RSA icon indicating copy to clipboard operation
RSA copied to clipboard

Published 20 hours ago verified publisher icon RustCrypto

PSS signature verification should not require rng

Open lumag opened this issue 3 years ago • 3 comments

Currently creation of PSS PaddingSchema object requires the RngCore, however if the software is only verifying the signature, it should not require the random number generator. Please consider changing the rng to Option<> or adding new_verify_pss / new_verify_pss_with_salt.

lumag avatar Jul 31 '22 09:07 lumag

I left some notes on #172, but in general I think the signature code is really due for a refactor.

I'd need to write up a more concrete plan for what I have in mind though. It would be nice to actually impl the traits from the signature crate.

tarcieri avatar Jul 31 '22 15:07 tarcieri

I tried looking onto the signature-based implementation, but stopped after seeing no good way to implement RsaSignature. Unlike ECDSA, where the signature is bound by the size of the curve/field, for the RSA there is no such limitation. Or I can add the artificial limitation of not supporting anything above RSA16384. Does that sound good?

lumag avatar Jul 31 '22 15:07 lumag

I can open a new issue and sketch out a more complete design

tarcieri avatar Jul 31 '22 15:07 tarcieri