Topic: [RSA-PSS verification] API to use + stack size

Hello,

I try to perform a verify of a RSA-PSS signature.

To do that I use the following as seen in a example test

+ wc_RsaPSS_Verify_ex() => seems to use to decrypt the signature and extract the PSS padding
+ wc_RsaPSS_CheckPadding_ex() => to check the PSS padding

My question is:

Is my understanding is the right one ? wc_RsaPSS_Verify_ex() is used to decrypt and extract the padding only or it check the padding too ?
So if the check of the padding is done by this API what is the goal of  wc_RsaPSS_CheckPadding_ex() ?



My other question is that I have seen the following flyers about the stack / heap rerssources.
https://www.wolfssl.com/files/flyers/wo … ce_use.pdf

I use a v3.14 of the wolf and it seems that WOLFSSL_SMALL_STACK is only used in the case of OAEP padding. So can you confirm the stack size provided by this flyer ?




Thanks for your help

Share

Re: [RSA-PSS verification] API to use + stack size

Hi @sebdub79,

Can you tell us a bit about what you are working on that is driving these questions? Can you tell us a bit about your organization and the project end goals?

The numbers in the flyer are accurate and do not mention WOLFSSL_SMALL_STACK so one can not assume that the flyer relates to nor conveys numbers as they would pertain to WOLFSSL_SMALL_STACK. That setting tells the library "I have a small stack, use heap wherever possible instead of static buffers". You would see a decrease in STACK with that setting and an increase in HEAP comparable to the decrease in STACK that setting.

Warm Regards,

K