Hello,
I have been thinking about implementing RSASSA-PSS in Nettle.
I would like to propose the following API for performing and verifying signatures:
diff --git a/rsa.h b/rsa.h
index 6d2574b..b9faffe 100644 --- a/rsa.h +++ b/rsa.h @@ -35,6 +35,7 @@ #define NETTLE_RSA_H_INCLUDED
#include "nettle-types.h" +#include "nettle-meta.h" #include "bignum.h"
#include "md5.h" @@ -188,6 +189,27 @@ int rsa_private_key_prepare(struct rsa_private_key *key);
+/* PSS style signatures */ +int +rsa_pss_sign(const struct rsa_private_key *key,
size_t length, const uint8_t *digest_info,mpz_t s, const struct nettle_hash *hash_func,size_t salt_length, const uint8_t *salt);+int +rsa_pss_sign_tr(const struct rsa_public_key *pub,
const struct rsa_private_key *key,void *random_ctx, nettle_random_func *random,size_t length, const uint8_t *digest_info,mpz_t s, const struct nettle_hash *hash_func,size_t salt_length, const uint8_t *salt);+int +rsa_pss_verify(const struct rsa_public_key *key,
size_t length, const uint8_t *digest_info,const mpz_t signature, const struct nettle_hash *hash_func,size_t salt_length);/* PKCS#1 style signatures */ int rsa_pkcs1_sign(const struct rsa_private_key *key,
It is fairly similar to PKCS#1 API but with the addition of a hash function and salt. If this sounds reasonable then I will have a go at writing the implementations.
Best wishes,
Andrew Lawrence