#include <cKeyRSA.h>

Public Member Functions
	cKeyRSASignOptions (SSL_Hash_TYPE eHashType=SSL_Hash_SHA1, size_t nSizeSalt=20) noexcept

HRESULT	ReadHashAlg (const cASNBuf &alg)

HRESULT	ReadRsaSsaPssParams (const cASNBuf &params, OUT SSL_Hash_TYPE &eSignHashType)

Public Attributes
SSL_Hash_TYPE	m_eHashTypeMGF1

int	m_nSizeSaltExpected

Detailed Description

Options for RSASSA-PSS signature verification. See VerifySignatureV21()

Constructor & Destructor Documentation

◆ cKeyRSASignOptions()

GrayLib::cKeyRSASignOptions::cKeyRSASignOptions	(	SSL_Hash_TYPE	eHashType = `SSL_Hash_SHA1`,
		size_t	nSizeSalt = `20`
	)

inlinenoexcept

Member Function Documentation

◆ ReadHashAlg()

HRESULT GrayLib::cKeyRSASignOptions::ReadHashAlg ( const cASNBuf & alg )

HashAlgorithm ::= AlgorithmIdentifier

AlgorithmIdentifier ::= SEQUENCE { algorithm OBJECT IDENTIFIER, parameters ANY DEFINED BY algorithm OPTIONAL }

For HashAlgorithm, parameters MUST be nullptr or absent. Make sure we got a SEQUENCE and setup bounds

◆ ReadRsaSsaPssParams()

HRESULT GrayLib::cKeyRSASignOptions::ReadRsaSsaPssParams	(	const cASNBuf &	params,
		OUT SSL_Hash_TYPE &	eSignHashType
	)

RSASSA-PSS-params ::= SEQUENCE { hashAlgorithm [0] HashAlgorithm DEFAULT sha1Identifier, maskGenAlgorithm [1] MaskGenAlgorithm DEFAULT mgf1SHA1Identifier, saltLength [2] INTEGER DEFAULT 20, trailerField [3] INTEGER DEFAULT 1 } – Note that the tags in this Sequence are explicit.

RFC 4055 (which defines use of RSASSA-PSS in PKIX) states that the value of trailerField MUST be 1, and PKCS#1 v2.2 doesn't even define any other option. Enforce this at parsing time.

Member Data Documentation

◆ m_eHashTypeMGF1

SSL_Hash_TYPE GrayLib::cKeyRSASignOptions::m_eHashTypeMGF1

◆ m_nSizeSaltExpected

int GrayLib::cKeyRSASignOptions::m_nSizeSaltExpected

The documentation for this class was generated from the following files:

c:/Dennis/Source/Gray/GrayLib/include/Key/cKeyRSA.h
c:/Dennis/Source/Gray/GrayLib/src/Key/cKeyRSA.cpp

Public Member Functions

Public Attributes