Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crypto/rsa: allow hash.Hash for PSS and MGF1 to be specified independently #46233

Open
KeiichiHirobe opened this issue May 18, 2021 · 3 comments
Open

crypto/rsa: allow hash.Hash for PSS and MGF1 to be specified independently #46233

KeiichiHirobe opened this issue May 18, 2021 · 3 comments
Labels
FeatureRequest NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Milestone
Backlog

Comments

@KeiichiHirobe
Copy link
Contributor

I've checked #19974.
And, I am aware of comment #19974 (comment).

SignPSS/VerifyPSS have almost the same problem as that issue.
I wanted to call SignPSS using RSASSA-PSS with SHA-256 with MGF1SHA1 because server which is hosted by third party needs that, but I couldn't.

It seems good to simply add option MGF1Hash to PSSOptions. It is not invasing, and keep backwards compatibility.

If there are no counter-proposals,  I' ll create a patch.

// PSSOptions contains options for creating and verifying PSS signatures.
type PSSOptions struct {
	SaltLength int
	Hash crypto.Hash
        // ADD OPTION HERE
	// MGF1Hash is the hash function used for MGF1 . 
        // If zero,  hash function used to generate the message digest will be used.
	MGF1Hash  crypto.Hash
}
@seankhliao
Copy link
Member

cc @FiloSottile @agl @katiehockman @rolandshoemaker

@dmitshur dmitshur added NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. FeatureRequest labels May 19, 2021
@dmitshur dmitshur added this to the Backlog milestone May 19, 2021
@bonurgeyik
Copy link

@KeiichiHirobe I have the same problem, did you find a solution or workaround to make it work in go?

@KeiichiHirobe
Copy link
Contributor Author

@bonurgeyik Unfortunately I haven't found it

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
FeatureRequest NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Projects
None yet
Milestone
Backlog
Development

No branches or pull requests
4 participants
@dmitshur @bonurgeyik @seankhliao @KeiichiHirobe