Hi all,

I'm in the process of getting a product FIPS certified and have come
across a problem within the OpenSSL implementation of PKCS 1.5 and
specifically the RSA_padding_add_PKCS1_type_1() function used in
a signature creation context.

The specification states (10.1.2) that the data encoding method
includes a digestAlgorithmIdentifier and our testing house says that
this constant is needed, but RSA_padding_add_PKCS1_type_1() does not
appear to do this. So the EB packet (from PKCS 1.5) is actually:

EB = 00 || BT || PS || 00 || DI || D .

Where DI is the DigestIdentifier.

I'm confused on the implementation in openssl and the requirement from
the testing house. Can anyone shed any light on this?


__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org