[crypto] Add support for RSA-PSS signature scheme
Add support for the RSA-PSS signature scheme as defined in RFC 8017 and required for TLS version 1.3. Signature verification is deliberately implemented by first deriving the salt value and then reconstructing the entire expected signature. This is arguably inefficient since it involves two invocations of the mask generation function when only one is required. However, this implementation approach keeps the code size minimal (since there is no need to implement separate verification logic), and makes it provably impossible to accidentally omit a verification step (such as checking the leading zero bits or the fixed 0x01 or 0xbc bytes). Since signature verification is not a fast-path operation, the guaranteed correctness is more valuable than a marginally faster execution. Signed-off-by: Michael Brown <mcb30@ipxe.org>
This commit is contained in:
@@ -57,6 +57,7 @@ struct rsa_digestinfo_prefix {
|
||||
#define __rsa_digestinfo_prefix __table_entry ( RSA_DIGESTINFO_PREFIXES, 01 )
|
||||
|
||||
extern struct pubkey_algorithm rsa_algorithm;
|
||||
extern struct pubkey_algorithm rsa_pss_algorithm;
|
||||
|
||||
extern int ( * rsa_get_random ) ( void *data, size_t len );
|
||||
|
||||
|
||||
Reference in New Issue
Block a user