W3C home > Mailing lists > Public > xml-encryption@w3.org > May 2002

Re: rsa/oaep

From: Tom Gindin <tgindin@us.ibm.com>
Date: Thu, 30 May 2002 11:47:33 -0400
To: Jiandong Guo <jguo@phaos.com>
Cc: reagle@w3.org, merlin <merlin@baltimore.ie>, xml-encryption@w3.org
Message-ID: <OF9D83F637.D35E1027-ON85256BC9.00567530@pok.ibm.com>

      The reference for MGF1 is RFC 2437 section 10.2.1.  The specification
is fixing it, over my previous objections, with the "Hash" option set to
SHA-1, which corresponds to the OID mgf1SHA1Identifier as specified in RFC
2437 section 11.2.1.

            Tom Gindin

Jiandong Guo <jguo@phaos.com>@w3.org on 05/29/2002 02:59:29 PM

Sent by:    xml-encryption-request@w3.org

To:    reagle@w3.org
cc:    merlin <merlin@baltimore.ie>, xml-encryption@w3.org
Subject:    Re: rsa/oaep

Joseph Reagle wrote:

> I'm generally happy with [1] (includes some tweaks) but is there a
> reference for MGF1WithSHA!?

I remebered that it was used in the ASN1 syntax for RSA-OAEP. But I could
It is probably safer to write it as "MGF1 with SHA1".

> [1] The RSAES-OAEP-ENCRYPT algorithm, as specified in RFC 2437 [PKCS1],
> takes three parameters. The two user specified parameters are a MANDATORY
> message digest function and an OPTIONAL encoding octet string OAEPparams.
> The message digest function is indicated by the Algorithm attribute of a
> child ds:DigestMethod element and the mask generation function, the third
> paramter, is always MGF1WithSHA1. Both the message digest and mask
> generation functions are used in the EME-OAEP-ENCODE operation as part of
> RSAES-OAEP-ENCRYPT. The encoding octet string is the base64 decoding of
> content of an optional OAEPparams child element . If no OAEPparams child
> provided, a null string is used.

This looks good to me.


Received on Thursday, 30 May 2002 11:50:35 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 23:13:09 UTC