2HRgc+6FCHmh5wjK7McZ9sH
uGGbnh+5GJzuFmcitcwlVM8d1ctZAgMBAAECgYBL04ARFiU/LGLZSa0mnmDmh0Pv
4b8+BaP8m23YF2aKeB4Kuv7W4N3Uqj3sypcdYmnVCZku/otY++sjAEhTMfxwpexf
JtKKfdZiE1QYQRSZROVIayTePPKsROzb4cSeB42MbNawpc5EgVazJ1dNHAjp/nQ2
r6G7QusGW/Xiu26qWQJBAN/Yd4easmM/AdE9YpnfIWMH83SP/qyyOeaTg9fmLSlo
gVSvoUvZqgmsA7uRPYcmDK0mFHvUTftEFuMypo5/WocCQQDEJnGkGq2h1q35uIyg
8lvD7i8oJLU6BaCrhdqzSmKu0iZ1pgdG8K7dukydb3/wlDlc7owEaVZy97IxSnE2
I8MfAkBeWffICMS4YI57i8xL32lLPMa5kxhd4qHVNsiT8EmI8qvQ7lamihDKEt9f
6FBu7vLY6PwpVcuo5YJgMbFSzwtxAkBlcAws9a79luv5zLrNMQjL1o2EkRc3nlls
2pgzSDCof/1rsiTpRubnu8SLVnIvlDfmG2dFkMQoSHhajUjm2q+5AkBDqdYuYcC5
A+DhYRjOvFtJLvH24hpozePDEbhaZ/n9/KifGay/DM4orsP+i8MAK0tDItOcBx8q
+trNS22a/OeZ
-----END PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIIC9DCCAdygAwIBAgIUM31BmU3N68LYuXEBXyetpxj6VaAwDQYJKoZIhvcNAQEL
BQAwRDELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxHTAbBgNV
BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MCAXDTIyMTIwNTEyNTUzOFoYDzIxMjIx
MTExMTI1NTM4WjBHMQswCQYDVQQGEwJVSzEWMBQGA1UECgwNT3BlblNTTCBHcm91
cDEgMB4GA1UEAwwXVGVzdCBTL01JTUUgRUUgUlNBIDEwMjQwgZ8wDQYJKoZIhvcN
AQEBBQADgY0AMIGJAoGBAKuDWQObVMeON25cMY1YprdkKdZhyJ3zisFHyJ1jmXQ1
3aMqaBlNYzx9ECAGQTSw2De6tsJF0jpX3IHOX7OcZyhg8XkBdFJvJ2RsYwyghcWL
voAznCt/Pqi3m2HRgc+6FCHmh5wjK7McZ9sHuGGbnh+5GJzuFmcitcwlVM8d1ctZ
AgMBAAGjXTBbMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgXgMB0GA1UdDgQWBBS6
gOltltAF44S/iXtMTCNb52A8GTAfBgNVHSMEGDAWgBQVwRMha+JVX6dqHVcg1s/z
qXNkWTANBgkqhkiG9w0BAQsFAAOCAQEAcpJNhv+YHXKqq0gHb64a7s96Szl2sbFv
VNuFDq2jAfxsIfhBbSfmA1+ivYsJ9E5nYxZapyW6oWuET7oCoybGlZTJoEx4YmHm
3f9tuBJeFsbKvP4OJJAzRy3OUvrEjFrngiMPb/IoSiZOG6BC1LWPydLvDvBs614G
2RbWeFQRalgtaBB4y1X2ohIOZAbZaacCbCAs827t3l1HoEmVJw9NSwTml0P98xyu
icfUFiyrqHHt8JmbH+GuZngJfwmIJ0YtfwY6y0ABv7MXsRkpWeqtdSc1Zff+LrTl
289mzFFOn/8wOb7ojhW4MQiTznIudj7ArVKHATHG6v/G1b1zdyIRow==
-----END CERTIFICATE-----