RSA salt length - Githubissues

rfcs / crypto-conditions

Composable cryptographic conditionals (signatures, hashes)

https://tools.ietf.org/html/draft-thomas-crypto-conditions-03

22 stars 12 forks source link

RSA salt length #30

Open stevenroose opened 6 years ago

stevenroose commented 6 years ago

I recently started trying the RFC test vectors again against my implementation.

The RFC mentions

rSASSA-PSS-SHA256-Params RSASSA-PSS-params ::=  {
  hashAlgorithm        sha256Identifier,
  maskGenAlgorithm     mgf1SHA256Identifier,
  saltLength           20,
  trailerField         1
}

However, for me, my implementation fails the RSA vectors for salt length 20, but succeeds them for salt length 32.