package mirage-crypto-pk

  1. Overview
  2. Docs

PSS-based signing, as defined by PKCS #1 v2.1.

The same hash function is used for padding, MGF and computing message digest. MGF is MGF1 as defined in PKCS #1 2.1.

Keys must have a minimum of 2 + hlen + slen bytes, where hlen is the hash length and slen is the seed length.

Parameters

module H : Digestif.S

Signature

val sign : ?g:Mirage_crypto_rng.g -> ?crt_hardening:bool -> ?mask:mask -> ?slen:int -> key:priv -> string or_digest -> string

sign ~g ~crt_hardening ~mask ~slen ~key message the PSS-padded digest of message, signed with the key. crt_hardening defaults to false.

slen is the optional seed length and defaults to the size of the underlying hash function.

message is either the actual message, or its digest.

val verify : ?slen:int -> key:pub -> signature:string -> string or_digest -> bool

verify ~slen ~key ~signature message checks whether signature is a valid PSS signature of the message under the given key.

message is either the actual message, or its digest.

OCaml

Innovation. Community. Security.