Richard:
See below.
Is this the right place to ask a question about the Cryptographic
Message Syntax signed object spec (RFC5652 Section 5)? (I'm interested
in understanding the RFC author's intentions, not what implementations
currently do.)
I am reviewing draft-ietf-sidr-rfc6485bis for the sidr working group and
am confused about SignerInfo algorithm selection, specifically the
relationship between the digestAlgorithm and signatureAlgorithm fields.
RFC3370 defines the digest algorithm OIDs sha-1 and md5. It also
defines the signature algorithm OIDs rsaEncryption,
sha1WithRSAEncryption, and md5WithRSAEncryption. This leads me to wonder:
* Suppose digestAlgorithm contains sha-1. Is there any functional
difference between choosing rsaEncryption vs. sha1WithRSAEncryption
for the signatureAlgorithm field?
These are equivalent. However, the practice is to use the hash function
identifier in digestAlgorithm and the the identifier that includes the hash
function and the signature algorithm in signatureAlgorithm.
* What happens if I put sha-1 in digestAlgorithm but choose
md5WithRSAEncryption for signatureAlgorithm?
At minimum, this is rude. The I would expect an error.
The complete answer requires looking at SignedData:
SignedData ::= SEQUENCE {
version CMSVersion,
digestAlgorithms DigestAlgorithmIdentifiers,
encapContentInfo EncapsulatedContentInfo,
certificates [0] IMPLICIT CertificateSet OPTIONAL,
crls [1] IMPLICIT RevocationInfoChoices OPTIONAL,
signerInfos SignerInfos }
The digestAlgorithms list comes before the content. This allows an
implementation to calculate the hash values as it buffers or processes the
content, depending on the circumstance. To encounter a signature that uses a
hash function that is not in this list should cause an error.
* In general, what is the relationship between the digest algorithm
associated with the chosen signatureAlgorithm and the chosen
digestAlgorithm?
I think this is answered above,
Russ
_______________________________________________
smime mailing list
smime(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/smime