1 (edited by lalonde 2017-12-06 13:36:53)

Topic: Support or Directives for RSASSA-PKCS1-v1_5

Hi there,

I have a simple question, does the wolfCrypt engine support the specific RSA signing padding scheme RSASSA-PKCS1-v1_5?

Nor in source code or documentation (ex. No information in section 10.5 PKC - 10.5.1 RSA or other parts of the manual) that I have seen, was there direction for what the exact signature scheme is when using functions such as:


As there is only four types accepted (but three usable enums) in this function,
WC_SIGNATURE_TYPE_RSA and WC_SIGNATURE_TYPE_RSA_W_ENC are the only choices for RSA as opposed to using ECC. I don't need to encrypt the signature created, only verify it on my embedded target, therefore I am currently using WC_SIGNATURE_TYPE_RSA.

Maybe there is another function to use in the API or a #define for PSS or PKCS1-v1_5 padding - any insight on this matter is much appreciated!

Best Regards,



Re: Support or Directives for RSASSA-PKCS1-v1_5

Hi lalonde,

For the RSA using our signature wrapper `wc_SignatureGenerate` the type `WC_SIGNATURE_TYPE_RSA_W_ENC` adds ASN1 DER encoding which includes the OID around the signature. Both `WC_SIGNATURE_TYPE_RSA` and `WC_SIGNATURE_TYPE_RSA_W_ENC` using PKCS v1.5.

David Garske, wolfSSL