Allow 'raw' PKCS1 signatures #103
Conversation
joostrijneveld
force-pushed
the
raw-rsa-signatures
branch
from
8cfa86f
to
d8bc7ac
Compare
joostrijneveld
force-pushed
the
raw-rsa-signatures
branch
from
d8bc7ac
to
64065e3
Compare
|
Please also update the documentation so that our users actually know about this feature and how to use it. |
joostrijneveld
force-pushed
the
raw-rsa-signatures
branch
from
64065e3
to
34eaf2d
Compare
|
Good call. I've added a line to highlight this in the |
joostrijneveld
force-pushed
the
raw-rsa-signatures
branch
2 times, most recently
from
536303b
to
a9a5b8c
Compare
This provides more convenient compatability with other libraries that use such raw signatures in intermediate results. In particular, it matches the behavior of `openssl rsautl -sign`
joostrijneveld
force-pushed
the
raw-rsa-signatures
branch
from
a9a5b8c
to
69ccc2b
Compare
|
Not sure if you get notifications of new commits, so for completeness; I've added a test and a changelog entry :) |
|
@sybrenstuvel: could you merge this PR? |
|
Probably it should be rebased first because there are conflicts |
|
@vstoykov Since the conflict is in a recently released |
|
There is one thing that bugs me, and that's the change in behaviour of The documented behaviour of raising an exception in case of an error has been removed in this PR, without changing the documentation and adding huge big red letters that the API has changed. In any case I would reject such an API change, as such errors should never be silenced. |
|
I agree, and would suggest to close this PR on that account; I had overlooked that marking signatures without an ASN1 tag as 'RAW' rather than raising an error was changing API behavior, and I see no obvious way to prevent doing so. |
This provides more convenient compatability with other libraries that use such raw signatures in intermediate results. In particular, it matches the behavior of
openssl rsautl -sign.