Since neither the CMS spec nor PKCS#7 states this explicitly, I'd very
much appreciate to have the following confirmed - or corrected:
When signing a SignedData object with RSA keys:
- the signature is to be formed according to PKCS#1, and this is just
the value of the signature OCTET STRING in the SignerInfo object
- the signatureAlgorithm of the SignerInfo is to be a proper signature
algorithm, like sha1WithRSASignature (or is it just rsaEncryption as the
digestAlgorithm holds the Sha1 OID?)
Best regards,
Anette Byskov
------------------------------------------------------------
Anette Byskov Cryptomathic A/S
Tel: +45 86 13 90 20 Klostergade 28
Direct: +45 86 13 90 21 - 113 DK-8000 Aarhus C
Fax: +45 86 20 29 75 Denmark
Web: http://www.cryptomathic.dk/
- new dimensions in data security
------------------------------------------------------------