Does Thunderbird support RSASSA-PSS & RSAES-OAEP P1#v2.1 (RFC 4056/3447)?

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Does Thunderbird support RSASSA-PSS & RSAES-OAEP P1#v2.1 (RFC 4056/3447)?

Hi everyone!

So I'm trying to send RSASSA-PSS signed and AES/OAEP encrypted (with the bouncy castle library) mails without much luck.

The problem is, when I was using old sha256 with rsa signing and PKCS1Padding (P#1.5) everything was fine, but when I switched to the new P#2.1 stardand I'm getting "Thunderbird cannot decrypt this message", "The sender encrypted this message to you using one of your digital certificates, however Thunderbird was not able to find this certificate and corresponding private key." error.

Can anyone here point me to the list of Thunderbird supported algorithms please? I couldn't find it anywhere.
Or maybe it's the problem with my self-signed certificate?

Just in case, here is how I created it:
    openssl req -new -x509 -nodes -sha256 -days 365 -newkey rsa:2048 -out certificate.cer -keyout private.key -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:32 -passin pass:mypass -utf8 -config _openssl.cfg -extensions v3_req
    openssl pkcs12 -export -out certificate.pfx -name "testname" -inkey private.key -in certificate.cer

where v3_req was:

basicConstraints = CA:TRUE
keyUsage = digitalSignature, keyEncipherment
subjectAltName = "email:my@testmail"

Thanks in advance!
dev-tech-crypto mailing list
[hidden email]