Closed Ephenodrom closed 1 year ago
Ephenodrom
commented
1 year ago @mwcw Hello, can you take a look if my assumption is correct that only the salt length is needed for rsa pss verify ? If yes, it would be nice to get this PR done :)
Btw: Happy new year!
Ephenodrom
commented
1 year ago @mwcw Hello, any news on this ?
Ephenodrom
commented
1 year ago @dghgit @mwcw Any chance that someone has the time to take a look :) ?
dghgit
commented
1 year ago So, we're really flat out, and it looks like it's getting worse, even with an increase in numbers the number of things changing due to PQC is flooding us with work. I'm not sure when we will get to this. Interested in volunteering?
Ephenodrom
commented
1 year ago @dghgit Yes i would like to volonteer and then at least port some code to this package and manage the issues here. Also uploading new versions to pub.dev would be nice. If possible we can discuss this via E-mail. Just answer to one of my emails I sent you within the last weeks.
dghgit
commented
1 year ago Hmmm... I can't tell, get rather a lot of email. Would you email me at dgh@bouncycastle.org and we'll get something sorted out.
Ephenodrom
commented
1 year ago MD5
66f30513addf415425eb0dba7d5d4b2fDone via direct commit.
giregk
commented
1 year ago Hello, this PR should not be closed ! I completely agree with your fix @Ephenodrom ! Verifying a signature should not require the salt to be passed by the developper as it is already included in the signature output ! I would even say it should be disallowed to pass the salt as parameter for performing verification.
Can we reopen this PR and merge it please ?
PSS SIGNER
I fixed the PSS Signer to not require the complete Salt for verification by removing the following check :
In the verification() method, only the field _sLen is used, so it is possible to use init() with a ParametersWithSaltConfiguration model. I updated the unit tests to use ParametersWithSaltConfiguration for verification.
OBJECT IDENTIFIER
Added :