Questions tagged [pkcs1]

PKCS #1 is the first of a family of standards called Public-Key Cryptography Standards (PKCS), published by RSA Laboratories. It provides the basic definitions of and recommendations for implementing the RSA algorithm for public-key cryptography. It defines the mathematical properties of public and private keys, primitive operations for encryption and signatures, secure cryptographic schemes, and related ASN.1 syntax representations.

18 questions
19
votes
3 answers

Converting ECC Private key to PKCS#1 format

Is there any way to convert an ECC private key to RSA PKCS#1 format? I have tried converting it to PKCS#8 first using OpenSSL: openssl pkcs8 -topk8 -nocrypt -in EC_key.pem -out pkcs8_key.pem This results in a pem file that is in (what i am…
Sid Said
  • 193
  • 1
  • 1
  • 5
15
votes
1 answer

Should SHA-1 be used with RSA-OAEP?

PKCS#1 defines SHA1 as a default hash function and all implementations support this hash function and the mask generation functions based on SHA1. In some implementations you can change the hash function used for OAEP Padding. Can a SHA1 hash be…
Bernhard
  • 253
  • 2
  • 4
6
votes
1 answer

Does PKCS 1.5 padding make it possible for an attacker to extract the private key or not? Is PKCS 1.5 safe to use in authentication context?

Im currently writing a authentication app based on RSA, for Android that should be impossible to copy, even if you have physical access to a phone without lockscreen/PIN. However, the HSM inside the phone, that ensures the private key can never…
sebastian nielsen
  • 8,779
  • 1
  • 19
  • 33
4
votes
1 answer

encoding of optional NULL in DER

In PKCS1 there's DigestInfo: DigestInfo ::= SEQUENCE { digestAlgorithm AlgorithmIdentifier, digest OCTET STRING } AlgorithmIdentifier is defined in RFC5280: AlgorithmIdentifier ::= SEQUENCE { algorithm …
neubert
  • 1,605
  • 3
  • 18
  • 36
2
votes
0 answers

mbedtls mutual authentication

I have a server CA cert, device cert and the device private key. I am using mbedtls and want to be able to create a mutual authentication connection between the device and the server. I also have to RSA PKCS and am getting an error whilst parsing…
user186395
2
votes
0 answers

CMS signed data OpenSSL verification error

I have a CMS signed data that is successfully verified through Java BouncyCastle library. When trying to verify through OpenSSL, I am getting the following error: >openssl smime -verify -inform der -in cmssigneddata -CAfile cert.pem 6111…
user1563721
  • 1,099
  • 11
  • 22
1
vote
1 answer

breaking down RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING

So Java has a mode called RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING. What does that even mean? RFC3447, Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 2.1, section 7.1.2 Decryption operation says Hash and MGF are…
neubert
  • 1,605
  • 3
  • 18
  • 36
1
vote
1 answer

What does the EC Private key version field mean?

I have read the question Converting ECC Private key to PKCS#1 format. And I understood that the value of the version field of the traditional EC private key is 01. We can use the command openssl pkcs8 -topk8 -nocrypt to convert the traditional key…
Asif
  • 11
  • 1
  • 2
1
vote
1 answer

how to generate RSAES-OAEP keys?

RFC4055 describes RSAES-OAEP keys and RSASSA-PSS keys. OpenSSL's genpkey utility supports let's you generate RSASSA-PSS keys (you have to set the aglorithm parameter to RSA-PSS) but if it supports RSAES-OAEP keys the documentation certainly makes no…
neubert
  • 1,605
  • 3
  • 18
  • 36
1
vote
1 answer

SSL/TLS and PKCS#1-1.5 Encoding - Why?

I read about SSL (version 3.0) and that the PreMasterSecret (pms) is encoded with PKCS#1-1.5 before the client encrypts it with the given public RSA key and sends the encryption to the server. So the pms looks like this: [2 byte SSL version number…
winklerrr
  • 125
  • 7
1
vote
1 answer

Is there such a thing as an SSLeay/PKCS#1-style static Diffie-Hellman key?

That is, would you ever find a PEM file which starts: -----BEGIN DH PRIVATE KEY----- or: -----BEGIN DH PUBLIC KEY----- ? And if so, what is its structure? I know static DH keys are an oddity, and perhaps even extinct. And i know you can put a DH…
Tom Anderson
  • 111
  • 4
0
votes
0 answers

Sign according RSASSA-PKCS1-v1_5 standard

I'm totally lost with is standard RSASSA-PKCS1-v1_5. I have commands that signs document and checks signature below. openssl dgst -sha256 -sign private-key.pem -out aaa.txt.sha256 aaa.txt openssl dgst -sha256 -verify public-key.pem -signature…
vico
  • 249
  • 2
  • 6
0
votes
1 answer

Why does PCKS1-v1.5 signing require DER wrapping?

Reading RFC3447, Section 8.2.1, primitive RSASSA-PKCS1-V1_5-SIGN requires an encoding into ASN.1/DER. Why not just sign the raw hash bytes rather then wrapping them as ASN1?
PeterT
  • 135
  • 4
0
votes
1 answer

Obtaining .p12 certificate from PEM file and CRT file provided by GoDaddy

A few months ago a colleague who left generated a CA certificate from GoDaddy. I am not sure the exact steps he took but currently we would like to install the CA certificate on a server to fully comply with EFRIS regulations which mandate that…
Gilboot
  • 101
  • 2
0
votes
1 answer

Why is PKCS used?

Can anybody help me in understanding why PKCS is used? My confusion is that whether PKCS is used to transfer key in between client and server OR it is a standard to encrypt and decrypt the payload. I know I am asking some basic question But I am new…
1
2