Add a CreatePSS method to SignatureCreator to permit the generation of PSS signatures.

crypto/signature_creator_nss.cc

Index: crypto/signature_creator_nss.cc
diff --git a/crypto/signature_creator_nss.cc b/crypto/signature_creator_nss.cc
index da03312881dbb9a5009c08e78023b5bd897183c8..c5a05c117de190d94e7506f0a6f51f6d456dbb87 100644
--- a/crypto/signature_creator_nss.cc
+++ b/crypto/signature_creator_nss.cc
@@ -46,9 +46,25 @@ SignatureCreator::~SignatureCreator() {
   }
 }
 
-// static
 SignatureCreator* SignatureCreator::Create(RSAPrivateKey* key,
-                                           HashAlgorithm hash_alg) {
+                                           HashAlgorithm hash_algm) {

[davidben, 2015/08/21 21:52:22]

hash_alg, to match the others?

+  return SignatureCreator::CreateImpl(key, hash_algm, false);
+}
+
+SignatureCreator* SignatureCreator::CreatePSS(RSAPrivateKey* key,
+                                              HashAlgorithm hash_algm) {
+  return SignatureCreator::CreateImpl(key, hash_algm, true);
+}
+
+// static
+SignatureCreator* SignatureCreator::CreateImpl(RSAPrivateKey* key,
+                                               HashAlgorithm hash_alg,
+                                               bool use_pss) {
+  if (use_pss) {
+    // TODO(rch): make this work :>
+    NOTREACHED();
+    return NULL;

[davidben, 2015/08/21 21:52:22]

Pfft. Judging by crypto/signature_verifier_nss.cc, it seems to be a mess. Though
perhaps now that we can assume the bundled NSS for this file, this can be
simpler. I'll defer that to Ryan.

+  }
   scoped_ptr<SignatureCreator> result(new SignatureCreator);
   result->sign_context_ = SGN_NewContext(ToNSSSigOid(hash_alg), key->key());
   if (!result->sign_context_) {