Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

crypto/rsa: allow hash.Hash for PSS and MGF1 to be specified independently #46233

KeiichiHirobe opened this issue May 18, 2021 · 1 comment
FeatureRequest NeedsInvestigation


Copy link

@KeiichiHirobe KeiichiHirobe commented May 18, 2021

I've checked #19974.
And, I am aware of comment #19974 (comment).

SignPSS/VerifyPSS have almost the same problem as that issue.
I wanted to call SignPSS using RSASSA-PSS with SHA-256 with MGF1SHA1 because server which is hosted by third party needs that, but I couldn't.

It seems good to simply add option MGF1Hash to PSSOptions. It is not invasing, and keep backwards compatibility.

If there are no counter-proposals,  I' ll create a patch.

// PSSOptions contains options for creating and verifying PSS signatures.
type PSSOptions struct {
	SaltLength int
	Hash crypto.Hash
        // ADD OPTION HERE
	// MGF1Hash is the hash function used for MGF1 . 
        // If zero,  hash function used to generate the message digest will be used.
	MGF1Hash  crypto.Hash

Copy link

@seankhliao seankhliao commented May 18, 2021

@dmitshur dmitshur added NeedsInvestigation FeatureRequest labels May 19, 2021
@dmitshur dmitshur added this to the Backlog milestone May 19, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
FeatureRequest NeedsInvestigation
None yet

No branches or pull requests

3 participants