Sign data using RSA-PSS.
Computes a digital signature using RSA-PSS on the provided data.
Sign what is in file
data using key
0x79c3 and put the resulting signature in
yubihsm> sign pss 0 0x79c3 rsa-pss-sha256 data sig
Tc = 0x55
Lc = 2 + 1 + 2 + LD
Vc = I || M || S || D
I := Object ID of the Asymmetric Key (2 bytes)
M := Hash Algorithm to use for MGF1
S := Salt len (2 bytes)
D := H (2 + L bytes, where L is the length of the hashed data)
The DSI of EMSA-PSS is as defined in RFC 3447:
DSI := EMSA-PSS-ENCODE(M, emBits, Hash, MGF, sLen).
Hash is a supported hash algorithm,
MGF is a supported masking
sLen is the length of the Salt.
The DSI is generated internally and only the Hash of the data and the Salt length are provided.
Tr = 0xd5
Lr = LDS
Vr = DS
DS := Resulting signature