package mirage-crypto-pk

  1. Overview
  2. Docs

PSS-based signing, as defined by PKCS #1 v2.1.

The same hash function is used for padding, MGF and computing message digest. MGF is MGF1 as defined in PKCS #1 2.1.

Keys must have a minimum of 2 + hlen + slen bytes, where hlen is the hash length and slen is the seed length.

Parameters

Signature

val sign : ?g:Mirage_crypto_rng.g -> ?crt_hardening:bool -> ?mask:mask -> ?slen:int -> key:priv -> Cstruct.t or_digest -> Cstruct.t

sign ~g ~crt_hardening ~mask ~slen ~key message the pPSS-padded digest of message, signed with the key. crt_hardening defaults to false.

slen is the optional seed length and defaults to the size of the underlying hash function.

message is either the actual message, or its digest.

val verify : ?slen:int -> key:pub -> signature:Cstruct.t -> Cstruct.t or_digest -> bool

verify ~slen ~key ~signature message checks whether signature is a valid PSS signature of the message under the given key.

message is either the actual message, or its digest.

OCaml

Innovation. Community. Security.