Nelson B Bolyard wrote:
On 2009-08-19 15:12 PDT, David Keeler wrote:
Wan-Teh Chang wrote:
I think "rsa encryption" is a public key algorithm, where as
"sha1 with rsa encryption" is a signature algorithm.
Thank you for the quick response. This isn't quite what I was getting
at, though. I guess my question really should be: I have a certificate
that says its "Signature Algorithm" is "rsaEncryption" (not, for
instance, "sha1WithRSAEncryption"). What does this mean?
It means the certificate was badly generated.
It means that the only way to be absolutely sure to correctly check
the signature is to do these steps in this order:
<snip>
You can also use NSS's pp command-line util, or Peter Gutmann's dumpasn1
or another ASN.1 parser to dump the DER encoded cert and get the OID of
the signature algorithm. Firefox and openssl are using the OID that is
there and presenting you with a "human readable" version of it.
Dave
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
