2 files changed, 105 insertions, 44 deletions

diff --git a/lib/public_key/doc/src/public_key.xml b/lib/public_key/doc/src/public_key.xml
index 8d4191d112..942203bd12 100644
--- a/lib/public_key/doc/src/public_key.xml
+++ b/lib/public_key/doc/src/public_key.xml
@@ -129,18 +129,31 @@
 	<p><c>| 'rsa_no_padding'</c></p>
       </item>
 
+      <tag><c>public_sign_options() =</c></tag>
+      <item><p><c>[{rsa_pad, rsa_sign_padding()} | {rsa_pss_saltlen, integer()}]</c></p></item>
+
+      <tag><c>rsa_sign_padding() =</c></tag>
+      <item>
+	<p><c>'rsa_pkcs1_padding'</c></p>
+	<p><c>| 'rsa_pkcs1_pss_padding'</c></p>
+      </item>
+
       <tag><c>digest_type() = </c></tag>
       <item><p>Union of <c>rsa_digest_type()</c>, <c>dss_digest_type()</c>, 
       and <c>ecdsa_digest_type()</c>.</p></item>
 
       <tag><c>rsa_digest_type() = </c></tag>
-      <item><p><c>'md5' | 'sha' | 'sha224' | 'sha256' | 'sha384' | 'sha512'</c></p></item>
+      <item><p><c>'md5' | 'ripemd160' | 'sha' | 'sha224' | 'sha256' | 'sha384' | 'sha512'</c></p></item>
 
       <tag><c>dss_digest_type() = </c></tag>
-      <item><p><c>'sha'</c></p></item>
+      <item><p><c>'sha' | 'sha224' | 'sha256' | 'sha384' | 'sha512'</c></p>
+      <p>Note that the actual supported dss_digest_type depends on the underlying crypto library.
+      In OpenSSL version >= 1.0.1 the listed digest are supported, while in 1.0.0 only
+      sha, sha224 and sha256 are supported. In version 0.9.8 only sha is supported.</p>
+      </item>
 
       <tag><c>ecdsa_digest_type() = </c></tag>
-      <item><p><c>'sha'| 'sha224' | 'sha256' | 'sha384' | 'sha512'</c></p></item>
+      <item><p><c>'sha' | 'sha224' | 'sha256' | 'sha384' | 'sha512'</c></p></item>
       
       <tag><c>crl_reason() = </c></tag>
       <item>
@@ -803,6 +816,7 @@ fun(#'DistributionPoint'{}, #'CertificateList'{},
 
   <func>
     <name>sign(Msg, DigestType, Key) -> binary()</name>
+    <name>sign(Msg, DigestType, Key, Options) -> binary()</name>
     <fsummary>Creates a digital signature.</fsummary>
     <type>
        <v>Msg = binary() | {digest,binary()}</v>
@@ -811,6 +825,7 @@ fun(#'DistributionPoint'{}, #'CertificateList'{},
        digest.</d>
        <v>DigestType = rsa_digest_type() | dss_digest_type() | ecdsa_digest_type()</v>
        <v>Key = rsa_private_key() | dsa_private_key() | ec_private_key()</v>
+       <v>Options = public_sign_options()</v>
   </type>
   <desc>
     <p>Creates a digital signature.</p> 
@@ -903,6 +918,7 @@ fun(#'DistributionPoint'{}, #'CertificateList'{},
 
   <func>
     <name>verify(Msg, DigestType, Signature, Key) -> boolean()</name>
+    <name>verify(Msg, DigestType, Signature, Key, Options) -> boolean()</name>
     <fsummary>Verifies a digital signature.</fsummary>
     <type>
       <v>Msg = binary() | {digest,binary()}</v>
@@ -911,6 +927,7 @@ fun(#'DistributionPoint'{}, #'CertificateList'{},
       <v>DigestType = rsa_digest_type() | dss_digest_type() | ecdsa_digest_type()</v>
       <v>Signature = binary()</v>
       <v>Key = rsa_public_key() | dsa_public_key() | ec_public_key()</v>
+      <v>Options = public_sign_options()</v>
   </type>
   <desc>
     <p>Verifies a digital signature.</p>
diff --git a/lib/public_key/src/public_key.erl b/lib/public_key/src/public_key.erl
index 341118e5a2..1776baf830 100644
--- a/lib/public_key/src/public_key.erl
+++ b/lib/public_key/src/public_key.erl
@@ -37,7 +37,7 @@
 	 decrypt_public/2, decrypt_public/3,
 	 dh_gex_group/4,
 	 dh_gex_group_sizes/0,
-	 sign/3, verify/4,
+	 sign/3, sign/4, verify/4, verify/5,
 	 generate_key/1,
 	 compute_key/2, compute_key/3,
 	 pkix_sign/2, pkix_verify/2,	 
@@ -90,10 +90,12 @@
 				auth_keys.
 -type rsa_padding()          :: 'rsa_pkcs1_padding' | 'rsa_pkcs1_oaep_padding' 
 			      | 'rsa_no_padding'.
+-type rsa_sign_padding()     :: 'rsa_pkcs1_padding' | 'rsa_pkcs1_pss_padding'.
 -type public_crypt_options() :: [{rsa_pad, rsa_padding()}].
--type rsa_digest_type()      :: 'md5' | 'sha'| 'sha224' | 'sha256' | 'sha384' | 'sha512'.
--type dss_digest_type()      :: 'none' | 'sha'. %% None is for backwards compatibility
--type ecdsa_digest_type()    :: 'sha'| 'sha224' | 'sha256' | 'sha384' | 'sha512'.
+-type rsa_digest_type()      :: 'md5' | 'ripemd160' | 'sha' | 'sha224' | 'sha256' | 'sha384' | 'sha512'.
+-type dss_digest_type()      :: 'none' | 'sha' | 'sha224' | 'sha256' | 'sha384' | 'sha512'. %% None is for backwards compatibility
+-type ecdsa_digest_type()    :: 'sha' | 'sha224' | 'sha256' | 'sha384' | 'sha512'.
+-type public_sign_options()  :: [{rsa_pad, rsa_sign_padding()} | {rsa_pss_saltlen, integer()}].
 -type digest_type()          :: rsa_digest_type() |  dss_digest_type() | ecdsa_digest_type().
 -type crl_reason()           ::  unspecified | keyCompromise | cACompromise | affiliationChanged | superseded
 			       | cessationOfOperation | certificateHold | privilegeWithdrawn |  aACompromise.
@@ -498,35 +500,67 @@ pkix_sign_types(?'ecdsa-with-SHA512') ->
     {sha512, ecdsa}.
 
 %%--------------------------------------------------------------------
--spec sign(binary() | {digest, binary()},  rsa_digest_type() | dss_digest_type() | ecdsa_digest_type(),
-	   rsa_private_key() |
-	   dsa_private_key() | ec_private_key()) -> Signature :: binary().
-%% Description: Create digital signature.
-%%--------------------------------------------------------------------
-sign(DigestOrPlainText, DigestType, Key = #'RSAPrivateKey'{}) ->
-    crypto:sign(rsa, DigestType, DigestOrPlainText, format_rsa_private_key(Key));
+-spec sign(binary() | {digest, binary()},
+           rsa_digest_type() | dss_digest_type() | ecdsa_digest_type(),
+	   rsa_private_key() | dsa_private_key() | ec_private_key()
+          ) -> Signature :: binary().
 
-sign(DigestOrPlainText, sha, #'DSAPrivateKey'{p = P, q = Q, g = G, x = X}) ->
-    crypto:sign(dss, sha, DigestOrPlainText, [P, Q, G, X]);
+-spec sign(binary() | {digest, binary()},
+           rsa_digest_type() | dss_digest_type() | ecdsa_digest_type(),
+	   rsa_private_key() | dsa_private_key() | ec_private_key(),
+           public_sign_options()
+          ) -> Signature :: binary().
 
-sign(DigestOrPlainText, DigestType, #'ECPrivateKey'{privateKey = PrivKey,
-						    parameters = Param}) ->
-    ECCurve = ec_curve_spec(Param),
-    crypto:sign(ecdsa, DigestType, DigestOrPlainText, [PrivKey, ECCurve]);
+%% Description: Create digital signature.
+%%--------------------------------------------------------------------
+sign(DigestOrPlainText, DigestType, Key) ->
+    sign(DigestOrPlainText, DigestType, Key, []).
 
 %% Backwards compatible
-sign(Digest, none, #'DSAPrivateKey'{} = Key) ->
-    sign({digest,Digest}, sha, Key).
+sign(Digest, none, Key = #'DSAPrivateKey'{}, Options) when is_binary(Digest) ->
+    sign({digest, Digest}, sha, Key, Options);
+sign(DigestOrPlainText, DigestType, Key, Options) ->
+    case format_sign_key(Key) of
+	badarg ->
+	    erlang:error(badarg, [DigestOrPlainText, DigestType, Key, Options]);
+	{Algorithm, CryptoKey} ->
+	    crypto:sign(Algorithm, DigestType, DigestOrPlainText, CryptoKey, Options)
+    end.
 
 %%--------------------------------------------------------------------
--spec verify(binary() | {digest, binary()}, rsa_digest_type() | dss_digest_type() | ecdsa_digest_type(),
-	     Signature :: binary(), rsa_public_key()
-	     | dsa_public_key() | ec_public_key()) -> boolean().
+-spec verify(binary() | {digest, binary()},
+             rsa_digest_type() | dss_digest_type() | ecdsa_digest_type(),
+	     Signature :: binary(),
+             rsa_public_key() | dsa_public_key() | ec_public_key()
+               |  rsa_private_key() | dsa_private_key() | ec_private_key()
+            ) -> boolean().
+
+-spec verify(binary() | {digest, binary()},
+             rsa_digest_type() | dss_digest_type() | ecdsa_digest_type(),
+	     Signature :: binary(),
+             rsa_public_key() | dsa_public_key() | ec_public_key()
+               |  rsa_private_key() | dsa_private_key() | ec_private_key(),
+             public_sign_options()
+            ) -> boolean().
+
 %% Description: Verifies a digital signature.
 %%--------------------------------------------------------------------
-verify(DigestOrPlainText, DigestType, Signature, Key) when is_binary(Signature) ->
-    do_verify(DigestOrPlainText, DigestType, Signature, Key);
-verify(_,_,_,_) -> 
+verify(DigestOrPlainText, DigestType, Signature, Key) ->
+    verify(DigestOrPlainText, DigestType, Signature, Key, []).
+
+%% Backwards compatible
+verify(Digest, none, Signature, Key = {_, #'Dss-Parms'{}}, Options) when is_binary(Digest) ->
+    verify({digest, Digest}, sha, Signature, Key, Options);
+verify(Digest, none, Signature, Key = #'DSAPrivateKey'{}, Options) when is_binary(Digest) ->
+    verify({digest, Digest}, sha, Signature, Key, Options);
+verify(DigestOrPlainText, DigestType, Signature, Key, Options) when is_binary(Signature) ->
+    case format_verify_key(Key) of
+	badarg ->
+	    erlang:error(badarg, [DigestOrPlainText, DigestType, Signature, Key, Options]);
+	{Algorithm, CryptoKey} ->
+	    crypto:verify(Algorithm, DigestType, DigestOrPlainText, Signature, CryptoKey, Options)
+    end;
+verify(_,_,_,_,_) ->
     %% If Signature is a bitstring and not a binary we know already at this
     %% point that the signature is invalid.
     false.
@@ -994,22 +1028,32 @@ short_name_hash({rdnSequence, _Attributes} = Name) ->
 %%--------------------------------------------------------------------
 %%% Internal functions
 %%--------------------------------------------------------------------
-do_verify(DigestOrPlainText, DigestType, Signature,
-       #'RSAPublicKey'{modulus = Mod, publicExponent = Exp}) ->
-    crypto:verify(rsa, DigestType, DigestOrPlainText, Signature,
-		  [Exp, Mod]);
-
-do_verify(DigestOrPlaintext, DigestType, Signature, {#'ECPoint'{point = Point}, Param}) ->
-    ECCurve = ec_curve_spec(Param),
-    crypto:verify(ecdsa, DigestType, DigestOrPlaintext, Signature, [Point, ECCurve]);
-
-%% Backwards compatibility
-do_verify(Digest, none, Signature, {_,  #'Dss-Parms'{}} = Key ) ->
-    verify({digest,Digest}, sha, Signature, Key);
-
-do_verify(DigestOrPlainText, sha = DigestType, Signature, {Key,  #'Dss-Parms'{p = P, q = Q, g = G}})
-  when is_integer(Key), is_binary(Signature) ->
-    crypto:verify(dss, DigestType, DigestOrPlainText, Signature, [P, Q, G, Key]).
+format_sign_key(Key = #'RSAPrivateKey'{}) ->
+    {rsa, format_rsa_private_key(Key)};
+format_sign_key(#'DSAPrivateKey'{p = P, q = Q, g = G, x = X}) ->
+    {dss, [P, Q, G, X]};
+format_sign_key(#'ECPrivateKey'{privateKey = PrivKey, parameters = Param}) ->
+    {ecdsa, [PrivKey, ec_curve_spec(Param)]};
+format_sign_key(_) ->
+    badarg.
+
+format_verify_key(#'RSAPublicKey'{modulus = Mod, publicExponent = Exp}) ->
+    {rsa, [Exp, Mod]};
+format_verify_key({#'ECPoint'{point = Point}, Param}) ->
+    {ecdsa, [Point, ec_curve_spec(Param)]};
+format_verify_key({Key,  #'Dss-Parms'{p = P, q = Q, g = G}}) ->
+    {dss, [P, Q, G, Key]};
+%% Convert private keys to public keys
+format_verify_key(#'RSAPrivateKey'{modulus = Mod, publicExponent = Exp}) ->
+    format_verify_key(#'RSAPublicKey'{modulus = Mod, publicExponent = Exp});
+format_verify_key(#'ECPrivateKey'{parameters = Param, publicKey = {_, Point}}) ->
+    format_verify_key({#'ECPoint'{point = Point}, Param});
+format_verify_key(#'ECPrivateKey'{parameters = Param, publicKey = Point}) ->
+    format_verify_key({#'ECPoint'{point = Point}, Param});
+format_verify_key(#'DSAPrivateKey'{y=Y, p=P, q=Q, g=G}) ->
+    format_verify_key({Y, #'Dss-Parms'{p=P, q=Q, g=G}});
+format_verify_key(_) ->
+    badarg.
 
 do_pem_entry_encode(Asn1Type, Entity, CipherInfo, Password) ->
     Der = der_encode(Asn1Type, Entity),