How to sign with RSA-PSS on a Nitrokey Pro?

Hi Everyone!

Could anyone successfully sign data with RSA-PSS on a Nitrokey Pro?

Does Nitrokey allow signing raw data (without any padding) or is this considered a security issue? (So I can create the PSS padding in software and sign the padded data with “raw” RSA on the Nitrokey.)

Looks like OpenSC does not support CKM_RSA_PKCS_PSS yet:

I did not found any RSA-PSS signing option with gpg2 either.

Any other ideas?


I’m afraid neither RSA-PSS nor raw mode are possible with Nitrokey Pro. Nitrokey Pro is focused on OpenPGP/GnuPG where PKCS#1 is sufficient.