Apologies in advance ;) but a cryptography question:
I'm coding (or have coded) a digital signature class in RSA. In my
research on how to frame the input to the RSA private key operation, I
was told words to effect "just use OAEP and you're done and dusted."
Which was convenient as that was already available/coded.
However I haven't seen any other code doing this - it is mostly PKCS1,
etc, and RFC3447 doesn't enlighten in this direction.
Could OAEP be considered reasonable for signatures? or is this a case
of totally inappropriate? Or somewhere in between?
iang
_______________________________________________
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography