Additional Algorithms and Identifiers for RSA Cryptography for use in the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile
RFC 4055
Document | Type |
RFC - Proposed Standard
(June 2005; Errata)
Updated by RFC 5756
Updates RFC 3279
|
|
---|---|---|---|
Authors | Russ Housley , Jim Schaad , Burt Kaliski | ||
Last updated | 2020-01-21 | ||
Stream | IETF | ||
Formats | plain text html pdf htmlized with errata bibtex | ||
Stream | WG state | (None) | |
Document shepherd | No shepherd assigned | ||
IESG | IESG state | RFC 4055 (Proposed Standard) | |
Action Holders |
(None)
|
||
Consensus Boilerplate | Unknown | ||
Telechat date | |||
Responsible AD | Steven Bellovin | ||
Send notices to | wpolk@nist.gov |
Network Working Group J. Schaad Request for Comments: 4055 Soaring Hawk Consulting Updates: 3279 B. Kaliski Category: Standards Track RSA Laboratories R. Housley Vigil Security June 2005 Additional Algorithms and Identifiers for RSA Cryptography for use in the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile Status of This Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The Internet Society (2005). Abstract This document supplements RFC 3279. It describes the conventions for using the RSA Probabilistic Signature Scheme (RSASSA-PSS) signature algorithm, the RSA Encryption Scheme - Optimal Asymmetric Encryption Padding (RSAES-OAEP) key transport algorithm and additional one-way hash functions with the Public-Key Cryptography Standards (PKCS) #1 version 1.5 signature algorithm in the Internet X.509 Public Key Infrastructure (PKI). Encoding formats, algorithm identifiers, and parameter formats are specified. Schaad, et al. Standards Track [Page 1] RFC 4055 Additional RSA Algorithms and Identifiers June 2005 Table of Contents 1. Introduction ....................................................2 1.1. Terminology ................................................3 1.2. RSA Public Keys ............................................3 2. Common Functions ................................................5 2.1. One-way Hash Functions .....................................5 2.2. Mask Generation Functions ..................................6 3. RSASSA-PSS Signature Algorithm ..................................7 3.1. RSASSA-PSS Public Keys .....................................8 3.2. RSASSA-PSS Signature Values ...............................10 3.3. RSASSA-PSS Signature Parameter Validation .................10 4. RSAES-OAEP Key Transport Algorithm .............................10 4.1. RSAES-OAEP Public Keys ....................................11 5. PKCS #1 Version 1.5 Signature Algorithm ........................13 6. ASN.1 Module ...................................................14 7. References .....................................................20 7.1. Normative References ......................................20 7.2. Informative References ....................................21 8. Security Considerations ........................................21 9. IANA Considerations ............................................24 1. Introduction This document supplements RFC 3279 [PKALGS]. This document describes the conventions for using the RSASSA-PSS signature algorithm and the RSAES-OAEP key transport algorithm in the Internet X.509 Public Key Infrastructure (PKI) [PROFILE]. Both of these RSA-based algorithms are specified in [P1v2.1]. The algorithm identifiers and associated parameters for subject public keys that employ either of these algorithms, and the encoding format for RSASSA-PSS signatures are specified. Also, the algorithm identifiers for using the SHA-224, SHA-256, SHA-384, and SHA-512 one-way hash functions with the PKCS #1 version 1.5 signature algorithm [P1v1.5] are specified. This specification supplements RFC 3280 [PROFILE] which profiles the X.509 Certificates and Certificate Revocation Lists (CRLs) for use in the Internet. This specification extends the list of algorithms discussed in RFC 3279 [PKALGS]. The X.509 Certificate and CRL definitions use ASN.1 [X.208-88], the Basic Encoding Rules (BER) [X.209-88], and the Distinguished Encoding Rules (DER) [X.509-88]. This specification defines the contents of the signatureAlgorithm, signatureValue, signature, and subjectPublicKeyInfo fields within Internet X.509 Certificates and CRLs. For each algorithm, the appropriate alternatives for the keyUsage certificate extension are provided. Schaad, et al. Standards Track [Page 2] RFC 4055 Additional RSA Algorithms and Identifiers June 2005 1.1. Terminology The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in thisShow full document text