santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Cantor, Scott E." <canto...@osu.edu>
Subject RSA key transport w/ SHA-2
Date Tue, 21 Jun 2011 19:36:12 GMT
This is somewhat directed at Sean, but if somebody else knows...

It looks like the RSA-OAEP key transport support is limited to SHA-1 as a
digest right now in the Java code. It seemed as though Java might support
the full range of SHA-2 options with that, but I guess the API here
doesn't.

I don't pretend to know if the SHA-1 weaknesses compromise the key
transport, but I know it will probably get asked about. I was going to
patch the C++ code to handle SHA-2, but don't have anything to test
against.

-- Scott


Mime
View raw message