Hello,
As per RSASSA-PSS — Mbed TLS documentation knowledge base article, MbedTLS supports
RSAPSS signature verification according to PKCS#1 v2.1
I want to use RSAPSS as per PKCS #1 v2.2: RSA Cryptography Standard, RSA Laboratories, October 27,
2012.
more specifically RSAPSS with 2048bit sized key.
Is this supported in MbedTLS ? If not are there any functional differences between RSAPSS according to PKCS#1 v2.1 and PKCS#1 v2.2
Hi Qausain,
According to RFC 8017 Appendix D:
Version 2.2 updates the list of allowed hashing algorithms to
align them with FIPS 180-4 [SHS], therefore adding SHA-224,
SHA-512/224, and SHA-512/256. The following substantive changes
were made:
* Object identifiers for sha224WithRSAEncryption,
sha512-224WithRSAEncryption, and sha512-256WithRSAEncryption
were added.
* This version continues to support the schemes in version 2.1.
Mbed TLS does not support the additional hash algorithms(except sha224), so it doesn’t support PKCS #1 v2.2 per se, but if you use on eof the supported hash algorithms, it should be compatible.
Regards,
Mbed TLS Team member
Ron
Hi Ron,
Thanks a lot for your help and the great library.
I am required to use RSAPSS 2048 signature verification with SHA256 as the hashing algorithm. So I hope that I am good to go with the MbedTLS implementation, right ?
Regards,
Qausain
Hi Qausain,
It should be ok for you
Regards,
Ron