SALT_LEN as template parameter - bad idea ?

31 views

Skip to first unread message

Richartz, Norbert

unread,

Dec 6, 2005, 5:42:33 AM12/6/05

to crypto...@eskimo.com

Hi all!

We are using the rsassa-pss algorithm for verifying corresponding
signatures. In the PKCS#1 V2.1 the RSASSA-PSS-params are defined as
follows:

RSASSA-PSS-params ::= SEQUENCE {
hashAlgorithm [0] HashAlgorithm DEFAULT sha1,
maskGenAlgorithm [1] MaskGenAlgorithm DEFAULT mgf1SHA1,
saltLength [2] INTEGER DEFAULT 20,
trailerField [3] TrailerField DEFAULT trailerFieldBC
}

Unfortunately in the PSSR_MEM class the salt length is a template
parameter:

template <bool ALLOW_RECOVERY, class MGF=P1363_MGF1, int SALT_LEN=-1,
int MIN_PAD_LEN=0, bool USE_HASH_ID=false>
class PSSR_MEM : public PSSR_MEM_BaseWithHashId<USE_HASH_ID>
..

So it is not possible to set this parameter during runtime after
evaluation of the PKCS#1 parameters above. Is there a solution besides
reprogramming the PSSR_MEM class? Or any other idea how to set the salt
len during runtime? The number of hash algorithms is concise, the number
of integers isn't :-)

Besides: I know, it makes no real sense to set the salt independently
from the hash algorithm, but there definitely are commercial products,
which e.g. are using SHA-256 with a salt of 20 bytes, so we need the
dynamic parameter.

Best regards

-----
Norbert A. Richartz

Reply all

Reply to author

Forward

0 new messages