I understand that RSA keys can be generated using different sha
algorithms. Using openssl
, I don't seem to have the option of specifying what algorithm the key generator should use. I suspect it's using sha256
.
How can I generate RSA keys using different sha
algorithms (such as sha512
) in either a bash shell or in Ruby? Does the openssl
library support generating RSA keys using different algorithms? If not, does anyone know of another library I can use? (In ruby, OpenSSL::PKey::RSA
doesn't seem to allow for choosing an algorithm, but the documentation is hard for me to follow soo...?)
Apologies if this question has already been answered, but I haven't been able to find an answer.
Maybe I should also note (in case I am wrong): it is my understanding that choosing a size for the generated RSA key (i.e. RSA 2048
) is separate from choosing the hashing algorithm (i.e. sha512
).
UPDATE - Some background
I want to sign Java Web Tokens with an RSA key. The JWT library I'm using gives me the impression that RSA keys can be generated using different hashing algorithms (RS256, RS384, RS512). Generating a key using openssl
doesn't seem to let me choose what hashing algorithm is used though.
Thanks!!
RSA\SHA512 means that the RSA signature algorithm is combined with SHA512 hash algorithm. ECDSA\SHA512 means that the Elliptic Curve Digital Signature Algorithm (ECDSA) is combined with SHA512 hash algorithm.
RSA keys, and "the RSA algorithm" don't have any notion of a hash algorithm.
An RSA key is just two prime numbers and one other number (from the (p
, q
, e
) triplet all the other values can be derived). e
is usually chosen as 0x010001 (though other reasonable values exist) and p
and q
are generated randomly (while almost any CSPRNG is going to have a backing hash algorithm the CSPRNG itself is usually considered a black box that just emits randomness).
Where a hash algorithm comes into play is in RSA Signatures.
For an RSA Signature the original data is hashed under an algorithm and then the hash value, algorithm identifier, and private key are used to produce a signature (for PKCS v1.5 signatures... for PSS there's also a second (effectively fixed) identifier and some more random bytes).
RS256 is the JWA (JSON Web Algorithms) identifier for "RSASSA-PKCS1-v1_5 using SHA(-2)-256".
JWA section 3.3 says
This section defines the use of the RSASSA-PKCS1-v1_5 digital signature algorithm as defined in Section 8.2 of RFC 3447 [RFC3447] (commonly known as PKCS #1), using SHA-2 [SHS] hash functions.
A key of size 2048 bits or larger MUST be used with these algorithms.
The RSASSA-PKCS1-v1_5 SHA-256 digital signature is generated as follows: generate a digital signature of the JWS Signing Input using RSASSA-PKCS1-v1_5-SIGN and the SHA-256 hash function with the desired private key. This is the JWS Signature value.
(emphasis mine)
So no requirement is made on the RSA key, other than that the spec was written in 2015 so they mandated a 2015-compatible minimum keysize.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With