How to obtain 512 bits with PKCS1v15?

[evaristesome]

I have been trying to hash and sign 512 bits using PKCS1v15, but the result is more than 512. RSA offers 2048, 3072, and 4096 bits key for PKCSv15. How may I play around to obtain 512 bits?

However, with the same program, hashing and signing for 512 using ECDSA works perfectly.

Can Yubico PKCS1v15 provide exactly 512 bit?

Thank you.

Eva

[joernheissler]

Hi evso9816, RSA signatures are as large as the RSA modulus. If you want a 512 bit signature, you need to use an RSA 512 key. According to https://developers.yubico.com/YubiHSM2/Concepts/Algorithms.html and your own comment, RSA 512 is not supported. So it's not possible. RSA 512 is insecure anyway, so there's no good reason to support it.

Your issue is a year old. Did you figure things out by now, can the ticket be resolved?

[evaristesome]

Yes, keep the case closed. I solved it. Thanks!

On Sat, Nov 21, 2020 at 2:42 AM Jörn Heissler notifications@github.com wrote:

Hi evso9816, RSA signatures are as large as the RSA modulus. If you want a 512 bit signature, you need to use an RSA 512 key. According to https://developers.yubico.com/YubiHSM2/Concepts/Algorithms.html and your own comment, RSA 512 is not supported. So it's not possible. RSA 512 is insecure anyway, so there's no good reason to support it.

Your issue is a year old. Did you figure things out by now, can the ticket be resolved?

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/Yubico/python-yubihsm/issues/9#issuecomment-731555067, or unsubscribe https://github.com/notifications/unsubscribe-auth/AISQHT73B4L6ADW64WQMTG3SQ6DQRANCNFSM4J5PACGQ .

[nevun]

thanks :+1: