Quantcast

Digital signature RSA 2048 and SHA 224,256 and more

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Digital signature RSA 2048 and SHA 224,256 and more

fsuel
Hi,

I would like to know if RSA 2048 digital signature with SHA hash (224,
256 and more bit) is possible in Mozilla products. In particuler if i
can realise a RSA 2048/SHA 256 digital signature with Thunderbird 2.x
or 3.x

It is possible to have the same response for ECDSA digital signature.

Thanks

Greats

Frédéric SUEL

--
dev-tech-crypto mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-tech-crypto
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Digital signature RSA 2048 and SHA 224,256 and more

Nelson B Bolyard-2
On 2010-05-04 08:24 PST, Frédéric SUEL wrote:

> I would like to know if RSA 2048 digital signature with SHA hash (224,
> 256 and more bit) is possible in Mozilla products. In particuler if i
> can realise a RSA 2048/SHA 256 digital signature with Thunderbird 2.x
> or 3.x

The underlying NSS crypto libraries are certainly capable of it.
If Thunderbird receives a signed email with such a signature, it will
happily handle it.  However, IIRC, Thunderbird will not generate such
a signature at this time.  The reasons for this are:

1) generating signatures that can be handled by all other S/MIME clients
is still considered to be of paramount importance, and

2) there are still a HUGE number of systems out there that cannot handle
SHA2, including all WinXP systems at SP2 and below, and

3) S/MIME has a way to negotiate encryption ciphers but no way to negotiate
acceptable signature algorithms, so there's no way for Thunderbird to know
which of your correspondents can handle such signatures and which cannot.

> It is possible to have the same response for ECDSA digital signature.

IIRC, at present, Thunderbird does not handle ECDSA signatures.

> Thanks

Regards,

/Nelson Bolyard
--
dev-tech-crypto mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-tech-crypto
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Digital signature RSA 2048 and SHA 224,256 and more

David Stutzman-11
In reply to this post by fsuel
On 5/4/2010 11:24 AM, fsuel wrote:
> I would like to know if RSA 2048 digital signature with SHA hash (224,
> 256 and more bit) is possible in Mozilla products. In particuler if i
> can realise a RSA 2048/SHA 256 digital signature with Thunderbird 2.x
> or 3.x

Ripping off Wan-Teh[1]
"We have an "Encryption Technologies in NSS x.y" for each NSS release.
The latest version is NSS 3.11, which is correct for all NSS 3.11.x
releases:
http://www.mozilla.org/projects/security/pki/nss/nss-3.11/nss-3.11-algorithms.html

Versions of this document needs to be created for
- NSS 3.12: adds Camellia
- upcoming NSS 3.12.3: adds SEED

Wan-Teh"

I wasn't sure if you were asking or telling about ECDSA, but I can
personally vouch for SHA2 algorithms working with EC in NSS.

[1]
http://old.nabble.com/Re%3A-Current-algorithm-support-for-Firefox--p22447551.html
--
dev-tech-crypto mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-tech-crypto
Loading...