Probabilistic Signature Scheme for RSA key signing

[pkarman]

I do not see support for this OpenSSL feature. Am I missing something? Is this on the TODO list? Happy to contribute if there is a desire for that.

[rhenium]

PSS is not (yet) supported.

For the RSA-PSS version of PKey#{sign,verify} (which you seem to want), I think we can add something like OpenSSL::PKey::RSA#{sign,verify}_pss. A PR to add them is welcome!

As for OpenSSL::X509::Certificate (and the like) signing, I imagine we have to introduce a new abstraction class because we wouldn't want RSA-specific code outside OpenSSL::PKey::RSA.

[nov]

+1 for PSS support.

Which is going to be REQUIRED in OpenID Connect FAPI read-write security profile, which will be widely used in worldwide banking APIs.

See details here (especially p.30 in the slide)
https://nat.sakimura.org/2017/11/09/1370/