From b5936a7817b535422574a3627473b13a5f21e5d8 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Thu, 13 Mar 2014 21:03:00 -0400 Subject: add RSA PSS verification support --- docs/hazmat/primitives/asymmetric/padding.rst | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'docs/hazmat/primitives/asymmetric/padding.rst') diff --git a/docs/hazmat/primitives/asymmetric/padding.rst b/docs/hazmat/primitives/asymmetric/padding.rst index 8a034329..aa48b313 100644 --- a/docs/hazmat/primitives/asymmetric/padding.rst +++ b/docs/hazmat/primitives/asymmetric/padding.rst @@ -17,6 +17,18 @@ Padding PKCS1 v1.5 (also known as simply PKCS1) is a simple padding scheme developed for use with RSA keys. It is defined in :rfc:`3447`. +.. class:: PSS(mgf) + + .. versionadded:: 0.3 + + PSS (Probabilistic Signature Scheme) is a signature scheme defined in + :rfc:`3447`. It is more complex than PKCS1 but possesses a `security proof`_. + This is the recommended padding algorithm for RSA. + + :param mgf: A mask generation function object. At this time the only + supported MGF is :class:`MGF1`. + + Mask Generation Functions ~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -41,3 +53,4 @@ Mask Generation Functions .. _`Padding is critical`: http://rdist.root.org/2009/10/06/why-rsa-encryption-padding-is-critical/ +.. _`security proof`: http://eprint.iacr.org/2001/062.pdf -- cgit v1.2.3 From 763c621de1cb576dd4f9ec02fab73df30f71c1d8 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Fri, 14 Mar 2014 09:49:20 -0400 Subject: move PSS to top of docs --- docs/hazmat/primitives/asymmetric/padding.rst | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'docs/hazmat/primitives/asymmetric/padding.rst') diff --git a/docs/hazmat/primitives/asymmetric/padding.rst b/docs/hazmat/primitives/asymmetric/padding.rst index aa48b313..cbfd2920 100644 --- a/docs/hazmat/primitives/asymmetric/padding.rst +++ b/docs/hazmat/primitives/asymmetric/padding.rst @@ -10,13 +10,6 @@ Padding correct padding signatures can be forged, messages decrypted, and private keys compromised. -.. class:: PKCS1v15() - - .. versionadded:: 0.3 - - PKCS1 v1.5 (also known as simply PKCS1) is a simple padding scheme - developed for use with RSA keys. It is defined in :rfc:`3447`. - .. class:: PSS(mgf) .. versionadded:: 0.3 @@ -28,6 +21,13 @@ Padding :param mgf: A mask generation function object. At this time the only supported MGF is :class:`MGF1`. +.. class:: PKCS1v15() + + .. versionadded:: 0.3 + + PKCS1 v1.5 (also known as simply PKCS1) is a simple padding scheme + developed for use with RSA keys. It is defined in :rfc:`3447`. + Mask Generation Functions ~~~~~~~~~~~~~~~~~~~~~~~~~ -- cgit v1.2.3 From a38e8e580c09cebcab528be7e806f63539498f94 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Mon, 17 Mar 2014 22:58:44 -0400 Subject: link to Colin Percival re: recommended RSA signature padding --- docs/hazmat/primitives/asymmetric/padding.rst | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'docs/hazmat/primitives/asymmetric/padding.rst') diff --git a/docs/hazmat/primitives/asymmetric/padding.rst b/docs/hazmat/primitives/asymmetric/padding.rst index cbfd2920..ab676b02 100644 --- a/docs/hazmat/primitives/asymmetric/padding.rst +++ b/docs/hazmat/primitives/asymmetric/padding.rst @@ -16,7 +16,7 @@ Padding PSS (Probabilistic Signature Scheme) is a signature scheme defined in :rfc:`3447`. It is more complex than PKCS1 but possesses a `security proof`_. - This is the recommended padding algorithm for RSA. + This is the `recommended padding algorithm`_ for RSA signatures. :param mgf: A mask generation function object. At this time the only supported MGF is :class:`MGF1`. @@ -54,3 +54,4 @@ Mask Generation Functions .. _`Padding is critical`: http://rdist.root.org/2009/10/06/why-rsa-encryption-padding-is-critical/ .. _`security proof`: http://eprint.iacr.org/2001/062.pdf +.. _`recommended padding algorithm`: http://www.daemonology.net/blog/2009-06-11-cryptographic-right-answers.html -- cgit v1.2.3