Re: rsa/oaep from Joseph Reagle on 2002-05-29 (xml-encryption@w3.org from May 2002)

From: Joseph Reagle <reagle@w3.org>
Date: Wed, 29 May 2002 14:36:16 -0400
To: Jiandong Guo <jguo@phaos.com>
Cc: merlin <merlin@baltimore.ie>, xml-encryption@w3.org
Message-Id: <20020529183616.D279E85A94@aeon.w3.org>

On Wednesday 29 May 2002 01:12 pm, Jiandong Guo wrote:
> The text for RSA-OAEP is still not clear. I suggest the following:
> ----------------------
> The RSAES-OAEP-ENCRYPT algorithm , as specified in RFC 2437 [ PKCS1],
> takes three parameters: a MANDATORY message digest function, a mandatory
> mask generation function and an OPTIONAL encoding octet string
> OAEPparams. The message digest function is indicated by the Algorithm
> attribute of a child ds:DigestMethod element, and  the mask generation
> function is always MGF1WithSHA1, where both  are used in the
> EME-OAEP-ENCODE as part of RSAES-OAEP-ENCRYPT. The encoding octet string
> is the base64 decoding of the content of an optional OAEPparams child
> element . If no OAEPparams child is provided, a null string is used.

I'm generally happy with [1] (includes some tweaks) but is there a 
reference for MGF1WithSHA!?

[1] The RSAES-OAEP-ENCRYPT algorithm, as specified in RFC 2437 [PKCS1], 
takes three parameters. The two user specified parameters are a MANDATORY 
message digest function and an OPTIONAL encoding octet string OAEPparams. 
The message digest function is indicated by the Algorithm attribute of a 
child ds:DigestMethod element and the mask generation function, the third 
paramter, is always MGF1WithSHA1. Both the message digest and mask 
generation functions are used in the EME-OAEP-ENCODE operation as part of 
RSAES-OAEP-ENCRYPT. The encoding octet string is the base64 decoding of the 
content of an optional OAEPparams child element . If no OAEPparams child is 
provided, a null string is used.

Received on Wednesday, 29 May 2002 14:37:29 UTC