Thank you for your feedback on this, and Konstantin for the feedback on EC.
When it comes to implementing support for OAEP and PSS in smart cards, a major part of implementations will be based on JavaCard. In this case, the additional parameters can not all be assigned, and so some default values apply. It could save many some trouble if Mozilla, when taking these padding schemas into use would restrict itself to the same sub-set of parameters. As far as I can see, these are for JavaCard 2.2.2: OAEP not mentioning parameters, so these defaults should apply: * Hash function being SHA-1 * MGF using MGF1 with SHA-1 * Not assign any shared label PSS: * MGF using MGF1 with same hash function as the one used to hash the data * Use salt length corresponding to the length of the hash function. JavaCard 3.0.1 does allow setting salt length, but if not set, the value above is the default. Any particular reason not to use this value? The most troublesome is perhaps to be constrained to SHA-1 for OAEP. Regards, - Helge -----Original Message----- From: dev-tech-crypto-bounces+helge=bragstad....@lists.mozilla.org [mailto:dev-tech-crypto-bounces+helge=bragstad....@lists.mozilla.org] On Behalf Of Hanno Böck Sent: 11. april 2011 19:09 To: mozilla's crypto code discussion list Cc: Helge Bragstad Subject: Re: Public key ciphers in Mozilla Am Mon, 11 Apr 2011 17:30:29 +0200 schrieb "Helge Bragstad": > Likewise, is there similar support for the RSA padding schemas OAEP > and PSS > - and if so - is there a definition of which parameters are > *actually* being used? (Salt length, MGF's, etc.) I don't know details about EC, but I can answer this: OAEP: Nothing at all at the moment. PSS: Experimental code for X.509 exists in bugzilla (Summer of Code project by me last year), but not merged into CVS. TLS doesn't support PSS. S/MIME is not yet done, but it's not that much work based on the X.509 code, I'll probably do it some time in the future. -- Hanno Böck mail/jabber: ha...@hboeck.de GPG: BBB51E42 http://www.hboeck.de/ JETZT zu Ökostrom wechseln: http://atomausstieg-selber-machen.de -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
