• Adam Langley's avatar
    crypto/x509: support PSS signatures. · e41b0e2b
    Adam Langley authored
    Although the term “RSA” is almost synonymous with PKCS#1 v1.5, that
    standard is quite flawed, cryptographically speaking. Bellare and
    Rogaway fixed PKCS#1 v1.5 with OAEP (for encryption) and PSS (for
    signatures) but they only see a fraction of the use of v1.5.
    
    This change adds support for creating and verifying X.509 certificates
    that use PSS signatures. Sadly, every possible dimension of flexibility
    seems to have been reflected in the integration of X.509 and PSS
    resulting in a huge amount of excess complexity. This change only
    supports one “sane” configuration for each of SHA-{256, 384, 512}.
    Hopefully this is sufficient because it saves a lot of complexity in the
    code.
    
    Although X.509 certificates with PSS signatures are rare, I'm inclined
    to look favourably on them because they are sufficiently superior.
    
    Fixes #15958.
    
    Change-Id: I7282e0b68ad0177209f8b2add473b94aa5224c07
    Reviewed-on: https://go-review.googlesource.com/24743
    Run-TryBot: Adam Langley <agl@golang.org>
    Reviewed-by: default avatarBrad Fitzpatrick <bradfitz@golang.org>
    TryBot-Result: Gobot Gobot <gobot@golang.org>
    e41b0e2b
x509.go 67.7 KB