An open source, portable, easy to use, readable and flexible TLS library, and reference implementation of the PSA Cryptography API. Releases are on a varying cadence, typically around 3 - 6 months between releases.
Currently it is not possible to sign or verify a RSA signature using PKCSv1.5 padding with RIPEMD-160. The issue seems to be that the OID for RIPEMD-160 is missing from the oid_md_alg in oid.c.
PSS+RIPEMD160 works fine, as there is no hash identifier used in PSS scheme.
Justification - why does the library need this feature? It seems strange that the library supports RSA, RIPEMD160, and PKCSv1.5, yet does not support the standardized combination of these schemes.
Suggested enhancement Add the OID.
We could submit a patch if this enhancement is ok with upstream.
Enhancement\Feature Request
Currently it is not possible to sign or verify a RSA signature using PKCSv1.5 padding with RIPEMD-160. The issue seems to be that the OID for RIPEMD-160 is missing from the
oid_md_alg
inoid.c
.PSS+RIPEMD160 works fine, as there is no hash identifier used in PSS scheme.
Justification - why does the library need this feature? It seems strange that the library supports RSA, RIPEMD160, and PKCSv1.5, yet does not support the standardized combination of these schemes.
Suggested enhancement Add the OID.
We could submit a patch if this enhancement is ok with upstream.