Files
wolfssl/doc/dox_comments/header_files
Sameeh Jubran deb668ca4b pkcs7: add RSA-PSS support for SignedData
Add full RSA-PSS (RSASSA-PSS) support to PKCS#7 SignedData
encoding and verification.

This change enables SignerInfo.signatureAlgorithm to use
id-RSASSA-PSS with explicit RSASSA-PSS-params (hash, MGF1,
salt length), as required by RFC 4055 and CMS profiles.

Key changes:
- Add RSA-PSS encode and verify paths for PKCS7 SignedData
- Encode full RSASSA-PSS AlgorithmIdentifier parameters
- Decode RSA-PSS parameters from SignerInfo for verification
- Treat RSA-PSS like ECDSA (sign raw digest, not DigestInfo)
- Fix certificate signatureAlgorithm parameter length handling
- Add API test coverage for RSA-PSS SignedData

This resolves failures when using RSA-PSS signer certificates
(e.g. -173 invalid signature algorithm) and maintains backward
compatibility with RSA PKCS#1 v1.5 and ECDSA.

Signed-off-by: Sameeh Jubran <sameeh@wolfssl.com>
2026-02-25 11:02:47 +02:00
..
2025-12-29 08:37:51 -08:00
2026-02-05 11:57:33 -07:00
2022-04-06 16:17:36 +01:00
2026-02-10 14:51:51 -08:00
2022-04-06 16:17:36 +01:00
2025-12-03 15:15:32 +00:00
2022-04-06 16:17:36 +01:00
2022-04-06 16:17:36 +01:00
2025-11-21 17:43:55 +00:00
2022-04-06 16:17:36 +01:00
2025-11-21 17:43:55 +00:00
2025-11-21 17:43:55 +00:00
2025-11-21 17:43:55 +00:00
2022-04-06 16:17:36 +01:00
2025-12-03 13:39:09 +09:00
2025-11-21 17:43:55 +00:00
2022-04-06 16:17:36 +01:00
2025-11-21 17:43:55 +00:00
2025-12-29 08:37:51 -08:00
2022-04-06 16:17:36 +01:00
2026-01-22 15:46:13 -07:00
2022-04-06 16:17:36 +01:00