[gnutls-devel] GnuTLS | pk: add flags to force RSA-PSS salt length to match digest length (!1455)

Thu Aug 5 14:41:36 CEST 2021



Hubert Kario (@mention me if you need reply) started a new discussion on lib/privkey.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1455#note_644046643

>  
>  		if (flags & GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE)
>  			params->salt_size = 0;
> -		else {
> +		else if (flags & GNUTLS_PRIVKEY_FLAG_RSA_PSS_FIXED_SALT_LENGTH) {
> +			size_t hash_size = _gnutls_hash_get_algo_len(me);
> +			size_t key_size = (bits + 7) / 8;
> +
> +			if (salt_size == 0) {

0 length salt size is actually a valid salt length it RSA-PSS signatures

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1455#note_644046643
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20210805/c7b8a4af/attachment-0001.html>