datatracker.ietf.org
Sign in
Version 5.6.4.p1, 2014-10-20
Report a bug

Additional Algorithms and Identifiers for RSA Cryptography for use in the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile
RFC 4055

Network Working Group                                          J. Schaad
Request for Comments: 4055                       Soaring Hawk Consulting
Updates: 3279                                                 B. Kaliski
Category: Standards Track                               RSA Laboratories
                                                              R. Housley
                                                          Vigil Security
                                                               June 2005

      Additional Algorithms and Identifiers for RSA Cryptography
       for use in the Internet X.509 Public Key Infrastructure
      Certificate and Certificate Revocation List (CRL) Profile

Status of This Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2005).

Abstract

   This document supplements RFC 3279.  It describes the conventions for
   using the RSA Probabilistic Signature Scheme (RSASSA-PSS) signature
   algorithm, the RSA Encryption Scheme - Optimal Asymmetric Encryption
   Padding (RSAES-OAEP) key transport algorithm and additional one-way
   hash functions with the Public-Key Cryptography Standards (PKCS) #1
   version 1.5 signature algorithm in the Internet X.509 Public Key
   Infrastructure (PKI).  Encoding formats, algorithm identifiers, and
   parameter formats are specified.

Schaad, et al.              Standards Track                     [Page 1]
RFC 4055       Additional RSA Algorithms and Identifiers       June 2005

Table of Contents

   1. Introduction ....................................................2
      1.1. Terminology ................................................3
      1.2. RSA Public Keys ............................................3
   2. Common Functions ................................................5
      2.1. One-way Hash Functions .....................................5
      2.2. Mask Generation Functions ..................................6
   3. RSASSA-PSS Signature Algorithm ..................................7
      3.1. RSASSA-PSS Public Keys .....................................8
      3.2. RSASSA-PSS Signature Values ...............................10
      3.3. RSASSA-PSS Signature Parameter Validation .................10
   4. RSAES-OAEP Key Transport Algorithm .............................10
      4.1. RSAES-OAEP Public Keys ....................................11
   5. PKCS #1 Version 1.5 Signature Algorithm ........................13
   6. ASN.1 Module ...................................................14
   7. References .....................................................20
      7.1. Normative References ......................................20
      7.2. Informative References ....................................21
   8. Security Considerations ........................................21
   9. IANA Considerations ............................................24

1.  Introduction

   This document supplements RFC 3279 [PKALGS].  This document describes
   the conventions for using the RSASSA-PSS signature algorithm and the
   RSAES-OAEP key transport algorithm in the Internet X.509 Public Key
   Infrastructure (PKI) [PROFILE].  Both of these RSA-based algorithms
   are specified in [P1v2.1].  The algorithm identifiers and associated
   parameters for subject public keys that employ either of these
   algorithms, and the encoding format for RSASSA-PSS signatures are
   specified.  Also, the algorithm identifiers for using the SHA-224,
   SHA-256, SHA-384, and SHA-512 one-way hash functions with the PKCS #1
   version 1.5 signature algorithm [P1v1.5] are specified.

   This specification supplements RFC 3280 [PROFILE] which profiles the
   X.509 Certificates and Certificate Revocation Lists (CRLs) for use in
   the Internet.  This specification extends the list of algorithms
   discussed in RFC 3279 [PKALGS].  The X.509 Certificate and CRL
   definitions use ASN.1 [X.208-88], the Basic Encoding Rules (BER)
   [X.209-88], and the Distinguished Encoding Rules (DER) [X.509-88].

   This specification defines the contents of the signatureAlgorithm,
   signatureValue, signature, and subjectPublicKeyInfo fields within
   Internet X.509 Certificates and CRLs.  For each algorithm, the
   appropriate alternatives for the keyUsage certificate extension are
   provided.

Schaad, et al.              Standards Track                     [Page 2]
RFC 4055       Additional RSA Algorithms and Identifiers       June 2005

[include full document text]