Sign data using RSA-PSS.
Computes a digital signature using RSA-PSS on the provided data.
Sign what is in file data
using key 0x79c3
and put the resulting signature in
sig
:
yubihsm> sign pss 0 0x79c3 rsa-pss-sha256 data sig
Tc = 0x55 |
Lc = 2 + 1 + 2 + LD |
Vc = I || M || S || D |
I := Object ID of the Asymmetric Key (2 bytes)
M := Hash Algorithm to use for MGF1
S := Salt len (2 bytes)
D := Hashed data (20, 32, 48 or 64 bytes)
The DSI of EMSA-PSS is as defined in RFC 3447:
DSI := EMSA-PSS-ENCODE(M, emBits, Hash, MGF, sLen).
Where Hash
is a supported hash algorithm, MGF
is a supported masking
function and sLen
is the length of the Salt.
The DSI is generated internally and only the Hash of the data and the Salt length are provided.
Tr = 0xd5 |
Lr = LDS |
Vr = DS |
DS := Resulting signature