With openssl 1.1.1 rsassa-pss is supported. During my tests I could successfully verify certificates or certificate chains where this algorithm was used. Unfortunately the verification of a timestamp that was signed using rsassa-pss failed. After a look at the source code I noticed, that it is...
@bnoordhuis Just one possible use case I recently stumbled upon: The WebCrypto API specifies two algorithms for RSA-based signatures, RSASSA-PSS and RSASSA-PKCS1-v1_5. I think it would be nice to provide interoperability with as many of the operations defined as part of the WebCrypto API ...
I considered that as well, but assuming that RSASSA-PSS is not the last addition to sign()/verify(), it decided it could become pretty clumsy to pass all options as positional parameters. Copy link Member bnoordhuis Mar 12, 2017 Choose a reason for hiding this comment The reason ...