SignPSS/VerifyPSS have almost the same problem as that issue.
I wanted to call SignPSS using RSASSA-PSS with SHA-256 with MGF1SHA1 because server which is hosted by third party needs that, but I couldn't.
It seems good to simply add option MGF1Hash to PSSOptions. It is not invasing, and keep backwards compatibility.
If there are no counter-proposals, I' ll create a patch.
// PSSOptions contains options for creating and verifying PSS signatures.
type PSSOptions struct {
SaltLength int
Hash crypto.Hash
// ADD OPTION HERE
// MGF1Hash is the hash function used for MGF1 .
// If zero, hash function used to generate the message digest will be used.
MGF1Hash crypto.Hash
}
I've checked https://github.com/golang/go/issues/19974. And, I am aware of comment https://github.com/golang/go/issues/19974#issuecomment-530862973.
SignPSS/VerifyPSS have almost the same problem as that issue. I wanted to call SignPSS using RSASSA-PSS with SHA-256 with MGF1SHA1 because server which is hosted by third party needs that, but I couldn't.
It seems good to simply add option
MGF1Hash
to PSSOptions. It is not invasing, and keep backwards compatibility.If there are no counter-proposals, I' ll create a patch.