add RSA signing support

CryptoLib.Tests/Delphi.Tests/CryptoLib.Tests.TestInsight.dpr

@@ -1,456 +0,0 @@
-program CryptoLib.Tests.TestInsight;
-{
-
-  Delphi DUnit Test Project
-  -------------------------
-  This project contains the DUnit test framework and the GUI/Console test runners.
-  Add "CONSOLE_TESTRUNNER" to the conditional defines entry in the project options
-  to use the console test runner.  Otherwise the GUI test runner will be used by
-  default.
-
-}
-
-{$WARN DUPLICATE_CTOR_DTOR OFF}
-{$IFDEF CONSOLE_TESTRUNNER}
-{$APPTYPE CONSOLE}
-{$ENDIF}
-
-uses
-  TestInsight.DUnit,
-  ClpECGost3410NamedCurves in '..\..\CryptoLib\src\Asn1\CryptoPro\ClpECGost3410NamedCurves.pas',
-  ClpCryptoProObjectIdentifiers in '..\..\CryptoLib\src\Asn1\CryptoPro\ClpCryptoProObjectIdentifiers.pas',
-  ClpNistObjectIdentifiers in '..\..\CryptoLib\src\Asn1\Nist\ClpNistObjectIdentifiers.pas',
-  ClpOiwObjectIdentifiers in '..\..\CryptoLib\src\Asn1\Oiw\ClpOiwObjectIdentifiers.pas',
-  ClpPkcsObjectIdentifiers in '..\..\CryptoLib\src\Asn1\Pkcs\ClpPkcsObjectIdentifiers.pas',
-  ClpRosstandartObjectIdentifiers in '..\..\CryptoLib\src\Asn1\RossStandart\ClpRosstandartObjectIdentifiers.pas',
-  ClpSecNamedCurves in '..\..\CryptoLib\src\Asn1\Sec\ClpSecNamedCurves.pas',
-  ClpSecObjectIdentifiers in '..\..\CryptoLib\src\Asn1\Sec\ClpSecObjectIdentifiers.pas',
-  ClpTeleTrusTObjectIdentifiers in '..\..\CryptoLib\src\Asn1\TeleTrust\ClpTeleTrusTObjectIdentifiers.pas',
-  ClpECNamedCurveTable in '..\..\CryptoLib\src\Asn1\X9\ClpECNamedCurveTable.pas',
-  ClpX9ECParameters in '..\..\CryptoLib\src\Asn1\X9\ClpX9ECParameters.pas',
-  ClpX9ECParametersHolder in '..\..\CryptoLib\src\Asn1\X9\ClpX9ECParametersHolder.pas',
-  ClpX9ObjectIdentifiers in '..\..\CryptoLib\src\Asn1\X9\ClpX9ObjectIdentifiers.pas',
-  ClpOidTokenizer in '..\..\CryptoLib\src\Asn1\ClpOidTokenizer.pas',
-  ClpECKeyPairGenerator in '..\..\CryptoLib\src\Crypto\Generators\ClpECKeyPairGenerator.pas',
-  ClpECDomainParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpECDomainParameters.pas',
-  ClpECKeyGenerationParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpECKeyGenerationParameters.pas',
-  ClpECKeyParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpECKeyParameters.pas',
-  ClpECPrivateKeyParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpECPrivateKeyParameters.pas',
-  ClpECPublicKeyParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpECPublicKeyParameters.pas',
-  ClpCryptoApiRandomGenerator in '..\..\CryptoLib\src\Crypto\Prng\ClpCryptoApiRandomGenerator.pas',
-  ClpDigestRandomGenerator in '..\..\CryptoLib\src\Crypto\Prng\ClpDigestRandomGenerator.pas',
-  ClpAsymmetricCipherKeyPair in '..\..\CryptoLib\src\Crypto\ClpAsymmetricCipherKeyPair.pas',
-  ClpAsymmetricKeyParameter in '..\..\CryptoLib\src\Crypto\ClpAsymmetricKeyParameter.pas',
-  ClpKeyGenerationParameters in '..\..\CryptoLib\src\Crypto\ClpKeyGenerationParameters.pas',
-  ClpIAsymmetricCipherKeyPair in '..\..\CryptoLib\src\Interfaces\ClpIAsymmetricCipherKeyPair.pas',
-  ClpIAsymmetricCipherKeyPairGenerator in '..\..\CryptoLib\src\Interfaces\ClpIAsymmetricCipherKeyPairGenerator.pas',
-  ClpIAsymmetricKeyParameter in '..\..\CryptoLib\src\Interfaces\ClpIAsymmetricKeyParameter.pas',
-  ClpICipherParameters in '..\..\CryptoLib\src\Interfaces\ClpICipherParameters.pas',
-  ClpICryptoApiRandomGenerator in '..\..\CryptoLib\src\Interfaces\ClpICryptoApiRandomGenerator.pas',
-  ClpIDigestRandomGenerator in '..\..\CryptoLib\src\Interfaces\ClpIDigestRandomGenerator.pas',
-  ClpIECDomainParameters in '..\..\CryptoLib\src\Interfaces\ClpIECDomainParameters.pas',
-  ClpIECC in '..\..\CryptoLib\src\Interfaces\ClpIECC.pas',
-  ClpIECKeyGenerationParameters in '..\..\CryptoLib\src\Interfaces\ClpIECKeyGenerationParameters.pas',
-  ClpIECKeyPairGenerator in '..\..\CryptoLib\src\Interfaces\ClpIECKeyPairGenerator.pas',
-  ClpIECKeyParameters in '..\..\CryptoLib\src\Interfaces\ClpIECKeyParameters.pas',
-  ClpIECPrivateKeyParameters in '..\..\CryptoLib\src\Interfaces\ClpIECPrivateKeyParameters.pas',
-  ClpIECPublicKeyParameters in '..\..\CryptoLib\src\Interfaces\ClpIECPublicKeyParameters.pas',
-  ClpIExtensionField in '..\..\CryptoLib\src\Interfaces\ClpIExtensionField.pas',
-  ClpIFiniteField in '..\..\CryptoLib\src\Interfaces\ClpIFiniteField.pas',
-  ClpIFixedPointPreCompInfo in '..\..\CryptoLib\src\Interfaces\ClpIFixedPointPreCompInfo.pas',
-  ClpIGlvEndomorphism in '..\..\CryptoLib\src\Interfaces\ClpIGlvEndomorphism.pas',
-  ClpIGlvTypeBEndomorphism in '..\..\CryptoLib\src\Interfaces\ClpIGlvTypeBEndomorphism.pas',
-  ClpIGlvTypeBParameters in '..\..\CryptoLib\src\Interfaces\ClpIGlvTypeBParameters.pas',
-  ClpIKeyGenerationParameters in '..\..\CryptoLib\src\Interfaces\ClpIKeyGenerationParameters.pas',
-  ClpIOidTokenizer in '..\..\CryptoLib\src\Interfaces\ClpIOidTokenizer.pas',
-  ClpIPolynomial in '..\..\CryptoLib\src\Interfaces\ClpIPolynomial.pas',
-  ClpIPolynomialExtensionField in '..\..\CryptoLib\src\Interfaces\ClpIPolynomialExtensionField.pas',
-  ClpIPreCompInfo in '..\..\CryptoLib\src\Interfaces\ClpIPreCompInfo.pas',
-  ClpIAsn1Objects in '..\..\CryptoLib\src\Interfaces\ClpIAsn1Objects.pas',
-  ClpIRandom in '..\..\CryptoLib\src\Interfaces\ClpIRandom.pas',
-  ClpIRandomGenerator in '..\..\CryptoLib\src\Interfaces\ClpIRandomGenerator.pas',
-  ClpIRandomNumberGenerator in '..\..\CryptoLib\src\Interfaces\ClpIRandomNumberGenerator.pas',
-  ClpIScaleXPointMap in '..\..\CryptoLib\src\Interfaces\ClpIScaleXPointMap.pas',
-  ClpISecureRandom in '..\..\CryptoLib\src\Interfaces\ClpISecureRandom.pas',
-  ClpIWNafPreCompInfo in '..\..\CryptoLib\src\Interfaces\ClpIWNafPreCompInfo.pas',
-  ClpIX9ECParameters in '..\..\CryptoLib\src\Interfaces\ClpIX9ECParameters.pas',
-  ClpIX9ECParametersHolder in '..\..\CryptoLib\src\Interfaces\ClpIX9ECParametersHolder.pas',
-  ClpGlvTypeBEndomorphism in '..\..\CryptoLib\src\Math\EC\Endo\ClpGlvTypeBEndomorphism.pas',
-  ClpGlvTypeBParameters in '..\..\CryptoLib\src\Math\EC\Endo\ClpGlvTypeBParameters.pas',
-  ClpFixedPointPreCompInfo in '..\..\CryptoLib\src\Math\EC\Multiplier\ClpFixedPointPreCompInfo.pas',
-  ClpWNafPreCompInfo in '..\..\CryptoLib\src\Math\EC\Multiplier\ClpWNafPreCompInfo.pas',
-  ClpECAlgorithms in '..\..\CryptoLib\src\Math\EC\ClpECAlgorithms.pas',
-  ClpLongArray in '..\..\CryptoLib\src\Math\EC\ClpLongArray.pas',
-  ClpScaleXPointMap in '..\..\CryptoLib\src\Math\EC\ClpScaleXPointMap.pas',
-  ClpBigInteger in '..\..\CryptoLib\src\Math\ClpBigInteger.pas',
-  ClpDigestUtilities in '..\..\CryptoLib\src\Security\ClpDigestUtilities.pas',
-  ClpRandom in '..\..\CryptoLib\src\Security\ClpRandom.pas',
-  ClpSecureRandom in '..\..\CryptoLib\src\Security\ClpSecureRandom.pas',
-  ClpRandomNumberGenerator in '..\..\CryptoLib\src\Utils\Rng\ClpRandomNumberGenerator.pas',
-  ClpArrayUtils in '..\..\CryptoLib\src\Utils\ClpArrayUtils.pas',
-  ClpBitConverter in '..\..\CryptoLib\src\Utils\ClpBitConverter.pas',
-  ClpBits in '..\..\CryptoLib\src\Utils\ClpBits.pas',
-  ClpConverters in '..\..\CryptoLib\src\Utils\ClpConverters.pas',
-  ClpCryptoLibTypes in '..\..\CryptoLib\src\Utils\ClpCryptoLibTypes.pas',
-  ClpTimes in '..\..\CryptoLib\src\Utils\ClpTimes.pas',
-  ClpBigIntegers in '..\..\CryptoLib\src\Utils\ClpBigIntegers.pas',
-  ClpMod in '..\..\CryptoLib\src\Math\Raw\ClpMod.pas',
-  ClpNat in '..\..\CryptoLib\src\Math\Raw\ClpNat.pas',
-  ClpParametersWithRandom in '..\..\CryptoLib\src\Crypto\Parameters\ClpParametersWithRandom.pas',
-  ClpIParametersWithRandom in '..\..\CryptoLib\src\Interfaces\ClpIParametersWithRandom.pas',
-  ClpIDsa in '..\..\CryptoLib\src\Interfaces\ClpIDsa.pas',
-  ClpIDsaKCalculator in '..\..\CryptoLib\src\Interfaces\ClpIDsaKCalculator.pas',
-  ClpISigner in '..\..\CryptoLib\src\Interfaces\ClpISigner.pas',
-  ClpRandomDsaKCalculator in '..\..\CryptoLib\src\Crypto\Signers\ClpRandomDsaKCalculator.pas',
-  ClpIRandomDsaKCalculator in '..\..\CryptoLib\src\Interfaces\ClpIRandomDsaKCalculator.pas',
-  ClpECDsaSigner in '..\..\CryptoLib\src\Crypto\Signers\ClpECDsaSigner.pas',
-  ClpIECDsaSigner in '..\..\CryptoLib\src\Interfaces\ClpIECDsaSigner.pas',
-  ClpDsaDigestSigner in '..\..\CryptoLib\src\Crypto\Signers\ClpDsaDigestSigner.pas',
-  ClpIDsaDigestSigner in '..\..\CryptoLib\src\Interfaces\ClpIDsaDigestSigner.pas',
-  ClpSignerUtilities in '..\..\CryptoLib\src\Security\ClpSignerUtilities.pas',
-  ClpZTauElement in '..\..\CryptoLib\src\Math\EC\Abc\ClpZTauElement.pas',
-  ClpIZTauElement in '..\..\CryptoLib\src\Interfaces\ClpIZTauElement.pas',
-  ClpSimpleBigDecimal in '..\..\CryptoLib\src\Math\EC\Abc\ClpSimpleBigDecimal.pas',
-  ClpTnaf in '..\..\CryptoLib\src\Math\EC\Abc\ClpTnaf.pas',
-  ClpWTauNafPreCompInfo in '..\..\CryptoLib\src\Math\EC\Multiplier\ClpWTauNafPreCompInfo.pas',
-  ClpIWTauNafPreCompInfo in '..\..\CryptoLib\src\Interfaces\ClpIWTauNafPreCompInfo.pas',
-  ClpGF2Polynomial in '..\..\CryptoLib\src\Math\Field\ClpGF2Polynomial.pas',
-  ClpIGF2Polynomial in '..\..\CryptoLib\src\Interfaces\ClpIGF2Polynomial.pas',
-  ClpGenericPolynomialExtensionField in '..\..\CryptoLib\src\Math\Field\ClpGenericPolynomialExtensionField.pas',
-  ClpIGenericPolynomialExtensionField in '..\..\CryptoLib\src\Interfaces\ClpIGenericPolynomialExtensionField.pas',
-  ClpPrimeField in '..\..\CryptoLib\src\Math\Field\ClpPrimeField.pas',
-  ClpIPrimeField in '..\..\CryptoLib\src\Interfaces\ClpIPrimeField.pas',
-  ClpFiniteFields in '..\..\CryptoLib\src\Math\Field\ClpFiniteFields.pas',
-  ClpOSRandom in '..\..\CryptoLib\src\Utils\Randoms\ClpOSRandom.pas',
-  ClpSetWeakRef in '..\..\CryptoLib\src\Utils\ClpSetWeakRef.pas',
-  ClpCipherUtilities in '..\..\CryptoLib\src\Security\ClpCipherUtilities.pas',
-  ClpIBufferedCipher in '..\..\CryptoLib\src\Interfaces\ClpIBufferedCipher.pas',
-  ClpIBlockCipher in '..\..\CryptoLib\src\Interfaces\ClpIBlockCipher.pas',
-  ClpIBlockCipherPadding in '..\..\CryptoLib\src\Interfaces\ClpIBlockCipherPadding.pas',
-  ClpParametersWithIV in '..\..\CryptoLib\src\Crypto\Parameters\ClpParametersWithIV.pas',
-  ClpIParametersWithIV in '..\..\CryptoLib\src\Interfaces\ClpIParametersWithIV.pas',
-  ClpKeyParameter in '..\..\CryptoLib\src\Crypto\Parameters\ClpKeyParameter.pas',
-  ClpIKeyParameter in '..\..\CryptoLib\src\Interfaces\ClpIKeyParameter.pas',
-  ClpBufferedCipherBase in '..\..\CryptoLib\src\Crypto\ClpBufferedCipherBase.pas',
-  ClpIBufferedCipherBase in '..\..\CryptoLib\src\Interfaces\ClpIBufferedCipherBase.pas',
-  ClpBufferedBlockCipher in '..\..\CryptoLib\src\Crypto\ClpBufferedBlockCipher.pas',
-  ClpIBufferedBlockCipher in '..\..\CryptoLib\src\Interfaces\ClpIBufferedBlockCipher.pas',
-  ClpCheck in '..\..\CryptoLib\src\Utils\ClpCheck.pas',
-  ClpPaddedBufferedBlockCipher in '..\..\CryptoLib\src\Crypto\Paddings\ClpPaddedBufferedBlockCipher.pas',
-  ClpIPaddedBufferedBlockCipher in '..\..\CryptoLib\src\Interfaces\ClpIPaddedBufferedBlockCipher.pas',
-  ClpGeneratorUtilities in '..\..\CryptoLib\src\Security\ClpGeneratorUtilities.pas',
-  ClpParameterUtilities in '..\..\CryptoLib\src\Security\ClpParameterUtilities.pas',
-  ClpAesEngine in '..\..\CryptoLib\src\Crypto\Engines\ClpAesEngine.pas',
-  ClpIAesEngine in '..\..\CryptoLib\src\Interfaces\ClpIAesEngine.pas',
-  ClpECDHBasicAgreement in '..\..\CryptoLib\src\Crypto\Agreement\ClpECDHBasicAgreement.pas',
-  ClpIBasicAgreement in '..\..\CryptoLib\src\Interfaces\ClpIBasicAgreement.pas',
-  ClpIECDHBasicAgreement in '..\..\CryptoLib\src\Interfaces\ClpIECDHBasicAgreement.pas',
-  ClpIESParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpIESParameters.pas',
-  ClpIIESParameters in '..\..\CryptoLib\src\Interfaces\ClpIIESParameters.pas',
-  ClpIESWithCipherParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpIESWithCipherParameters.pas',
-  ClpIIESWithCipherParameters in '..\..\CryptoLib\src\Interfaces\ClpIIESWithCipherParameters.pas',
-  ClpIDerivationParameters in '..\..\CryptoLib\src\Interfaces\ClpIDerivationParameters.pas',
-  ClpIDerivationFunction in '..\..\CryptoLib\src\Interfaces\ClpIDerivationFunction.pas',
-  ClpKdfParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpKdfParameters.pas',
-  ClpIKdfParameters in '..\..\CryptoLib\src\Interfaces\ClpIKdfParameters.pas',
-  ClpIso18033KdfParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpIso18033KdfParameters.pas',
-  ClpIIso18033KdfParameters in '..\..\CryptoLib\src\Interfaces\ClpIIso18033KdfParameters.pas',
-  ClpBaseKdfBytesGenerator in '..\..\CryptoLib\src\Crypto\Generators\ClpBaseKdfBytesGenerator.pas',
-  ClpIBaseKdfBytesGenerator in '..\..\CryptoLib\src\Interfaces\ClpIBaseKdfBytesGenerator.pas',
-  ClpKdf2BytesGenerator in '..\..\CryptoLib\src\Crypto\Generators\ClpKdf2BytesGenerator.pas',
-  ClpIKdf2BytesGenerator in '..\..\CryptoLib\src\Interfaces\ClpIKdf2BytesGenerator.pas',
-  ClpIKeyParser in '..\..\CryptoLib\src\Interfaces\ClpIKeyParser.pas',
-  ClpEphemeralKeyPair in '..\..\CryptoLib\src\Crypto\ClpEphemeralKeyPair.pas',
-  ClpIEphemeralKeyPair in '..\..\CryptoLib\src\Interfaces\ClpIEphemeralKeyPair.pas',
-  ClpEphemeralKeyPairGenerator in '..\..\CryptoLib\src\Crypto\Generators\ClpEphemeralKeyPairGenerator.pas',
-  ClpIEphemeralKeyPairGenerator in '..\..\CryptoLib\src\Interfaces\ClpIEphemeralKeyPairGenerator.pas',
-  ClpKeyEncoder in '..\..\CryptoLib\src\Crypto\ClpKeyEncoder.pas',
-  ClpIKeyEncoder in '..\..\CryptoLib\src\Interfaces\ClpIKeyEncoder.pas',
-  ClpIESCipher in '..\..\CryptoLib\src\Crypto\ClpIESCipher.pas',
-  ClpIIESCipher in '..\..\CryptoLib\src\Interfaces\ClpIIESCipher.pas',
-  ClpECIESPublicKeyParser in '..\..\CryptoLib\src\Crypto\Parsers\ClpECIESPublicKeyParser.pas',
-  ClpIECIESPublicKeyParser in '..\..\CryptoLib\src\Interfaces\ClpIECIESPublicKeyParser.pas',
-  ClpIESEngine in '..\..\CryptoLib\src\Crypto\Engines\ClpIESEngine.pas',
-  ClpIIESEngine in '..\..\CryptoLib\src\Interfaces\ClpIIESEngine.pas',
-  ClpPascalCoinIESEngine in '..\..\CryptoLib\src\Crypto\Engines\ClpPascalCoinIESEngine.pas',
-  ClpIPascalCoinIESEngine in '..\..\CryptoLib\src\Interfaces\ClpIPascalCoinIESEngine.pas',
-  ClpPascalCoinECIESKdfBytesGenerator in '..\..\CryptoLib\src\Crypto\Generators\ClpPascalCoinECIESKdfBytesGenerator.pas',
-  ClpIPascalCoinECIESKdfBytesGenerator in '..\..\CryptoLib\src\Interfaces\ClpIPascalCoinECIESKdfBytesGenerator.pas',
-  ClpIDigest in '..\..\CryptoLib\src\Interfaces\ClpIDigest.pas',
-  ClpIMac in '..\..\CryptoLib\src\Interfaces\ClpIMac.pas',
-  ClpStringUtils in '..\..\CryptoLib\src\Utils\ClpStringUtils.pas',
-  ClpCipherKeyGenerator in '..\..\CryptoLib\src\Crypto\Generators\ClpCipherKeyGenerator.pas',
-  ClpICipherKeyGenerator in '..\..\CryptoLib\src\Interfaces\ClpICipherKeyGenerator.pas',
-  ClpHMac in '..\..\CryptoLib\src\Crypto\Macs\ClpHMac.pas',
-  ClpIHMac in '..\..\CryptoLib\src\Interfaces\ClpIHMac.pas',
-  ClpMacUtilities in '..\..\CryptoLib\src\Security\ClpMacUtilities.pas',
-  ClpIanaObjectIdentifiers in '..\..\CryptoLib\src\Asn1\Iana\ClpIanaObjectIdentifiers.pas',
-  ClpMiscObjectIdentifiers in '..\..\CryptoLib\src\Asn1\Misc\ClpMiscObjectIdentifiers.pas',
-  ClpPbeParametersGenerator in '..\..\CryptoLib\src\Crypto\Generators\ClpPbeParametersGenerator.pas',
-  ClpIPbeParametersGenerator in '..\..\CryptoLib\src\Interfaces\ClpIPbeParametersGenerator.pas',
-  ClpPkcs5S2ParametersGenerator in '..\..\CryptoLib\src\Crypto\Generators\ClpPkcs5S2ParametersGenerator.pas',
-  ClpIPkcs5S2ParametersGenerator in '..\..\CryptoLib\src\Interfaces\ClpIPkcs5S2ParametersGenerator.pas',
-  ClpECNRSigner in '..\..\CryptoLib\src\Crypto\Signers\ClpECNRSigner.pas',
-  ClpIECNRSigner in '..\..\CryptoLib\src\Interfaces\ClpIECNRSigner.pas',
-  ClpDsaValidationParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpDsaValidationParameters.pas',
-  ClpIDsaValidationParameters in '..\..\CryptoLib\src\Interfaces\ClpIDsaValidationParameters.pas',
-  ClpDsaParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpDsaParameters.pas',
-  ClpIDsaParameters in '..\..\CryptoLib\src\Interfaces\ClpIDsaParameters.pas',
-  ClpDsaPublicKeyParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpDsaPublicKeyParameters.pas',
-  ClpIDsaPublicKeyParameters in '..\..\CryptoLib\src\Interfaces\ClpIDsaPublicKeyParameters.pas',
-  ClpDsaKeyParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpDsaKeyParameters.pas',
-  ClpIDsaKeyParameters in '..\..\CryptoLib\src\Interfaces\ClpIDsaKeyParameters.pas',
-  ClpDsaKeyGenerationParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpDsaKeyGenerationParameters.pas',
-  ClpIDsaKeyGenerationParameters in '..\..\CryptoLib\src\Interfaces\ClpIDsaKeyGenerationParameters.pas',
-  ClpDsaPrivateKeyParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpDsaPrivateKeyParameters.pas',
-  ClpIDsaPrivateKeyParameters in '..\..\CryptoLib\src\Interfaces\ClpIDsaPrivateKeyParameters.pas',
-  ClpDsaKeyPairGenerator in '..\..\CryptoLib\src\Crypto\Generators\ClpDsaKeyPairGenerator.pas',
-  ClpIDsaKeyPairGenerator in '..\..\CryptoLib\src\Interfaces\ClpIDsaKeyPairGenerator.pas',
-  ClpDsaSigner in '..\..\CryptoLib\src\Crypto\Signers\ClpDsaSigner.pas',
-  ClpEncoders in '..\..\CryptoLib\src\Utils\Encoders\ClpEncoders.pas',
-  ClpIDsaSigner in '..\..\CryptoLib\src\Interfaces\ClpIDsaSigner.pas',
-  ClpDigest in '..\..\CryptoLib\src\Crypto\Digests\ClpDigest.pas',
-  ClpECDHCBasicAgreement in '..\..\CryptoLib\src\Crypto\Agreement\ClpECDHCBasicAgreement.pas',
-  ClpIECDHCBasicAgreement in '..\..\CryptoLib\src\Interfaces\ClpIECDHCBasicAgreement.pas',
-  ClpHMacDsaKCalculator in '..\..\CryptoLib\src\Crypto\Signers\ClpHMacDsaKCalculator.pas',
-  ClpIHMacDsaKCalculator in '..\..\CryptoLib\src\Interfaces\ClpIHMacDsaKCalculator.pas',
-  ClpHkdfBytesGenerator in '..\..\CryptoLib\src\Crypto\Generators\ClpHkdfBytesGenerator.pas',
-  ClpIHkdfBytesGenerator in '..\..\CryptoLib\src\Interfaces\ClpIHkdfBytesGenerator.pas',
-  ClpHkdfParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpHkdfParameters.pas',
-  ClpIHkdfParameters in '..\..\CryptoLib\src\Interfaces\ClpIHkdfParameters.pas',
-  ClpDsaParameterGenerationParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpDsaParameterGenerationParameters.pas',
-  ClpIDsaParameterGenerationParameters in '..\..\CryptoLib\src\Interfaces\ClpIDsaParameterGenerationParameters.pas',
-  ClpValidityPreCompInfo in '..\..\CryptoLib\src\Math\EC\Multiplier\ClpValidityPreCompInfo.pas',
-  ClpIValidityPreCompInfo in '..\..\CryptoLib\src\Interfaces\ClpIValidityPreCompInfo.pas',
-  ClpDsaParametersGenerator in '..\..\CryptoLib\src\Crypto\Generators\ClpDsaParametersGenerator.pas',
-  ClpIDsaParametersGenerator in '..\..\CryptoLib\src\Interfaces\ClpIDsaParametersGenerator.pas',
-  ClpDsaParameter in '..\..\CryptoLib\src\Asn1\X509\ClpDsaParameter.pas',
-  ClpIDsaParameter in '..\..\CryptoLib\src\Interfaces\ClpIDsaParameter.pas',
-  ClpIPreCompCallBack in '..\..\CryptoLib\src\Interfaces\ClpIPreCompCallBack.pas',
-  ClpNistNamedCurves in '..\..\CryptoLib\src\Asn1\Nist\ClpNistNamedCurves.pas',
-  ClpNat320 in '..\..\CryptoLib\src\Math\Raw\ClpNat320.pas',
-  ClpNat256 in '..\..\CryptoLib\src\Math\Raw\ClpNat256.pas',
-  ClpAesLightEngine in '..\..\CryptoLib\src\Crypto\Engines\ClpAesLightEngine.pas',
-  ClpIAesLightEngine in '..\..\CryptoLib\src\Interfaces\ClpIAesLightEngine.pas',
-  ClpCustomNamedCurves in '..\..\CryptoLib\src\Crypto\EC\ClpCustomNamedCurves.pas',
-  ClpNat384 in '..\..\CryptoLib\src\Math\Raw\ClpNat384.pas',
-  ClpNat192 in '..\..\CryptoLib\src\Math\Raw\ClpNat192.pas',
-  ClpNat512 in '..\..\CryptoLib\src\Math\Raw\ClpNat512.pas',
-  ClpInterleave in '..\..\CryptoLib\src\Math\Raw\ClpInterleave.pas',
-  ClpIDsaExt in '..\..\CryptoLib\src\Interfaces\ClpIDsaExt.pas',
-  ClpISignersEncodings in '..\..\CryptoLib\src\Interfaces\ClpISignersEncodings.pas',
-  ClpBsiObjectIdentifiers in '..\..\CryptoLib\src\Asn1\Bsi\ClpBsiObjectIdentifiers.pas',
-  ClpEacObjectIdentifiers in '..\..\CryptoLib\src\Asn1\Eac\ClpEacObjectIdentifiers.pas',
-  ClpSchnorrDigestSigner in '..\..\CryptoLib\src\Crypto\Signers\ClpSchnorrDigestSigner.pas',
-  ClpISchnorrDigestSigner in '..\..\CryptoLib\src\Interfaces\ClpISchnorrDigestSigner.pas',
-  ClpISchnorr in '..\..\CryptoLib\src\Interfaces\ClpISchnorr.pas',
-  ClpECSchnorrSipaSigner in '..\..\CryptoLib\src\Crypto\Signers\ClpECSchnorrSipaSigner.pas',
-  ClpIECSchnorrSipaSigner in '..\..\CryptoLib\src\Interfaces\ClpIECSchnorrSipaSigner.pas',
-  ClpISchnorrExt in '..\..\CryptoLib\src\Interfaces\ClpISchnorrExt.pas',
-  ClpBlowfishEngine in '..\..\CryptoLib\src\Crypto\Engines\ClpBlowfishEngine.pas',
-  ClpIBlowfishEngine in '..\..\CryptoLib\src\Interfaces\ClpIBlowfishEngine.pas',
-  ClpSpeckEngine in '..\..\CryptoLib\src\Crypto\Engines\ClpSpeckEngine.pas',
-  ClpISpeckEngine in '..\..\CryptoLib\src\Interfaces\ClpISpeckEngine.pas',
-  ClpSecP256R1Custom in '..\..\CryptoLib\src\Math\EC\Custom\Sec\ClpSecP256R1Custom.pas',
-  ClpISecP256R1Custom in '..\..\CryptoLib\src\Interfaces\ClpISecP256R1Custom.pas',
-  ClpSecP256K1Custom in '..\..\CryptoLib\src\Math\EC\Custom\Sec\ClpSecP256K1Custom.pas',
-  ClpISecP256K1Custom in '..\..\CryptoLib\src\Interfaces\ClpISecP256K1Custom.pas',
-  ClpSecP384R1Custom in '..\..\CryptoLib\src\Math\EC\Custom\Sec\ClpSecP384R1Custom.pas',
-  ClpSecP521R1Custom in '..\..\CryptoLib\src\Math\EC\Custom\Sec\ClpSecP521R1Custom.pas',
-  ClpISecP521R1Custom in '..\..\CryptoLib\src\Interfaces\ClpISecP521R1Custom.pas',
-  ClpSecT283Custom in '..\..\CryptoLib\src\Math\EC\Custom\Sec\ClpSecT283Custom.pas',
-  ClpISecT283Custom in '..\..\CryptoLib\src\Interfaces\ClpISecT283Custom.pas',
-  ClpISecP384R1Custom in '..\..\CryptoLib\src\Interfaces\ClpISecP384R1Custom.pas',
-  ClpBlockCipherModes in '..\..\CryptoLib\src\Crypto\Modes\ClpBlockCipherModes.pas',
-  ClpIBlockCipherModes in '..\..\CryptoLib\src\Interfaces\ClpIBlockCipherModes.pas',
-  ClpPaddingModes in '..\..\CryptoLib\src\Crypto\Paddings\ClpPaddingModes.pas',
-  ClpIPaddingModes in '..\..\CryptoLib\src\Interfaces\ClpIPaddingModes.pas',
-  ClpECC in '..\..\CryptoLib\src\Math\EC\ClpECC.pas',
-  ClpX9ECC in '..\..\CryptoLib\src\Asn1\X9\ClpX9ECC.pas',
-  ClpIX9ECC in '..\..\CryptoLib\src\Interfaces\ClpIX9ECC.pas',
-  ClpECCurveConstants in '..\..\CryptoLib\src\Math\EC\ClpECCurveConstants.pas',
-  ClpAsn1Objects in '..\..\CryptoLib\src\Asn1\ClpAsn1Objects.pas',
-  ClpSignersEncodings in '..\..\CryptoLib\src\Crypto\Signers\SignersEncodings\ClpSignersEncodings.pas',
-  ClpIStreamCipher in '..\..\CryptoLib\src\Interfaces\ClpIStreamCipher.pas',
-  ClpBufferedStreamCipher in '..\..\CryptoLib\src\Crypto\ClpBufferedStreamCipher.pas',
-  ClpIBufferedStreamCipher in '..\..\CryptoLib\src\Interfaces\ClpIBufferedStreamCipher.pas',
-  ClpSalsa20Engine in '..\..\CryptoLib\src\Crypto\Engines\ClpSalsa20Engine.pas',
-  ClpISalsa20Engine in '..\..\CryptoLib\src\Interfaces\ClpISalsa20Engine.pas',
-  ClpIXSalsa20Engine in '..\..\CryptoLib\src\Interfaces\ClpIXSalsa20Engine.pas',
-  ClpXSalsa20Engine in '..\..\CryptoLib\src\Crypto\Engines\ClpXSalsa20Engine.pas',
-  ClpIChaChaEngine in '..\..\CryptoLib\src\Interfaces\ClpIChaChaEngine.pas',
-  ClpChaChaEngine in '..\..\CryptoLib\src\Crypto\Engines\ClpChaChaEngine.pas',
-  ClpRijndaelEngine in '..\..\CryptoLib\src\Crypto\Engines\ClpRijndaelEngine.pas',
-  ClpIRijndaelEngine in '..\..\CryptoLib\src\Interfaces\ClpIRijndaelEngine.pas',
-  ClpIAlgorithmParameterSpec in '..\..\CryptoLib\src\Interfaces\ClpIAlgorithmParameterSpec.pas',
-  ClpIIESParameterSpec in '..\..\CryptoLib\src\Interfaces\ClpIIESParameterSpec.pas',
-  ClpIESParameterSpec in '..\..\CryptoLib\src\Crypto\Parameters\ClpIESParameterSpec.pas',
-  ClpCurve25519Custom in '..\..\CryptoLib\src\Math\EC\Custom\Djb\ClpCurve25519Custom.pas',
-  ClpICurve25519Custom in '..\..\CryptoLib\src\Interfaces\ClpICurve25519Custom.pas',
-  ClpX25519Field in '..\..\CryptoLib\src\Math\EC\Rfc7748\ClpX25519Field.pas',
-  ClpEd25519 in '..\..\CryptoLib\src\Math\EC\Rfc8032\ClpEd25519.pas',
-  ClpIEd25519 in '..\..\CryptoLib\src\Interfaces\ClpIEd25519.pas',
-  ClpSpeckLegacyEngine in '..\..\CryptoLib\src\Crypto\Engines\ClpSpeckLegacyEngine.pas',
-  ClpISpeckLegacyEngine in '..\..\CryptoLib\src\Interfaces\ClpISpeckLegacyEngine.pas',
-  ClpX25519 in '..\..\CryptoLib\src\Math\EC\Rfc7748\ClpX25519.pas',
-  ClpEdECObjectIdentifiers in '..\..\CryptoLib\src\Asn1\Edec\ClpEdECObjectIdentifiers.pas',
-  ClpIRawAgreement in '..\..\CryptoLib\src\Interfaces\ClpIRawAgreement.pas',
-  ClpX25519Agreement in '..\..\CryptoLib\src\Crypto\Agreement\ClpX25519Agreement.pas',
-  ClpIX25519Agreement in '..\..\CryptoLib\src\Interfaces\ClpIX25519Agreement.pas',
-  ClpX25519PrivateKeyParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpX25519PrivateKeyParameters.pas',
-  ClpIX25519PrivateKeyParameters in '..\..\CryptoLib\src\Interfaces\ClpIX25519PrivateKeyParameters.pas',
-  ClpIX25519PublicKeyParameters in '..\..\CryptoLib\src\Interfaces\ClpIX25519PublicKeyParameters.pas',
-  ClpX25519PublicKeyParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpX25519PublicKeyParameters.pas',
-  ClpIEd25519PrivateKeyParameters in '..\..\CryptoLib\src\Interfaces\ClpIEd25519PrivateKeyParameters.pas',
-  ClpIEd25519PublicKeyParameters in '..\..\CryptoLib\src\Interfaces\ClpIEd25519PublicKeyParameters.pas',
-  ClpEd25519PrivateKeyParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpEd25519PrivateKeyParameters.pas',
-  ClpEd25519PublicKeyParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpEd25519PublicKeyParameters.pas',
-  ClpX25519KeyPairGenerator in '..\..\CryptoLib\src\Crypto\Generators\ClpX25519KeyPairGenerator.pas',
-  ClpIX25519KeyPairGenerator in '..\..\CryptoLib\src\Interfaces\ClpIX25519KeyPairGenerator.pas',
-  ClpIEd25519KeyPairGenerator in '..\..\CryptoLib\src\Interfaces\ClpIEd25519KeyPairGenerator.pas',
-  ClpEd25519KeyPairGenerator in '..\..\CryptoLib\src\Crypto\Generators\ClpEd25519KeyPairGenerator.pas',
-  ClpX25519KeyGenerationParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpX25519KeyGenerationParameters.pas',
-  ClpIX25519KeyGenerationParameters in '..\..\CryptoLib\src\Interfaces\ClpIX25519KeyGenerationParameters.pas',
-  ClpIEd25519KeyGenerationParameters in '..\..\CryptoLib\src\Interfaces\ClpIEd25519KeyGenerationParameters.pas',
-  ClpEd25519KeyGenerationParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpEd25519KeyGenerationParameters.pas',
-  ClpIEd25519Signer in '..\..\CryptoLib\src\Interfaces\ClpIEd25519Signer.pas',
-  ClpEd25519Signer in '..\..\CryptoLib\src\Crypto\Signers\ClpEd25519Signer.pas',
-  ClpEd25519CtxSigner in '..\..\CryptoLib\src\Crypto\Signers\ClpEd25519CtxSigner.pas',
-  ClpIEd25519CtxSigner in '..\..\CryptoLib\src\Interfaces\ClpIEd25519CtxSigner.pas',
-  ClpIEd25519PhSigner in '..\..\CryptoLib\src\Interfaces\ClpIEd25519PhSigner.pas',
-  ClpEd25519PhSigner in '..\..\CryptoLib\src\Crypto\Signers\ClpEd25519PhSigner.pas',
-  ClpTeleTrusTNamedCurves in '..\..\CryptoLib\src\Asn1\TeleTrust\ClpTeleTrusTNamedCurves.pas',
-  ClpAgreementUtilities in '..\..\CryptoLib\src\Security\ClpAgreementUtilities.pas',
-  ClpKdf1BytesGenerator in '..\..\CryptoLib\src\Crypto\Generators\ClpKdf1BytesGenerator.pas',
-  ClpIKdf1BytesGenerator in '..\..\CryptoLib\src\Interfaces\ClpIKdf1BytesGenerator.pas',
-  ClpIArgon2ParametersGenerator in '..\..\CryptoLib\src\Interfaces\ClpIArgon2ParametersGenerator.pas',
-  ClpArgon2ParametersGenerator in '..\..\CryptoLib\src\Crypto\Generators\ClpArgon2ParametersGenerator.pas',
-  ClpScryptParametersGenerator in '..\..\CryptoLib\src\Crypto\Generators\ClpScryptParametersGenerator.pas',
-  ClpIScryptParametersGenerator in '..\..\CryptoLib\src\Interfaces\ClpIScryptParametersGenerator.pas',
-  ClpDHParametersHelper in '..\..\CryptoLib\src\Crypto\Generators\ClpDHParametersHelper.pas',
-  ClpDHValidationParams in '..\..\CryptoLib\src\Asn1\X9\ClpDHValidationParams.pas',
-  ClpIDHValidationParams in '..\..\CryptoLib\src\Interfaces\ClpIDHValidationParams.pas',
-  ClpDHDomainParameters in '..\..\CryptoLib\src\Asn1\X9\ClpDHDomainParameters.pas',
-  ClpIDHDomainParameters in '..\..\CryptoLib\src\Interfaces\ClpIDHDomainParameters.pas',
-  ClpDHParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpDHParameters.pas',
-  ClpIDHParameters in '..\..\CryptoLib\src\Interfaces\ClpIDHParameters.pas',
-  ClpDHValidationParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpDHValidationParameters.pas',
-  ClpIDHValidationParameters in '..\..\CryptoLib\src\Interfaces\ClpIDHValidationParameters.pas',
-  ClpDHKeyParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpDHKeyParameters.pas',
-  ClpIDHKeyParameters in '..\..\CryptoLib\src\Interfaces\ClpIDHKeyParameters.pas',
-  ClpDHKeyGeneratorHelper in '..\..\CryptoLib\src\Crypto\Generators\ClpDHKeyGeneratorHelper.pas',
-  ClpIDHKeyGeneratorHelper in '..\..\CryptoLib\src\Interfaces\ClpIDHKeyGeneratorHelper.pas',
-  ClpDHKeyGenerationParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpDHKeyGenerationParameters.pas',
-  ClpIDHKeyGenerationParameters in '..\..\CryptoLib\src\Interfaces\ClpIDHKeyGenerationParameters.pas',
-  ClpDHParametersGenerator in '..\..\CryptoLib\src\Crypto\Generators\ClpDHParametersGenerator.pas',
-  ClpIDHParametersGenerator in '..\..\CryptoLib\src\Interfaces\ClpIDHParametersGenerator.pas',
-  ClpDHPublicKeyParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpDHPublicKeyParameters.pas',
-  ClpIDHPublicKeyParameters in '..\..\CryptoLib\src\Interfaces\ClpIDHPublicKeyParameters.pas',
-  ClpDHPrivateKeyParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpDHPrivateKeyParameters.pas',
-  ClpIDHPrivateKeyParameters in '..\..\CryptoLib\src\Interfaces\ClpIDHPrivateKeyParameters.pas',
-  ClpDHKeyPairGenerator in '..\..\CryptoLib\src\Crypto\Generators\ClpDHKeyPairGenerator.pas',
-  ClpIDHKeyPairGenerator in '..\..\CryptoLib\src\Interfaces\ClpIDHKeyPairGenerator.pas',
-  ClpIDHBasicKeyPairGenerator in '..\..\CryptoLib\src\Interfaces\ClpIDHBasicKeyPairGenerator.pas',
-  ClpDHBasicKeyPairGenerator in '..\..\CryptoLib\src\Crypto\Generators\ClpDHBasicKeyPairGenerator.pas',
-  ClpIDHBasicAgreement in '..\..\CryptoLib\src\Interfaces\ClpIDHBasicAgreement.pas',
-  ClpDHBasicAgreement in '..\..\CryptoLib\src\Crypto\Agreement\ClpDHBasicAgreement.pas',
-  ClpIDHAgreement in '..\..\CryptoLib\src\Interfaces\ClpIDHAgreement.pas',
-  ClpDHAgreement in '..\..\CryptoLib\src\Crypto\Agreement\ClpDHAgreement.pas',
-  ClpAESPRNGRandom in '..\..\CryptoLib\src\Utils\Randoms\ClpAESPRNGRandom.pas',
-  ClpCryptLibObjectIdentifiers in '..\..\CryptoLib\src\Asn1\CryptLib\ClpCryptLibObjectIdentifiers.pas',
-  ClpEndoPreCompInfo in '..\..\CryptoLib\src\Math\EC\Endo\ClpEndoPreCompInfo.pas',
-  ClpIEndoPreCompInfo in '..\..\CryptoLib\src\Interfaces\ClpIEndoPreCompInfo.pas',
-  ClpScalarSplitParameters in '..\..\CryptoLib\src\Math\EC\Endo\ClpScalarSplitParameters.pas',
-  ClpIScalarSplitParameters in '..\..\CryptoLib\src\Interfaces\ClpIScalarSplitParameters.pas',
-  ClpScaleXNegateYPointMap in '..\..\CryptoLib\src\Math\EC\ClpScaleXNegateYPointMap.pas',
-  ClpIScaleXNegateYPointMap in '..\..\CryptoLib\src\Interfaces\ClpIScaleXNegateYPointMap.pas',
-  ClpIScaleYNegateXPointMap in '..\..\CryptoLib\src\Interfaces\ClpIScaleYNegateXPointMap.pas',
-  ClpScaleYNegateXPointMap in '..\..\CryptoLib\src\Math\EC\ClpScaleYNegateXPointMap.pas',
-  ClpGlvTypeAEndomorphism in '..\..\CryptoLib\src\Math\EC\Endo\ClpGlvTypeAEndomorphism.pas',
-  ClpIGlvTypeAEndomorphism in '..\..\CryptoLib\src\Interfaces\ClpIGlvTypeAEndomorphism.pas',
-  ClpIGlvTypeAParameters in '..\..\CryptoLib\src\Interfaces\ClpIGlvTypeAParameters.pas',
-  ClpGlvTypeAParameters in '..\..\CryptoLib\src\Math\EC\Endo\ClpGlvTypeAParameters.pas',
-  ClpMultipliers in '..\..\CryptoLib\src\Math\EC\Multiplier\ClpMultipliers.pas',
-  ClpIMultipliers in '..\..\CryptoLib\src\Interfaces\ClpIMultipliers.pas',
-  ClpECCompUtilities in '..\..\CryptoLib\src\Math\EC\ClpECCompUtilities.pas',
-  ClpIKMac in '..\..\CryptoLib\src\Interfaces\ClpIKMac.pas',
-  ClpKMac in '..\..\CryptoLib\src\Crypto\Macs\ClpKMac.pas',
-  ClpFixedSecureRandom in '..\src\Utils\ClpFixedSecureRandom.pas',
-  ClpIFixedSecureRandom in '..\src\Utils\ClpIFixedSecureRandom.pas',
-  ClpIShortenedDigest in '..\src\Utils\ClpIShortenedDigest.pas',
-  ClpShortenedDigest in '..\src\Utils\ClpShortenedDigest.pas',
-  BlowfishTestVectors in '..\src\Crypto\BlowfishTestVectors.pas',
-  BlockCipherVectorTests in '..\src\Crypto\BlockCipherVectorTests.pas',
-  AESTestVectors in '..\src\Crypto\AESTestVectors.pas',
-  SpeckTestVectors in '..\src\Crypto\SpeckTestVectors.pas',
-  RijndaelTestVectors in '..\src\Crypto\RijndaelTestVectors.pas',
-  OIDTests in '..\src\Asn1\OIDTests.pas',
-  SecureRandomTests in '..\src\Security\SecureRandomTests.pas',
-  EqualsAndHashCodeTests in '..\src\Asn1\EqualsAndHashCodeTests.pas',
-  BigIntegerTests in '..\src\Math\BigIntegerTests.pas',
-  ECAlgorithmsTests in '..\src\Math\ECAlgorithmsTests.pas',
-  ECPointTests in '..\src\Math\ECPointTests.pas',
-  ECDsa5Tests in '..\src\Others\ECDsa5Tests.pas',
-  NamedCurveTests in '..\src\Others\NamedCurveTests.pas',
-  SignerUtilitiesTests in '..\src\Others\SignerUtilitiesTests.pas',
-  DerApplicationSpecificTests in '..\src\Asn1\DerApplicationSpecificTests.pas',
-  SecP384R1FieldTests in '..\src\Math\EC\Custom\Sec\SecP384R1FieldTests.pas',
-  ECTests in '..\src\Others\ECTests.pas',
-  Asn1SequenceParserTests in '..\src\Asn1\Asn1SequenceParserTests.pas',
-  ECSchnorrTests in '..\src\Others\ECSchnorrTests.pas',
-  DigestRandomNumberTests in '..\src\Crypto\DigestRandomNumberTests.pas',
-  FixedPointTests in '..\src\Math\EC\FixedPointTests.pas',
-  AESTests in '..\src\Crypto\AESTests.pas',
-  IESCipherTests in '..\src\Math\IESCipherTests.pas',
-  AESSICTests in '..\src\Crypto\AESSICTests.pas',
-  SPECKTests in '..\src\Crypto\SPECKTests.pas',
-  Pkcs5Tests in '..\src\Crypto\Pkcs5Tests.pas',
-  HkdfGeneratorTests in '..\src\Crypto\HkdfGeneratorTests.pas',
-  ECIESTests in '..\src\Math\ECIESTests.pas',
-  ECNRTests in '..\src\Math\ECNRTests.pas',
-  PaddingTests in '..\src\Crypto\PaddingTests.pas',
-  DSATests in '..\src\Crypto\DSATests.pas',
-  DeterministicDsaTests in '..\src\Crypto\DeterministicDsaTests.pas',
-  BlockCipherMonteCarloTests in '..\src\Crypto\BlockCipherMonteCarloTests.pas',
-  HMacTests in '..\src\Crypto\HMacTests.pas',
-  MD5HMacTests in '..\src\Crypto\MD5HMacTests.pas',
-  SHA1HMacTests in '..\src\Crypto\SHA1HMacTests.pas',
-  SHA224HMacTests in '..\src\Crypto\SHA224HMacTests.pas',
-  SHA256HMacTests in '..\src\Crypto\SHA256HMacTests.pas',
-  SHA384HMacTests in '..\src\Crypto\SHA384HMacTests.pas',
-  SHA512HMacTests in '..\src\Crypto\SHA512HMacTests.pas',
-  RIPEMD128HMacTests in '..\src\Crypto\RIPEMD128HMacTests.pas',
-  RIPEMD160HMacTests in '..\src\Crypto\RIPEMD160HMacTests.pas',
-  SecP256R1FieldTests in '..\src\Math\EC\Custom\Sec\SecP256R1FieldTests.pas',
-  TagTests in '..\src\Asn1\TagTests.pas',
-  StringTests in '..\src\Asn1\StringTests.pas',
-  ParsingTests in '..\src\Asn1\ParsingTests.pas',
-  ParseTests in '..\src\Asn1\ParseTests.pas',
-  EnumeratedTests in '..\src\Asn1\EnumeratedTests.pas',
-  Salsa20Tests in '..\src\Crypto\Salsa20Tests.pas',
-  ChaChaTests in '..\src\Crypto\ChaChaTests.pas',
-  XSalsa20Tests in '..\src\Crypto\XSalsa20Tests.pas',
-  StreamCipherResetTests in '..\src\Crypto\StreamCipherResetTests.pas',
-  CTSTests in '..\src\Crypto\CTSTests.pas',
-  PascalCoinECIESTests in '..\src\Math\PascalCoinECIESTests.pas',
-  X25519Tests in '..\src\Math\EC\Rfc7748\X25519Tests.pas',
-  Ed25519Tests in '..\src\Math\EC\Rfc8032\Ed25519Tests.pas',
-  X25519HigherLevelTests in '..\src\Others\X25519HigherLevelTests.pas',
-  Ed25519HigherLevelTests in '..\src\Others\Ed25519HigherLevelTests.pas',
-  ShortenedDigestTests in '..\src\Others\ShortenedDigestTests.pas',
-  Kdf1GeneratorTests in '..\src\Crypto\Kdf1GeneratorTests.pas',
-  Kdf2GeneratorTests in '..\src\Crypto\Kdf2GeneratorTests.pas',
-  Argon2Tests in '..\src\Crypto\Argon2Tests.pas',
-  DigestUtilitiesTests in '..\src\Security\DigestUtilitiesTests.pas',
-  DigestTests in '..\src\Others\DigestTests.pas',
-  ScryptTests in '..\src\Crypto\ScryptTests.pas',
-  DHTests in '..\src\Crypto\DHTests.pas',
-  Asn1IntegerTests in '..\src\Asn1\Asn1IntegerTests.pas',
-  KMacTests in '..\src\Crypto\KMacTests.pas',
-  CryptoLibTestBase in '..\src\CryptoLibTestBase.pas';
-
-begin
-
-  TestInsight.DUnit.RunRegisteredTests;
-
-end.

CryptoLib.Tests/Delphi.Tests/CryptoLib.Tests.dpr

@@ -11,20 +11,22 @@ program CryptoLib.Tests;
 }
 
 {$WARN DUPLICATE_CTOR_DTOR OFF}
-{$IFDEF CONSOLE_TESTRUNNER}
-{$APPTYPE CONSOLE}
+
+{$IFNDEF TESTINSIGHT}
+  {$IFDEF CONSOLE_TESTRUNNER}
+    {$APPTYPE CONSOLE}
+  {$ENDIF}
 {$ENDIF}
 
 uses
-  madExcept,
-  madLinkDisAsm,
-  madListHardware,
-  madListProcesses,
-  madListModules,
-  Forms,
-  TestFramework,
-  GUITestRunner,
-  TextTestRunner,
+{$IFDEF TESTINSIGHT}
+   TestInsight.DUnit,
+{$ELSE}
+   Forms,
+   TestFramework,
+   GUITestRunner,
+   TextTestRunner,
+{$ENDIF}
   ClpECGost3410NamedCurves in '..\..\CryptoLib\src\Asn1\CryptoPro\ClpECGost3410NamedCurves.pas',
   ClpCryptoProObjectIdentifiers in '..\..\CryptoLib\src\Asn1\CryptoPro\ClpCryptoProObjectIdentifiers.pas',
   ClpNistObjectIdentifiers in '..\..\CryptoLib\src\Asn1\Nist\ClpNistObjectIdentifiers.pas',
@@ -387,6 +389,49 @@ uses
   ClpIFixedSecureRandom in '..\src\Utils\ClpIFixedSecureRandom.pas',
   ClpIShortenedDigest in '..\src\Utils\ClpIShortenedDigest.pas',
   ClpShortenedDigest in '..\src\Utils\ClpShortenedDigest.pas',
+  ClpIRsa in '..\..\CryptoLib\src\Interfaces\ClpIRsa.pas',
+  ClpIRsaKeyParameters in '..\..\CryptoLib\src\Interfaces\ClpIRsaKeyParameters.pas',
+  ClpRsaKeyParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpRsaKeyParameters.pas',
+  ClpIRsaPrivateCrtKeyParameters in '..\..\CryptoLib\src\Interfaces\ClpIRsaPrivateCrtKeyParameters.pas',
+  ClpRsaPrivateCrtKeyParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpRsaPrivateCrtKeyParameters.pas',
+  ClpIRsaKeyGenerationParameters in '..\..\CryptoLib\src\Interfaces\ClpIRsaKeyGenerationParameters.pas',
+  ClpRsaKeyGenerationParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpRsaKeyGenerationParameters.pas',
+  ClpIAsymmetricBlockCipher in '..\..\CryptoLib\src\Interfaces\ClpIAsymmetricBlockCipher.pas',
+  ClpIRsaCoreEngine in '..\..\CryptoLib\src\Interfaces\ClpIRsaCoreEngine.pas',
+  ClpRsaCoreEngine in '..\..\CryptoLib\src\Crypto\Engines\ClpRsaCoreEngine.pas',
+  ClpIRsaBlindedEngine in '..\..\CryptoLib\src\Interfaces\ClpIRsaBlindedEngine.pas',
+  ClpRsaBlindedEngine in '..\..\CryptoLib\src\Crypto\Engines\ClpRsaBlindedEngine.pas',
+  ClpIRsaEngine in '..\..\CryptoLib\src\Interfaces\ClpIRsaEngine.pas',
+  ClpRsaEngine in '..\..\CryptoLib\src\Crypto\Engines\ClpRsaEngine.pas',
+  ClpIRsaKeyPairGenerator in '..\..\CryptoLib\src\Interfaces\ClpIRsaKeyPairGenerator.pas',
+  ClpRsaKeyPairGenerator in '..\..\CryptoLib\src\Crypto\Generators\ClpRsaKeyPairGenerator.pas',
+  ClpIPkcs1Encoding in '..\..\CryptoLib\src\Interfaces\ClpIPkcs1Encoding.pas',
+  ClpPkcs1Encoding in '..\..\CryptoLib\src\Crypto\Encodings\ClpPkcs1Encoding.pas',
+  ClpIOaepEncoding in '..\..\CryptoLib\src\Interfaces\ClpIOaepEncoding.pas',
+  ClpOaepEncoding in '..\..\CryptoLib\src\Crypto\Encodings\ClpOaepEncoding.pas',
+  ClpIISO9796d1Encoding in '..\..\CryptoLib\src\Interfaces\ClpIISO9796d1Encoding.pas',
+  ClpISO9796d1Encoding in '..\..\CryptoLib\src\Crypto\Encodings\ClpISO9796d1Encoding.pas',
+  ClpIRsaDigestSigner in '..\..\CryptoLib\src\Interfaces\ClpIRsaDigestSigner.pas',
+  ClpRsaDigestSigner in '..\..\CryptoLib\src\Crypto\Signers\ClpRsaDigestSigner.pas',
+  ClpIRsaBlindingParameters in '..\..\CryptoLib\src\Interfaces\ClpIRsaBlindingParameters.pas',
+  ClpRsaBlindingParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpRsaBlindingParameters.pas',
+  ClpIRsaBlindingFactorGenerator in '..\..\CryptoLib\src\Interfaces\ClpIRsaBlindingFactorGenerator.pas',
+  ClpRsaBlindingFactorGenerator in '..\..\CryptoLib\src\Crypto\Generators\ClpRsaBlindingFactorGenerator.pas',
+  ClpIAlgorithmIdentifier in '..\..\CryptoLib\src\Interfaces\ClpIAlgorithmIdentifier.pas',
+  ClpAlgorithmIdentifier in '..\..\CryptoLib\src\Asn1\X509\ClpAlgorithmIdentifier.pas',
+  ClpIDigestInfo in '..\..\CryptoLib\src\Interfaces\ClpIDigestInfo.pas',
+  ClpDigestInfo in '..\..\CryptoLib\src\Asn1\X509\ClpDigestInfo.pas',
+  ClpX509ObjectIdentifiers in '..\..\CryptoLib\src\Asn1\X509\ClpX509ObjectIdentifiers.pas',
+  ClpIRsaBlindingEngine in '..\..\CryptoLib\src\Interfaces\ClpIRsaBlindingEngine.pas',
+  ClpRsaBlindingEngine in '..\..\CryptoLib\src\Crypto\Engines\ClpRsaBlindingEngine.pas',
+  ClpIBufferedAsymmetricBlockCipher in '..\..\CryptoLib\src\Interfaces\ClpIBufferedAsymmetricBlockCipher.pas',
+  ClpBufferedAsymmetricBlockCipher in '..\..\CryptoLib\src\Crypto\ClpBufferedAsymmetricBlockCipher.pas',
+  ClpIPssSigner in '..\..\CryptoLib\src\Interfaces\ClpIPssSigner.pas',
+  ClpPssSigner in '..\..\CryptoLib\src\Crypto\Signers\ClpPssSigner.pas',
+  ClpIGenericSigner in '..\..\CryptoLib\src\Interfaces\ClpIGenericSigner.pas',
+  ClpGenericSigner in '..\..\CryptoLib\src\Crypto\Signers\ClpGenericSigner.pas',
+  ClpIPrehash in '..\..\CryptoLib\src\Interfaces\ClpIPrehash.pas',
+  ClpPrehash in '..\..\CryptoLib\src\Crypto\Digests\ClpPrehash.pas',
   BlowfishTestVectors in '..\src\Crypto\BlowfishTestVectors.pas',
   BlockCipherVectorTests in '..\src\Crypto\BlockCipherVectorTests.pas',
   AESTestVectors in '..\src\Crypto\AESTestVectors.pas',
@@ -455,57 +500,23 @@ uses
   DHTests in '..\src\Crypto\DHTests.pas',
   Asn1IntegerTests in '..\src\Asn1\Asn1IntegerTests.pas',
   KMacTests in '..\src\Crypto\KMacTests.pas',
-  { RSA Implementation }
-  ClpIRsa in '..\..\CryptoLib\src\Interfaces\ClpIRsa.pas',
-  ClpIRsaKeyParameters in '..\..\CryptoLib\src\Interfaces\ClpIRsaKeyParameters.pas',
-  ClpRsaKeyParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpRsaKeyParameters.pas',
-  ClpIRsaPrivateCrtKeyParameters in '..\..\CryptoLib\src\Interfaces\ClpIRsaPrivateCrtKeyParameters.pas',
-  ClpRsaPrivateCrtKeyParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpRsaPrivateCrtKeyParameters.pas',
-  ClpIRsaKeyGenerationParameters in '..\..\CryptoLib\src\Interfaces\ClpIRsaKeyGenerationParameters.pas',
-  ClpRsaKeyGenerationParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpRsaKeyGenerationParameters.pas',
-  ClpIAsymmetricBlockCipher in '..\..\CryptoLib\src\Interfaces\ClpIAsymmetricBlockCipher.pas',
-  ClpIRsaCoreEngine in '..\..\CryptoLib\src\Interfaces\ClpIRsaCoreEngine.pas',
-  ClpRsaCoreEngine in '..\..\CryptoLib\src\Crypto\Engines\ClpRsaCoreEngine.pas',
-  ClpIRsaBlindedEngine in '..\..\CryptoLib\src\Interfaces\ClpIRsaBlindedEngine.pas',
-  ClpRsaBlindedEngine in '..\..\CryptoLib\src\Crypto\Engines\ClpRsaBlindedEngine.pas',
-  ClpIRsaEngine in '..\..\CryptoLib\src\Interfaces\ClpIRsaEngine.pas',
-  ClpRsaEngine in '..\..\CryptoLib\src\Crypto\Engines\ClpRsaEngine.pas',
-  ClpIRsaKeyPairGenerator in '..\..\CryptoLib\src\Interfaces\ClpIRsaKeyPairGenerator.pas',
-  ClpRsaKeyPairGenerator in '..\..\CryptoLib\src\Crypto\Generators\ClpRsaKeyPairGenerator.pas',
-  ClpIPkcs1Encoding in '..\..\CryptoLib\src\Interfaces\ClpIPkcs1Encoding.pas',
-  ClpPkcs1Encoding in '..\..\CryptoLib\src\Crypto\Encodings\ClpPkcs1Encoding.pas',
-  ClpIOaepEncoding in '..\..\CryptoLib\src\Interfaces\ClpIOaepEncoding.pas',
-  ClpOaepEncoding in '..\..\CryptoLib\src\Crypto\Encodings\ClpOaepEncoding.pas',
-  ClpIISO9796d1Encoding in '..\..\CryptoLib\src\Interfaces\ClpIISO9796d1Encoding.pas',
-  ClpISO9796d1Encoding in '..\..\CryptoLib\src\Crypto\Encodings\ClpISO9796d1Encoding.pas',
-  ClpIRsaDigestSigner in '..\..\CryptoLib\src\Interfaces\ClpIRsaDigestSigner.pas',
-  ClpRsaDigestSigner in '..\..\CryptoLib\src\Crypto\Signers\ClpRsaDigestSigner.pas',
-  ClpIRsaBlindingParameters in '..\..\CryptoLib\src\Interfaces\ClpIRsaBlindingParameters.pas',
-  ClpRsaBlindingParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpRsaBlindingParameters.pas',
-  ClpIRsaBlindingFactorGenerator in '..\..\CryptoLib\src\Interfaces\ClpIRsaBlindingFactorGenerator.pas',
-  ClpRsaBlindingFactorGenerator in '..\..\CryptoLib\src\Crypto\Generators\ClpRsaBlindingFactorGenerator.pas',
-  ClpIAlgorithmIdentifier in '..\..\CryptoLib\src\Interfaces\ClpIAlgorithmIdentifier.pas',
-  ClpAlgorithmIdentifier in '..\..\CryptoLib\src\Asn1\X509\ClpAlgorithmIdentifier.pas',
-  ClpIDigestInfo in '..\..\CryptoLib\src\Interfaces\ClpIDigestInfo.pas',
-  ClpDigestInfo in '..\..\CryptoLib\src\Asn1\X509\ClpDigestInfo.pas',
-  ClpX509ObjectIdentifiers in '..\..\CryptoLib\src\Asn1\X509\ClpX509ObjectIdentifiers.pas',
-  ClpIRsaBlindingEngine in '..\..\CryptoLib\src\Interfaces\ClpIRsaBlindingEngine.pas',
-  ClpRsaBlindingEngine in '..\..\CryptoLib\src\Crypto\Engines\ClpRsaBlindingEngine.pas',
-  ClpIBufferedAsymmetricBlockCipher in '..\..\CryptoLib\src\Interfaces\ClpIBufferedAsymmetricBlockCipher.pas',
-  ClpBufferedAsymmetricBlockCipher in '..\..\CryptoLib\src\Crypto\ClpBufferedAsymmetricBlockCipher.pas',
-  { RSA Tests }
   RSATests in '..\src\Crypto\RSATests.pas',
   RSABlindedTests in '..\src\Crypto\RSABlindedTests.pas',
   RSADigestSignerTests in '..\src\Crypto\RSADigestSignerTests.pas',
   ISO9796Tests in '..\src\Crypto\ISO9796Tests.pas',
+  PssTests in '..\src\Crypto\PssTests.pas',
   CryptoLibTestBase in '..\src\CryptoLibTestBase.pas';
 
 begin
 
+{$IFDEF TESTINSIGHT}
+   TestInsight.DUnit.RunRegisteredTests;
+{$ELSE}
   Application.Initialize;
   if IsConsole then
     TextTestRunner.RunRegisteredTests
   else
     GUITestRunner.RunRegisteredTests;
+{$ENDIF}
 
 end.

CryptoLib.Tests/FreePascal.Tests/CryptoLib.Tests.lpi

@@ -77,7 +77,7 @@
         <PackageName Value="FCL"/>
       </Item4>
     </RequiredPackages>
-    <Units Count="74">
+    <Units Count="79">
       <Unit0>
         <Filename Value="CryptoLib.lpr"/>
         <IsPartOfProject Value="True"/>
@@ -375,6 +375,26 @@
         <Filename Value="..\src\Crypto\KMacTests.pas"/>
         <IsPartOfProject Value="True"/>
       </Unit73>
+      <Unit74>
+        <Filename Value="..\src\Crypto\PssTests.pas"/>
+        <IsPartOfProject Value="True"/>
+      </Unit74>
+      <Unit75>
+        <Filename Value="..\src\Crypto\ISO9796Tests.pas"/>
+        <IsPartOfProject Value="True"/>
+      </Unit75>
+      <Unit76>
+        <Filename Value="..\src\Crypto\RSABlindedTests.pas"/>
+        <IsPartOfProject Value="True"/>
+      </Unit76>
+      <Unit77>
+        <Filename Value="..\src\Crypto\RSADigestSignerTests.pas"/>
+        <IsPartOfProject Value="True"/>
+      </Unit77>
+      <Unit78>
+        <Filename Value="..\src\Crypto\RSATests.pas"/>
+        <IsPartOfProject Value="True"/>
+      </Unit78>
     </Units>
   </ProjectOptions>
   <CompilerOptions>

CryptoLib.Tests/FreePascal.Tests/CryptoLib.lpr

@@ -3,82 +3,26 @@ program CryptoLib.Tests;
 {$mode objfpc}{$H+}
 
 uses
-  Interfaces,
-  Forms,
-  GuiTestRunner,
-  Asn1SequenceParserTests,
-  DerApplicationSpecificTests,
-  EqualsAndHashCodeTests,
-  OIDTests,
-  EnumeratedTests,
-  ParsingTests,
-  ParseTests,
-  StringTests,
-  TagTests,
-  BigIntegerTests,
-  ECAlgorithmsTests,
-  ECPointTests,
-  SecP256R1FieldTests,
-  SecP384R1FieldTests,
-  ECDsa5Tests,
-  ECTests,
-  NamedCurveTests,
-  ECSchnorrTests,
-  SignerUtilitiesTests,
-  SecureRandomTests,
-  DigestRandomNumberTests,
-  FixedPointTests,
-  AESTests,
-  BlockCipherVectorTests,
-  BlockCipherMonteCarloTests,
-  AESTestVectors,
-  BlowfishTestVectors,
-  SpeckTestVectors,
-  RijndaelTestVectors,
-  AESSICTests,
-  SPECKTests,
-  IESCipherTests,
-  MD5HMacTests,
-  SHA1HMacTests,
-  SHA224HMacTests,
-  SHA256HMacTests,
-  SHA384HMacTests,
-  SHA512HMacTests,
-  RIPEMD128HMacTests,
-  RIPEMD160HMacTests,
-  HMacTests,
-  Pkcs5Tests,
-  HkdfGeneratorTests,
-  ECIESTests,
-  PascalCoinECIESTests,
-  ECNRTests,
-  PaddingTests,
-  DSATests,
-  DeterministicDsaTests,
-  Salsa20Tests,
-  XSalsa20Tests,
-  ChaChaTests,
-  StreamCipherResetTests,
-  CTSTests,
-  X25519Tests,
-  Ed25519Tests,
-  X25519HigherLevelTests,
-  Ed25519HigherLevelTests,
-  ShortenedDigestTests,
-  Kdf1GeneratorTests,
-  Kdf2GeneratorTests,
-  Argon2Tests,
-  ScryptTests,
-  DigestTests,
-  DigestUtilitiesTests,
-  DHTests,
-  Asn1IntegerTests,
-  KMacTests,
-  CryptoLibTestBase,
-  ClpFixedSecureRandom,
-  ClpIFixedSecureRandom,
-  ClpShortenedDigest,
-  ClpIShortenedDigest;
+  Interfaces, Forms, GuiTestRunner, Asn1SequenceParserTests,
+  DerApplicationSpecificTests, EqualsAndHashCodeTests, OIDTests,
+  EnumeratedTests, ParsingTests, ParseTests, StringTests, TagTests,
+  BigIntegerTests, ECAlgorithmsTests, ECPointTests, SecP256R1FieldTests,
+  SecP384R1FieldTests, ECDsa5Tests, ECTests, NamedCurveTests, ECSchnorrTests,
+  SignerUtilitiesTests, SecureRandomTests, DigestRandomNumberTests,
+  FixedPointTests, AESTests, BlockCipherVectorTests, BlockCipherMonteCarloTests,
+  AESTestVectors, BlowfishTestVectors, SpeckTestVectors, RijndaelTestVectors,
+  AESSICTests, SPECKTests, IESCipherTests, MD5HMacTests, SHA1HMacTests,
+  SHA224HMacTests, SHA256HMacTests, SHA384HMacTests, SHA512HMacTests,
+  RIPEMD128HMacTests, RIPEMD160HMacTests, HMacTests, Pkcs5Tests,
+  HkdfGeneratorTests, ECIESTests, PascalCoinECIESTests, ECNRTests, PaddingTests,
+  DSATests, DeterministicDsaTests, Salsa20Tests, XSalsa20Tests, ChaChaTests,
+  StreamCipherResetTests, CTSTests, X25519Tests, Ed25519Tests,
+  X25519HigherLevelTests, Ed25519HigherLevelTests, ShortenedDigestTests,
+  Kdf1GeneratorTests, Kdf2GeneratorTests, Argon2Tests, ScryptTests, DigestTests,
+  DigestUtilitiesTests, DHTests, Asn1IntegerTests, KMacTests, RSATests,
+  PssTests, ISO9796Tests, RSABlindedTests, RSADigestSignerTests,
+  CryptoLibTestBase, ClpFixedSecureRandom, ClpIFixedSecureRandom,
+  ClpShortenedDigest, ClpIShortenedDigest;
 
 {$R *.res}
 

CryptoLib.Tests/FreePascal.Tests/CryptoLibConsole.lpi

@@ -37,7 +37,7 @@
         <PackageName Value="FCL"/>
       </Item2>
     </RequiredPackages>
-    <Units Count="74">
+    <Units Count="79">
       <Unit0>
         <Filename Value="CryptoLibConsole.lpr"/>
         <IsPartOfProject Value="True"/>
@@ -334,6 +334,26 @@
         <Filename Value="..\src\Crypto\KMacTests.pas"/>
         <IsPartOfProject Value="True"/>
       </Unit73>
+      <Unit74>
+        <Filename Value="..\src\Crypto\PssTests.pas"/>
+        <IsPartOfProject Value="True"/>
+      </Unit74>
+      <Unit75>
+        <Filename Value="..\src\Crypto\ISO9796Tests.pas"/>
+        <IsPartOfProject Value="True"/>
+      </Unit75>
+      <Unit76>
+        <Filename Value="..\src\Crypto\RSABlindedTests.pas"/>
+        <IsPartOfProject Value="True"/>
+      </Unit76>
+      <Unit77>
+        <Filename Value="..\src\Crypto\RSADigestSignerTests.pas"/>
+        <IsPartOfProject Value="True"/>
+      </Unit77>
+      <Unit78>
+        <Filename Value="..\src\Crypto\RSATests.pas"/>
+        <IsPartOfProject Value="True"/>
+      </Unit78>
     </Units>
   </ProjectOptions>
   <CompilerOptions>

CryptoLib.Tests/FreePascal.Tests/CryptoLibConsole.lpr

@@ -3,80 +3,25 @@ program CryptoLibConsole;
 {$mode objfpc}{$H+}
 
 uses
-  consoletestrunner,
-  Asn1SequenceParserTests,
-  DerApplicationSpecificTests,
-  EqualsAndHashCodeTests,
-  OIDTests,
-  EnumeratedTests,
-  ParsingTests,
-  ParseTests,
-  StringTests,
-  TagTests,
-  BigIntegerTests,
-  ECAlgorithmsTests,
-  ECPointTests,
-  SecP256R1FieldTests,
-  SecP384R1FieldTests,
-  ECDsa5Tests,
-  ECTests,
-  NamedCurveTests,
-  ECSchnorrTests,
-  SignerUtilitiesTests,
-  SecureRandomTests,
-  DigestRandomNumberTests,
-  FixedPointTests,
-  AESTests,
-  BlockCipherVectorTests,
-  BlockCipherMonteCarloTests,
-  AESTestVectors,
-  BlowfishTestVectors,
-  SpeckTestVectors,
-  RijndaelTestVectors,
-  AESSICTests,
-  SPECKTests,
-  IESCipherTests,
-  MD5HMacTests,
-  SHA1HMacTests,
-  SHA224HMacTests,
-  SHA256HMacTests,
-  SHA384HMacTests,
-  SHA512HMacTests,
-  RIPEMD128HMacTests,
-  RIPEMD160HMacTests,
-  HMacTests,
-  Pkcs5Tests,
-  HkdfGeneratorTests,
-  ECIESTests,
-  PascalCoinECIESTests,
-  ECNRTests,
-  PaddingTests,
-  DSATests,
-  DeterministicDsaTests,
-  Salsa20Tests,
-  XSalsa20Tests,
-  ChaChaTests,
-  StreamCipherResetTests,
-  CTSTests,
-  X25519Tests,
-  Ed25519Tests,
-  X25519HigherLevelTests,
-  Ed25519HigherLevelTests,
-  ShortenedDigestTests,
-  Kdf1GeneratorTests,
-  Kdf2GeneratorTests,
-  Argon2Tests,
-  ScryptTests,
-  DigestTests,
-  DigestUtilitiesTests,
-  DHTests,
-  Asn1IntegerTests,
-  KMacTests,
-  CryptoLibTestBase,
-  ClpFixedSecureRandom,
-  ClpIFixedSecureRandom,
-  ClpShortenedDigest,
-  ClpIShortenedDigest;
+  consoletestrunner, Asn1SequenceParserTests, DerApplicationSpecificTests,
+  EqualsAndHashCodeTests, OIDTests, EnumeratedTests, ParsingTests, ParseTests,
+  StringTests, TagTests, BigIntegerTests, ECAlgorithmsTests, ECPointTests,
+  SecP256R1FieldTests, SecP384R1FieldTests, ECDsa5Tests, ECTests,
+  NamedCurveTests, ECSchnorrTests, SignerUtilitiesTests, SecureRandomTests,
+  DigestRandomNumberTests, FixedPointTests, AESTests, BlockCipherVectorTests,
+  BlockCipherMonteCarloTests, AESTestVectors, BlowfishTestVectors,
+  SpeckTestVectors, RijndaelTestVectors, AESSICTests, SPECKTests,
+  IESCipherTests, MD5HMacTests, SHA1HMacTests, SHA224HMacTests, SHA256HMacTests,
+  SHA384HMacTests, SHA512HMacTests, RIPEMD128HMacTests, RIPEMD160HMacTests,
+  HMacTests, Pkcs5Tests, HkdfGeneratorTests, ECIESTests, PascalCoinECIESTests,
+  ECNRTests, PaddingTests, DSATests, DeterministicDsaTests, Salsa20Tests,
+  XSalsa20Tests, ChaChaTests, StreamCipherResetTests, CTSTests, X25519Tests,
+  Ed25519Tests, X25519HigherLevelTests, Ed25519HigherLevelTests,
+  ShortenedDigestTests, Kdf1GeneratorTests, Kdf2GeneratorTests, Argon2Tests,
+  ScryptTests, DigestTests, DigestUtilitiesTests, DHTests, Asn1IntegerTests,
+  KMacTests, PssTests, ISO9796Tests, RSABlindedTests, RSADigestSignerTests,
+  RSATests, CryptoLibTestBase, ClpFixedSecureRandom, ClpIFixedSecureRandom,
+  ClpShortenedDigest, ClpIShortenedDigest;
 
 type
 

CryptoLib.Tests/src/Crypto/PssTests.pas

@@ -0,0 +1,648 @@
+{ *********************************************************************************** }
+{ *                              CryptoLib Library                                  * }
+{ *                Copyright (c) 2018 - 20XX Ugochukwu Mmaduekwe                    * }
+{ *                 Github Repository <https://github.com/Xor-el>                   * }
+
+{ *  Distributed under the MIT software license, see the accompanying file LICENSE  * }
+{ *          or visit http://www.opensource.org/licenses/mit-license.php.           * }
+
+{ *                              Acknowledgements:                                  * }
+{ *                                                                                 * }
+{ *      Thanks to Sphere 10 Software (http://www.sphere10.com/) for sponsoring     * }
+{ *                           development of this library                           * }
+
+{ * ******************************************************************************* * }
+
+(* &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& *)
+
+unit PssTests;
+
+interface
+
+{$IFDEF FPC}
+{$MODE DELPHI}
+{$ENDIF FPC}
+
+uses
+  SysUtils,
+{$IFDEF FPC}
+  fpcunit,
+  testregistry,
+{$ELSE}
+  TestFramework,
+{$ENDIF FPC}
+  ClpBigInteger,
+  ClpIRsaKeyParameters,
+  ClpRsaKeyParameters,
+  ClpIRsaPrivateCrtKeyParameters,
+  ClpRsaPrivateCrtKeyParameters,
+  ClpIRsaKeyGenerationParameters,
+  ClpRsaKeyGenerationParameters,
+  ClpParametersWithRandom,
+  ClpIParametersWithRandom,
+  ClpIRsaKeyPairGenerator,
+  ClpRsaKeyPairGenerator,
+  ClpRsaEngine,
+  ClpRsaBlindedEngine,
+  ClpPssSigner,
+  ClpIPssSigner,
+  ClpDigestUtilities,
+  ClpIDigest,
+  ClpIAsymmetricCipherKeyPair,
+  ClpISigner,
+  ClpSignerUtilities,
+  ClpGeneratorUtilities,
+  ClpISecureRandom,
+  ClpSecureRandom,
+  ClpConverters,
+  ClpArrayUtils,
+  ClpEncoders,
+  ClpCryptoLibTypes,
+  CryptoLibTestBase;
+
+type
+  /// <summary>
+  /// A SecureRandom that returns a fixed, pre-supplied byte sequence.
+  /// </summary>
+  IFixedRandom = interface(ISecureRandom)
+    ['{B0E9B1D4-7E9D-4E2B-9C9C-2E0E6B2C7F7D}']
+    procedure NextBytes(const ABuf: TCryptoLibByteArray); overload;
+    procedure NextBytes(const ABuf: TCryptoLibByteArray; AOff, ALen: Int32); overload;
+  end;
+
+  /// <summary>
+  /// Returns deterministic bytes by copying from FVals into the output buffer.
+  /// </summary>
+  TFixedRandom = class(TSecureRandom, IFixedRandom)
+  private
+    FVals: TCryptoLibByteArray;
+  public
+    constructor Create(const AVals: TCryptoLibByteArray);
+
+    procedure NextBytes(const ABuf: TCryptoLibByteArray); override;
+    procedure NextBytes(const ABuf: TCryptoLibByteArray; AOff, ALen: Int32); override;
+  end;
+
+type
+
+  TTestPss = class(TCryptoLibAlgorithmTestCase)
+  private
+  const
+    NumLoopTests = 50;
+
+  class var
+    // Example 1: A 1024-bit RSA keypair
+    FPub1: IRsaKeyParameters;
+    FPrv1: IRsaPrivateCrtKeyParameters;
+    FMsg1a, FSlt1a, FSig1a: TCryptoLibByteArray;
+    FMsg1b, FSlt1b, FSig1b: TCryptoLibByteArray;
+
+    // Example 2: A 1025-bit RSA keypair
+    FPub2: IRsaKeyParameters;
+    FPrv2: IRsaPrivateCrtKeyParameters;
+    FMsg2a, FSlt2a, FSig2a: TCryptoLibByteArray;
+
+    // Example 4: A 1027-bit RSA key pair
+    FPub4: IRsaKeyParameters;
+    FPrv4: IRsaPrivateCrtKeyParameters;
+    FMsg4a, FSlt4a, FSig4a: TCryptoLibByteArray;
+
+    // Example 8: A 1031-bit RSA key pair
+    FPub8: IRsaKeyParameters;
+    FPrv8: IRsaPrivateCrtKeyParameters;
+    FMsg8a, FSlt8a, FSig8a: TCryptoLibByteArray;
+
+    // Example 9: A 1536-bit RSA key pair
+    FPub9: IRsaKeyParameters;
+    FPrv9: IRsaPrivateCrtKeyParameters;
+    FMsg9a, FSlt9a, FSig9a: TCryptoLibByteArray;
+    FSecureRandom: ISecureRandom;
+
+    class constructor CreateTestPss;
+
+    procedure DoTestPssSignature(id: Integer; const pub, prv: IRsaKeyParameters;
+      const salt, msg, sig: TCryptoLibByteArray);
+    procedure DoTestLoopSha1;
+    procedure DoTestLoopMixedDigest;
+    procedure DoTestFixedSalt;
+    procedure DoTestSha512ZeroSalt;
+    procedure DoSignerUtilitiesSha1;
+    procedure DoSignerUtilitiesSha256;
+    procedure DoSignerUtilitiesSha384;
+    procedure DoSignerUtilitiesSha512;
+    procedure DoRawSignerTest;
+
+  published
+    procedure TestPssVectors;
+    procedure TestLoopSha1;
+    procedure TestLoopMixedDigest;
+    procedure TestFixedSalt;
+    procedure TestSha512ZeroSalt;
+    procedure TestSignerUtilitiesSha1;
+    procedure TestSignerUtilitiesSha256;
+    procedure TestSignerUtilitiesSha384;
+    procedure TestSignerUtilitiesSha512;
+    procedure TestRawSigner;
+
+  end;
+
+implementation
+
+{ TFixedRandom }
+
+constructor TFixedRandom.Create(const AVals: TCryptoLibByteArray);
+begin
+  inherited Create;
+
+  FVals := System.Copy(AVals);
+end;
+
+procedure TFixedRandom.NextBytes(const ABuf: TCryptoLibByteArray);
+begin
+  NextBytes(ABuf, 0, System.Length(ABuf));
+end;
+
+procedure TFixedRandom.NextBytes(const ABuf: TCryptoLibByteArray; AOff, ALen: Int32);
+begin
+  System.Move(FVals[0], ABuf[AOff], ALen);
+end;
+
+{ TTestPss }
+
+class constructor TTestPss.CreateTestPss;
+begin
+  // Example 1: A 1024-bit RSA keypair
+  FPub1 := TRsaKeyParameters.Create(False,
+    TBigInteger.Create('a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cb' + 'b307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137', 16),
+    TBigInteger.Create('010001', 16));
+
+  FPrv1 := TRsaPrivateCrtKeyParameters.Create(
+    TBigInteger.Create('a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb30' + '7ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137', 16),
+    TBigInteger.Create('010001', 16),
+    TBigInteger.Create('33a5042a90b27d4f5451ca9bbbd0b44771a101af884340aef9885f2a4bbe92e894a724ac3c568c8f97853ad07c0266c8c6a3ca0929f1e8f112318' + '84429fc4d9ae55fee896a10ce707c3ed7e734e44727a39574501a532683109c2abacaba283c31b4bd2f53c3ee37e352cee34f9e503bd80c0622ad79c6dcee883547c6a3b325', 16),
+    TBigInteger.Create('e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443', 16),
+    TBigInteger.Create('b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd', 16),
+    TBigInteger.Create('28fa13938655be1f8a159cbaca5a72ea190c30089e19cd274a556f36c4f6e19f554b34c077790427bbdd8dd3ede2448328f385d81b30e8e43b2fffa027861979', 16),
+    TBigInteger.Create('1a8b38f398fa712049898d7fb79ee0a77668791299cdfa09efc0e507acb21ed74301ef5bfd48be455eaeb6e1678255827580a8e4e8e14151d1510a82a3f2e729', 16),
+    TBigInteger.Create('27156aba4126d24a81f3a528cbfb27f56886f840a9f6e86e17a44b94fe9319584b8e22fdde1e5a2e3bd8aa5ba8d8584194eb2190acf832b847f13a3d24a79f4d', 16));
+
+  // PSSExample1.1
+  FMsg1a := THex.Decode('cdc87da223d786df3b45e0bbbc721326d1ee2af806cc315475cc6f0d9c66e1b62371d45ce2392e1ac92844c310102f156a0d8d52c1f4c40ba3aa65095' + '786cb769757a6563ba958fed0bcc984e8b517a3d5f515b23b8a41e74aa867693f90dfb061a6e86dfaaee64472c00e5f20945729cbebe77f06ce78e08f4098fba' + '41f9d6193c0317e8b60d4b6084acb42d29e3808a3bc372d85e331170fcbf7cc72d0b71c296648b3a4d10f416295d0807aa625cab2744fd9ea8fd223c42537029828bd16be02546f130fd2e33b936d2676e08aed1b73318b750a0167d0');
+  FSlt1a := THex.Decode('dee959c7e06411361420ff80185ed57f3e6776af');
+  FSig1a := THex.Decode('9074308fb598e9701b2294388e52f971faac2b60a5145af185df5287b5ed2887e57ce7fd44dc8634e407c8e0e4360bc226f3ec227f9d9e54638e8d31f5' + '051215df6ebb9c2f9579aa77598a38f914b5b9c1bd83c4e2f9f382a0d0aa3542ffee65984a601bc69eb28deb27dca12c82c2d4c3f66cd500f1ff2b994d8a4e30cbb33c');
+
+  // PSSExample1.2
+  FMsg1b := THex.Decode('851384cdfe819c22ed6c4ccb30daeb5cf059bc8e1166b7e3530c4c233e2b5f8f71a1cca582d43ecc72b1bca16dfc7013226b9e');
+  FSlt1b := THex.Decode('ef2869fa40c346cb183dab3d7bffc98fd56df42d');
+  FSig1b := THex.Decode('3ef7f46e831bf92b32274142a585ffcefbdca7b32ae90d10fb0f0c729984f04ef29a9df0780775ce43739b97838390db0a5505e63de927028d9d29b219ca2c' + '4517832558a55d694a6d25b9dab66003c4cccd907802193be5170d26147d37b93590241be51c25055f47ef62752cfbe21418fafe98c22c4d4d47724fdb5669e843');
+
+  // Example 2: A 1025-bit RSA keypair
+  FPub2 := TRsaKeyParameters.Create(False,
+    TBigInteger.Create('01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c' + '7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9', 16),
+    TBigInteger.Create('010001', 16));
+
+  FPrv2 := TRsaPrivateCrtKeyParameters.Create(
+    TBigInteger.Create('01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c' + '7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9', 16),
+    TBigInteger.Create('010001', 16),
+    TBigInteger.Create('027d147e4673057377fd1ea201565772176a7dc38358d376045685a2e787c23c15576bc16b9f444402d6bfc5d98a3e88ea13ef67c353eca0c0ddba9255bd7b8bb' + '50a644afdfd1dd51695b252d22e7318d1b6687a1c10ff75545f3db0fe602d5f2b7f294e3601eab7b9d1cecd767f64692e3e536ca2846cb0c2dd486a39fa75b1', 16),
+    TBigInteger.Create('016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1', 16),
+    TBigInteger.Create('014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079', 16),
+    TBigInteger.Create('e247cce504939b8f0a36090de200938755e2444b29539a7da7a902f6056835c0db7b52559497cfe2c61a8086d0213c472c78851800b171f6401de2e9c2756f31', 16),
+    TBigInteger.Create('b12fba757855e586e46f64c38a70c68b3f548d93d787b399999d4c8f0bbd2581c21e19ed0018a6d5d3df86424b3abcad40199d31495b61309f27c1bf55d487c1', 16),
+    TBigInteger.Create('564b1e1fa003bda91e89090425aac05b91da9ee25061e7628d5f51304a84992fdc33762bd378a59f030a334d532bd0dae8f298ea9ed844636ad5fb8cbdc03cad', 16));
+
+  // PSS Example 2.1
+  FMsg2a := THex.Decode('daba032066263faedb659848115278a52c44faa3a76f37515ed336321072c40a9d9b53bc05014078adf520875146aae70ff060226dcb7b1f1fc27e9360');
+  FSlt2a := THex.Decode('57bf160bcb02bb1dc7280cf0458530b7d2832ff7');
+  FSig2a := THex.Decode('014c5ba5338328ccc6e7a90bf1c0ab3fd606ff4796d3c12e4b639ed9136a5fec6c16d8884bdd99cfdc521456b0742b736868cf90de099adb8d5ffd1deff39ba4007' + 'ab746cefdb22d7df0e225f54627dc65466131721b90af445363a8358b9f607642f78fab0ab0f43b7168d64bae70d8827848d8ef1e421c5754ddf42c2589b5b3');
+
+  // Example 4: A 1027-bit RSA key pair
+  FPub4 := TRsaKeyParameters.Create(False,
+    TBigInteger.Create('054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa' + '83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705', 16),
+    TBigInteger.Create('010001', 16));
+
+  FPrv4 := TRsaPrivateCrtKeyParameters.Create(
+    TBigInteger.Create('054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83' + 'f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705', 16),
+    TBigInteger.Create('010001', 16),
+    TBigInteger.Create('fa041f8cd9697ceed38ec8caa275523b4dd72b09a301d3541d72f5d31c05cbce2d6983b36183af10690bd46c46131e35789431a556771dd0049b57461bf060c1f68472e' + '8a67c25f357e5b6b4738fa541a730346b4a07649a2dfa806a69c975b6aba64678acc7f5913e89c622f2d8abb1e3e32554e39df94ba60c002e387d9011', 16),
+    TBigInteger.Create('029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995', 16),
+    TBigInteger.Create('020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1', 16),
+    TBigInteger.Create('026e7e28010ecf2412d9523ad704647fb4fe9b66b1a681581b0e15553a89b1542828898f27243ebab45ff5e1acb9d4df1b051fbc62824dbc6f6c93261a78b9a759', 16),
+    TBigInteger.Create('012ddcc86ef655998c39ddae11718669e5e46cf1495b07e13b1014cd69b3af68304ad2a6b64321e78bf3bbca9bb494e91d451717e2d97564c6549465d0205cf421', 16),
+    TBigInteger.Create('010600c4c21847459fe576703e2ebecae8a5094ee63f536bf4ac68d3c13e5e4f12ac5cc10ab6a2d05a199214d1824747d551909636b774c22cac0b837599abcc75', 16));
+
+  // PSS Example 4.1
+  FMsg4a := THex.Decode('9fb03b827c8217d9');
+  FSlt4a := THex.Decode('ed7c98c95f30974fbe4fbddcf0f28d6021c0e91d');
+  FSig4a := THex.Decode('0323d5b7bf20ba4539289ae452ae4297080feff4518423ff4811a817837e7d82f1836cdfab54514ff0887bddeebf40bf99b047abc3ecfa6a37a3ef00f4a0c4a88aae090' + '4b745c846c4107e8797723e8ac810d9e3d95dfa30ff4966f4d75d13768d20857f2b1406f264cfe75e27d7652f4b5ed3575f28a702f8c4ed9cf9b2d44948');
+
+  // Example 8: A 1031-bit RSA key pair
+  FPub8 := TRsaKeyParameters.Create(False,
+    TBigInteger.Create('495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef47' + '53db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f', 16),
+    TBigInteger.Create('010001', 16));
+
+  FPrv8 := TRsaPrivateCrtKeyParameters.Create(
+    TBigInteger.Create('495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef475' + '3db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f', 16),
+    TBigInteger.Create('010001', 16),
+    TBigInteger.Create('6c66ffe98980c38fcdeab5159898836165f4b4b817c4f6a8d486ee4ea9130fe9b9092bd136d184f95f504a607eac565846d2fdd6597a8967c7396ef95a6eeebb4578a643966d' + 'ca4d8ee3de842de63279c618159c1ab54a89437b6a6120e4930afb52a4ba6ced8a4947ac64b30a3497cbe701c2d6266d517219ad0ec6d347dbe9', 16),
+    TBigInteger.Create('08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb', 16),
+    TBigInteger.Create('0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d', 16),
+    TBigInteger.Create('05c2a83c124b3621a2aa57ea2c3efe035eff4560f33ddebb7adab81fce69a0c8c2edc16520dda83d59a23be867963ac65f2cc710bbcfb96ee103deb771d105fd85', 16),
+    TBigInteger.Create('04cae8aa0d9faa165c87b682ec140b8ed3b50b24594b7a3b2c220b3669bb819f984f55310a1ae7823651d4a02e99447972595139363434e5e30a7e7d241551e1b9', 16),
+    TBigInteger.Create('07d3e47bf686600b11ac283ce88dbb3f6051e8efd04680e44c171ef531b80b2b7c39fc766320e2cf15d8d99820e96ff30dc69691839c4b40d7b06e45307dc91f3f', 16));
+
+  // PSS Example 8.1
+  FMsg8a := THex.Decode('81332f4be62948415ea1d899792eeacf6c6e1db1da8be13b5cea41db2fed467092e1ff398914c714259775f595f8547f735692a575e6923af78f22c6997ddb90fb6f72d7bb0dd' + '5744a31decd3dc3685849836ed34aec596304ad11843c4f88489f209735f5fb7fdaf7cec8addc5818168f880acbf490d51005b7a8e84e43e54287977571dd99eea4b161eb2df1f5108f12a4142a83322edb05a75487a3435c9a78ce53ed93bc550857d7a9fb');
+  FSlt8a := THex.Decode('1d65491d79c864b373009be6f6f2467bac4c78fa');
+  FSig8a := THex.Decode('0262ac254bfa77f3c1aca22c5179f8f040422b3c5bafd40a8f21cf0fa5a667ccd5993d42dbafb409c520e25fce2b1ee1e716577f1efa17f3da28052f40f0419b23106d7845aaf0' + '1125b698e7a4dfe92d3967bb00c4d0d35ba3552ab9a8b3eef07c7fecdbc5424ac4db1e20cb37d0b2744769940ea907e17fbbca673b20522380c5');
+
+  // Example 9: A 1536-bit RSA key pair
+  FPub9 := TRsaKeyParameters.Create(False,
+    TBigInteger.Create('e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e' + '6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b', 16),
+    TBigInteger.Create('010001', 16));
+
+  FPrv9 := TRsaPrivateCrtKeyParameters.Create(
+    TBigInteger.Create('e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6' + 'c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b', 16),
+    TBigInteger.Create('010001', 16),
+    TBigInteger.Create('6a7fd84fb85fad073b34406db74f8d61a6abc12196a961dd79565e9da6e5187bce2d980250f7359575359270d91590bb0e427c71460b55d51410b191bcf309fea131a92c8e702738fa' + '719f1e0041f52e40e91f229f4d96a1e6f172e15596b4510a6daec26105f2bebc53316b87bdf21311666070e8dfee69d52c71a976caae79c72b68d28580dc686d9f5129d225f82b3d615513a882b3db91416b48ce08888213e37eeb9af800d81cab328ce420689903c00c7b5fd31b75503a6d419684d629', 16),
+    TBigInteger.Create('f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367', 16),
+    TBigInteger.Create('ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d', 16),
+    TBigInteger.Create('2bb68bddfb0c4f56c8558bffaf892d8043037841e7fa81cfa61a38c5e39b901c8ee71122a5da2227bd6cdeeb481452c12ad3d61d5e4f776a0ab556591befe3e59e5a7fddb8345e1f2f35b9f4cee57c32414c086aec993e9353e480d9eec6289f', 16),
+    TBigInteger.Create('4ff897709fad079746494578e70fd8546130eeab5627c49b080f05ee4ad9f3e4b7cba9d6a5dff113a41c3409336833f190816d8a6bc42e9bec56b7567d0f3c9c696db619b245d901dd856db7c8092e77e9a1cccd56ee4dba42c5fdb61aec2669', 16),
+    TBigInteger.Create('77b9d1137b50404a982729316efafc7dfe66d34e5a182600d5f30a0a8512051c560d081d4d0a1835ec3d25a60f4e4d6aa948b2bf3dbb5b124cbbc3489255a3a948372f6978496745f943e1db4f18382ceaa505dfc65757bb3f857a58dce52156', 16));
+
+  // PSS Example 9.1
+  FMsg9a := THex.Decode('a88e265855e9d7ca36c68795f0b31b591cd6587c71d060a0b3f7f3eaef43795922028bc2b6ad467cfc2d7f659c5385aa70ba3672cdde4cfe4970cc7904601b278872bf51321c4a972f3c9' + '5570f3445d4f57980e0f20df54846e6a52c668f1288c03f95006ea32f562d40d52af9feb32f0fa06db65b588a237b34e592d55cf979f903a642ef64d2ed542aa8c77dc1dd762f45a59303ed75e541ca271e2b60ca709e44fa0661131e8d5d4163fd8d398566ce26de8730e' + '72f9cca737641c244159420637028df0a18079d6208ea8b4711a2c750f5');
+  FSlt9a := THex.Decode('c0a425313df8d7564bd2434d311523d5257eed80');
+  FSig9a := THex.Decode('586107226c3ce013a7c8f04d1a6a2959bb4b8e205ba43a27b50f124111bc35ef589b039f5932187cb696d7d9a32c0c38300a5cdda4834b62d2eb240af33f79d13dfbf095bf599e0d968694' + '8c1964747b67e89c9aba5cd85016236f566cc5802cb13ead51bc7ca6bef3b94dcbdbb1d570469771df0e00b1a8a06777472d2316279edae86474668d4e1efff95f1de61c6020da32ae92bbf16520fef3cf4d88f61121f24bbd9fe91b59caf1235b2a93ff81fc403addf4ebdea84934a9cdaf8e1a9e');
+
+  FSecureRandom := TSecureRandom.Create();
+end;
+
+procedure TTestPss.DoTestPssSignature(id: Integer; const pub, prv: IRsaKeyParameters;
+  const salt, msg, sig: TCryptoLibByteArray);
+var
+  eng: IPssSigner;
+  s: TCryptoLibByteArray;
+begin
+  eng := TPssSigner.Create(TRsaEngine.Create(), TDigestUtilities.GetDigest('SHA-1'), 20);
+
+  eng.Init(True, TParametersWithRandom.Create(prv, TFixedRandom.Create(salt) as IFixedRandom) as IParametersWithRandom);
+  eng.BlockUpdate(msg, 0, System.Length(msg));
+  s := eng.GenerateSignature();
+
+  CheckTrue(TArrayUtils.AreEqual(s, sig),
+    Format('Test %d: PSS signature generation failed', [id]));
+
+  eng.Init(False, pub);
+  eng.BlockUpdate(msg, 0, System.Length(msg));
+  CheckTrue(eng.VerifySignature(sig),
+    Format('Test %d: PSS signature verification failed', [id]));
+end;
+
+procedure TTestPss.DoTestLoopSha1;
+var
+  eng: IPssSigner;
+  data, s: TCryptoLibByteArray;
+  failed, j: Integer;
+begin
+  eng := TPssSigner.Create(TRsaEngine.Create(), TDigestUtilities.GetDigest('SHA-1'), 20);
+  failed := 0;
+  SetLength(data, 1000);
+
+  FSecureRandom.NextBytes(data);
+
+  for j := 0 to NumLoopTests - 1 do
+  begin
+    eng.Init(True, TParametersWithRandom.Create(FPrv8, FSecureRandom) as IParametersWithRandom);
+    eng.BlockUpdate(data, 0, System.Length(data));
+    s := eng.GenerateSignature();
+
+    eng.Init(False, FPub8);
+    eng.BlockUpdate(data, 0, System.Length(data));
+
+    if not eng.VerifySignature(s) then
+      Inc(failed);
+  end;
+
+  CheckEquals(0, failed, Format('Loop test failed - failures: %d', [failed]));
+end;
+
+procedure TTestPss.DoTestLoopMixedDigest;
+var
+  eng: IPssSigner;
+  data, s: TCryptoLibByteArray;
+  failed, j: Integer;
+begin
+  // SHA-256 for content, SHA-1 for MGF
+  eng := TPssSigner.Create(TRsaEngine.Create(),
+    TDigestUtilities.GetDigest('SHA-256'),
+    TDigestUtilities.GetDigest('SHA-1'), 20);
+  failed := 0;
+  SetLength(data, 1000);
+
+  FSecureRandom.NextBytes(data);
+
+  for j := 0 to NumLoopTests - 1 do
+  begin
+    eng.Init(True, TParametersWithRandom.Create(FPrv8, FSecureRandom) as IParametersWithRandom);
+    eng.BlockUpdate(data, 0, System.Length(data));
+    s := eng.GenerateSignature();
+
+    eng.Init(False, FPub8);
+    eng.BlockUpdate(data, 0, System.Length(data));
+
+    if not eng.VerifySignature(s) then
+      Inc(failed);
+  end;
+
+  CheckEquals(0, failed, Format('Mixed digest loop test failed - failures: %d', [failed]));
+end;
+
+procedure TTestPss.DoTestFixedSalt;
+var
+  eng: IPssSigner;
+  data, fixedSalt, wrongSalt, s: TCryptoLibByteArray;
+begin
+  data := THex.Decode('010203040506070809101112131415');
+  fixedSalt := THex.Decode('deadbeef');
+  wrongSalt := THex.Decode('beefbeef');
+
+  // Create signer with fixed salt
+  eng := TPssSigner.Create(TRsaBlindedEngine.Create(),
+    TDigestUtilities.GetDigest('SHA-256'),
+    TDigestUtilities.GetDigest('SHA-1'),
+    fixedSalt);
+
+  eng.Init(True, FPrv8);
+  eng.BlockUpdate(data, 0, System.Length(data));
+  s := eng.GenerateSignature();
+
+  eng.Init(False, FPub8);
+  eng.BlockUpdate(data, 0, System.Length(data));
+  CheckTrue(eng.VerifySignature(s), 'Fixed salt verification failed');
+
+  // Test failure with wrong salt
+  eng := TPssSigner.Create(TRsaBlindedEngine.Create(),
+    TDigestUtilities.GetDigest('SHA-256'),
+    TDigestUtilities.GetDigest('SHA-1'),
+    wrongSalt);
+
+  eng.Init(False, FPub8);
+  eng.BlockUpdate(data, 0, System.Length(data));
+  CheckFalse(eng.VerifySignature(s), 'Wrong salt should fail verification');
+end;
+
+procedure TTestPss.DoTestSha512ZeroSalt;
+var
+  eng: IPssSigner;
+  s: TCryptoLibByteArray;
+begin
+  // SHA-512 with zero salt length
+  eng := TPssSigner.Create(TRsaEngine.Create(),
+    TDigestUtilities.GetDigest('SHA-512'), 0, TPssSigner.TrailerImplicit);
+
+  eng.Init(True, FPrv1);
+  eng.BlockUpdate(FMsg1a, 0, System.Length(FMsg1a));
+  s := eng.GenerateSignature();
+
+  eng.Init(False, FPub1);
+  eng.BlockUpdate(FMsg1a, 0, System.Length(FMsg1a));
+  CheckTrue(eng.VerifySignature(s), 'SHA-512 zero salt verification failed');
+end;
+
+procedure TTestPss.DoSignerUtilitiesSha1;
+var
+  kpGen: IRsaKeyPairGenerator;
+  kpParams: IRsaKeyGenerationParameters;
+  keyPair: IAsymmetricCipherKeyPair;
+  signer: ISigner;
+  message, signature: TCryptoLibByteArray;
+  verified: Boolean;
+begin
+  kpGen := TRsaKeyPairGenerator.Create();
+  kpParams := TRsaKeyGenerationParameters.Create(
+    TBigInteger.ValueOf(65537), TSecureRandom.Create(), 2048, 100);
+  kpGen.Init(kpParams);
+  keyPair := kpGen.GenerateKeyPair();
+
+  message := TConverters.ConvertStringToBytes('Test PSS signature SHA-1',
+    TEncoding.UTF8);
+
+  signer := TSignerUtilities.GetSigner('SHA-1withRSAandMGF1');
+  signer.Init(True, keyPair.Private);
+  signer.BlockUpdate(message, 0, System.Length(message));
+  signature := signer.GenerateSignature();
+
+  CheckTrue(System.Length(signature) > 0, 'PSS SHA-1 signature is empty');
+
+  signer.Init(False, keyPair.Public);
+  signer.BlockUpdate(message, 0, System.Length(message));
+  verified := signer.VerifySignature(signature);
+
+  CheckTrue(verified, 'PSS SHA-1 signature verification failed');
+end;
+
+procedure TTestPss.DoSignerUtilitiesSha256;
+var
+  kpGen: IRsaKeyPairGenerator;
+  kpParams: IRsaKeyGenerationParameters;
+  keyPair: IAsymmetricCipherKeyPair;
+  signer: ISigner;
+  &message, signature: TCryptoLibByteArray;
+  verified: Boolean;
+begin
+  kpGen := TRsaKeyPairGenerator.Create();
+  kpParams := TRsaKeyGenerationParameters.Create(
+    TBigInteger.ValueOf(65537), TSecureRandom.Create(), 2048, 100);
+  kpGen.Init(kpParams);
+  keyPair := kpGen.GenerateKeyPair();
+
+  &message := TConverters.ConvertStringToBytes('Test PSS signature SHA-256',
+    TEncoding.UTF8);
+
+  signer := TSignerUtilities.GetSigner('SHA-256withRSAandMGF1');
+  signer.Init(True, keyPair.Private);
+  signer.BlockUpdate(&message, 0, System.Length(&message));
+  signature := signer.GenerateSignature();
+
+  CheckTrue(System.Length(signature) > 0, 'PSS SHA-256 signature is empty');
+
+  signer.Init(False, keyPair.Public);
+  signer.BlockUpdate(&message, 0, System.Length(&message));
+  verified := signer.VerifySignature(signature);
+
+  CheckTrue(verified, 'PSS SHA-256 signature verification failed');
+
+  // Test with modified message (should fail)
+  &message[0] := &message[0] xor $FF;
+  signer.Init(False, keyPair.Public);
+  signer.BlockUpdate(&message, 0, System.Length(&message));
+  verified := signer.VerifySignature(signature);
+
+  CheckFalse(verified, 'PSS modified message should fail verification');
+end;
+
+procedure TTestPss.DoSignerUtilitiesSha384;
+var
+  kpGen: IRsaKeyPairGenerator;
+  kpParams: IRsaKeyGenerationParameters;
+  keyPair: IAsymmetricCipherKeyPair;
+  signer: ISigner;
+  &message, signature: TCryptoLibByteArray;
+  verified: Boolean;
+begin
+  kpGen := TRsaKeyPairGenerator.Create();
+  kpParams := TRsaKeyGenerationParameters.Create(
+    TBigInteger.ValueOf(65537), TSecureRandom.Create(), 2048, 100);
+  kpGen.Init(kpParams);
+  keyPair := kpGen.GenerateKeyPair();
+
+  &message := TConverters.ConvertStringToBytes('Test PSS signature SHA-384',
+    TEncoding.UTF8);
+
+  signer := TSignerUtilities.GetSigner('SHA-384withRSAandMGF1');
+  signer.Init(True, keyPair.Private);
+  signer.BlockUpdate(&message, 0, System.Length(&message));
+  signature := signer.GenerateSignature();
+
+  CheckTrue(System.Length(signature) > 0, 'PSS SHA-384 signature is empty');
+
+  signer.Init(False, keyPair.Public);
+  signer.BlockUpdate(&message, 0, System.Length(&message));
+  verified := signer.VerifySignature(signature);
+
+  CheckTrue(verified, 'PSS SHA-384 signature verification failed');
+end;
+
+procedure TTestPss.DoSignerUtilitiesSha512;
+var
+  kpGen: IRsaKeyPairGenerator;
+  kpParams: IRsaKeyGenerationParameters;
+  keyPair: IAsymmetricCipherKeyPair;
+  signer: ISigner;
+  &message, signature: TCryptoLibByteArray;
+  verified: Boolean;
+begin
+  kpGen := TRsaKeyPairGenerator.Create();
+  kpParams := TRsaKeyGenerationParameters.Create(
+    TBigInteger.ValueOf(65537), TSecureRandom.Create(), 2048, 100);
+  kpGen.Init(kpParams);
+  keyPair := kpGen.GenerateKeyPair();
+
+  &message := TConverters.ConvertStringToBytes('Test PSS signature SHA-512',
+    TEncoding.UTF8);
+
+  signer := TSignerUtilities.GetSigner('SHA-512withRSAandMGF1');
+  signer.Init(True, keyPair.Private);
+  signer.BlockUpdate(&message, 0, System.Length(&message));
+  signature := signer.GenerateSignature();
+
+  CheckTrue(System.Length(signature) > 0, 'PSS SHA-512 signature is empty');
+
+  signer.Init(False, keyPair.Public);
+  signer.BlockUpdate(&message, 0, System.Length(&message));
+  verified := signer.VerifySignature(signature);
+
+  CheckTrue(verified, 'PSS SHA-512 signature verification failed');
+end;
+
+procedure TTestPss.DoRawSignerTest;
+var
+  kpGen: IRsaKeyPairGenerator;
+  kpParams: IRsaKeyGenerationParameters;
+  keyPair: IAsymmetricCipherKeyPair;
+  signer: IPssSigner;
+  digest: IDigest;
+  hash, signature: TCryptoLibByteArray;
+  verified: Boolean;
+begin
+  kpGen := TRsaKeyPairGenerator.Create();
+  kpParams := TRsaKeyGenerationParameters.Create(
+    TBigInteger.ValueOf(17), TSecureRandom.Create(), 1024, 100);
+  kpGen.Init(kpParams);
+  keyPair := kpGen.GenerateKeyPair();
+
+  digest := TDigestUtilities.GetDigest('SHA-256');
+
+  // Generate random hash
+  hash := TSecureRandom.GetNextBytes(FSecureRandom, digest.GetDigestSize());
+
+  // Sign with raw signer
+  signer := TPssSigner.CreateRawSigner(TRsaBlindedEngine.Create(), digest);
+  signer.Init(True, keyPair.Private);
+  signer.BlockUpdate(hash, 0, System.Length(hash));
+  signature := signer.GenerateSignature();
+
+  // Verify
+  signer.Init(False, keyPair.Public);
+  signer.BlockUpdate(hash, 0, System.Length(hash));
+  verified := signer.VerifySignature(signature);
+
+  CheckTrue(verified, 'Raw signer verification failed');
+end;
+
+procedure TTestPss.TestPssVectors;
+begin
+  DoTestPssSignature(1, FPub1, FPrv1, FSlt1a, FMsg1a, FSig1a);
+  DoTestPssSignature(2, FPub1, FPrv1, FSlt1b, FMsg1b, FSig1b);
+  DoTestPssSignature(3, FPub2, FPrv2, FSlt2a, FMsg2a, FSig2a);
+  DoTestPssSignature(5, FPub4, FPrv4, FSlt4a, FMsg4a, FSig4a);
+  DoTestPssSignature(7, FPub8, FPrv8, FSlt8a, FMsg8a, FSig8a);
+  DoTestPssSignature(9, FPub9, FPrv9, FSlt9a, FMsg9a, FSig9a);
+end;
+
+procedure TTestPss.TestLoopSha1;
+begin
+  DoTestLoopSha1;
+end;
+
+procedure TTestPss.TestLoopMixedDigest;
+begin
+  DoTestLoopMixedDigest;
+end;
+
+procedure TTestPss.TestFixedSalt;
+begin
+  DoTestFixedSalt;
+end;
+
+procedure TTestPss.TestSha512ZeroSalt;
+begin
+  DoTestSha512ZeroSalt;
+end;
+
+procedure TTestPss.TestSignerUtilitiesSha1;
+begin
+  DoSignerUtilitiesSha1;
+end;
+
+procedure TTestPss.TestSignerUtilitiesSha256;
+begin
+  DoSignerUtilitiesSha256;
+end;
+
+procedure TTestPss.TestSignerUtilitiesSha384;
+begin
+  DoSignerUtilitiesSha384;
+end;
+
+procedure TTestPss.TestSignerUtilitiesSha512;
+begin
+  DoSignerUtilitiesSha512;
+end;
+
+procedure TTestPss.TestRawSigner;
+begin
+  DoRawSignerTest;
+end;
+
+initialization
+
+{$IFDEF FPC}
+  RegisterTest(TTestPss);
+{$ELSE}
+  RegisterTest(TTestPss.Suite);
+{$ENDIF FPC}
+
+end.

CryptoLib.Tests/src/Crypto/RSABlindedTests.pas

@@ -17,9 +17,7 @@ uses
   {$ENDIF}
   ClpBigInteger,
   ClpSecureRandom,
-  ClpISecureRandom,
   ClpEncoders,
-  ClpConverters,
   ClpICipherParameters,
   ClpIAsymmetricBlockCipher,
   ClpIAsymmetricCipherKeyPair,
@@ -32,11 +30,9 @@ uses
   ClpRsaKeyPairGenerator,
   ClpIRsaKeyPairGenerator,
   ClpRsaBlindedEngine,
-  ClpIRsaBlindedEngine,
   ClpPkcs1Encoding,
   ClpIPkcs1Encoding,
   ClpOaepEncoding,
-  ClpIOaepEncoding,
   ClpCryptoLibTypes;
 
 type

CryptoLib.Tests/src/Crypto/RSADigestSignerTests.pas

@@ -42,7 +42,6 @@ uses
   ClpRsaPrivateCrtKeyParameters,
   ClpIRsaPrivateCrtKeyParameters,
   ClpIAsn1Objects,
-  ClpIAlgorithmIdentifier,
   ClpAlgorithmIdentifier,
   ClpIDigestInfo,
   ClpDigestInfo,

CryptoLib.Tests/src/Crypto/RSATests.pas

@@ -41,12 +41,8 @@ uses
   ClpIRsaKeyPairGenerator,
   ClpRsaKeyPairGenerator,
   ClpIRsaCoreEngine,
-  ClpRsaCoreEngine,
-  ClpIRsaBlindedEngine,
   ClpRsaBlindedEngine,
-  ClpIPkcs1Encoding,
   ClpPkcs1Encoding,
-  ClpIOaepEncoding,
   ClpOaepEncoding,
   ClpIAsymmetricBlockCipher,
   ClpIAsymmetricCipherKeyPair,
@@ -75,9 +71,11 @@ type
       FPExp: TBigInteger;
       FQExp: TBigInteger;
       FCrtCoef: TBigInteger;
+      FRandom: ISecureRandom;
 
     class constructor CreateTestRSA();
 
+    procedure DoTestModPowRSA(BitLength: Integer);
     procedure DoTestRawRsa;
     procedure DoTestPkcs1Encoding;
     procedure DoTestOaepEncoding;
@@ -85,6 +83,8 @@ type
     procedure DoTestRsaSignature;
 
   published
+    procedure TestModPowRSA1024;
+    procedure TestModPowRSA2048;
     procedure TestRawRsa;
     procedure TestPkcs1Encoding;
     procedure TestOaepEncoding;
@@ -132,6 +132,61 @@ begin
   FCrtCoef := TBigInteger.Create(
     'dae7651ee69ad1d081ec5e7188ae126f6004ff39556bde90e0b870962fa7b926' +
     'd070686d8244fe5a9aa709a95686a104614834b0ada4b10f53197a5cb4c97339', 16);
+
+  FRandom := TSecureRandom.Create();
+end;
+
+procedure TTestRSA.DoTestModPowRSA(BitLength: Integer);
+var
+  i: Integer;
+  p, q, n, phi, e, d, m, c, m_dec, One: TBigInteger;
+begin
+  One := TBigInteger.One;
+  e := TBigInteger.ValueOf(65537);
+
+  for i := 1 to 5 do
+  begin
+    // Generate primes p, q
+    repeat
+      p := TBigInteger.ProbablePrime(BitLength div 2, FRandom);
+    until (not p.Subtract(One).GCD(e).Equals(e)); // Ensure gcd(e, p-1) = 1
+
+    repeat
+      q := TBigInteger.ProbablePrime(BitLength div 2, FRandom);
+    until (not q.Equals(p)) and (not q.Subtract(One).GCD(e).Equals(e));
+
+    n := p.Multiply(q);
+    phi := p.Subtract(One).Multiply(q.Subtract(One));
+
+    d := e.ModInverse(phi);
+
+    // Random message m < n
+    repeat
+      m := TBigInteger.Create(n.BitLength - 1, FRandom);
+    until (m.CompareTo(n) < 0);
+
+    // Encrypt: c = m^e mod n
+    c := m.ModPow(e, n);
+
+    // Decrypt: m' = c^d mod n
+    m_dec := c.ModPow(d, n);
+
+    if not m.Equals(m_dec) then
+    begin
+      Fail(Format('RSA ModPow Failure at Iteration %d' + sLineBreak +
+                  'p: %s' + sLineBreak +
+                  'q: %s' + sLineBreak +
+                  'n: %s' + sLineBreak +
+                  'e: %s' + sLineBreak +
+                  'd: %s' + sLineBreak +
+                  'm: %s' + sLineBreak +
+                  'c: %s' + sLineBreak +
+                  'm_dec: %s',
+                  [i, p.ToString(16), q.ToString(16), n.ToString(16),
+                   e.ToString(16), d.ToString(16), m.ToString(16),
+                   c.ToString(16), m_dec.ToString(16)]));
+    end;
+  end;
 end;
 
 procedure TTestRSA.DoTestRawRsa;
@@ -263,7 +318,7 @@ var
   kpParams: IRsaKeyGenerationParameters;
   keyPair: IAsymmetricCipherKeyPair;
   signer: ISigner;
-  message, signature: TCryptoLibByteArray;
+  &message, signature: TCryptoLibByteArray;
   verified: Boolean;
 begin
   // Generate key pair
@@ -277,33 +332,43 @@ begin
   kpGen.Init(kpParams);
   keyPair := kpGen.GenerateKeyPair();
 
-  message := TConverters.ConvertStringToBytes('Test message for RSA signature',
+  &message := TConverters.ConvertStringToBytes('Test message for RSA signature',
     TEncoding.UTF8);
 
   // Sign with SHA-256
   signer := TSignerUtilities.GetSigner('SHA-256withRSA');
   signer.Init(True, keyPair.Private);
-  signer.BlockUpdate(message, 0, System.Length(message));
+  signer.BlockUpdate(&message, 0, System.Length(&message));
   signature := signer.GenerateSignature();
 
   CheckTrue(System.Length(signature) > 0, 'Signature is empty');
 
   // Verify
   signer.Init(False, keyPair.Public);
-  signer.BlockUpdate(message, 0, System.Length(message));
+  signer.BlockUpdate(&message, 0, System.Length(&message));
   verified := signer.VerifySignature(signature);
 
   CheckTrue(verified, 'Signature verification failed');
 
   // Test with modified message (should fail)
-  message[0] := message[0] xor $FF;
+  &message[0] := &message[0] xor $FF;
   signer.Init(False, keyPair.Public);
-  signer.BlockUpdate(message, 0, System.Length(message));
+  signer.BlockUpdate(&message, 0, System.Length(&message));
   verified := signer.VerifySignature(signature);
 
   CheckFalse(verified, 'Modified message should fail verification');
 end;
 
+procedure TTestRSA.TestModPowRSA1024;
+begin
+  DoTestModPowRSA(1024);
+end;
+
+procedure TTestRSA.TestModPowRSA2048;
+begin
+  DoTestModPowRSA(2048);
+end;
+
 procedure TTestRSA.TestRawRsa;
 begin
   DoTestRawRsa;

CryptoLib/src/Crypto/Digests/ClpPrehash.pas

@@ -0,0 +1,184 @@
+{ *********************************************************************************** }
+{ *                              CryptoLib Library                                  * }
+{ *                Copyright (c) 2018 - 20XX Ugochukwu Mmaduekwe                    * }
+{ *                 Github Repository <https://github.com/Xor-el>                   * }
+
+{ *  Distributed under the MIT software license, see the accompanying file LICENSE  * }
+{ *          or visit http://www.opensource.org/licenses/mit-license.php.           * }
+
+{ *                              Acknowledgements:                                  * }
+{ *                                                                                 * }
+{ *      Thanks to Sphere 10 Software (http://www.sphere10.com/) for sponsoring     * }
+{ *                           development of this library                           * }
+
+{ * ******************************************************************************* * }
+
+(* &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& *)
+
+unit ClpPrehash;
+
+{$I ..\..\Include\CryptoLib.inc}
+
+interface
+
+uses
+  SysUtils,
+  Classes,
+  HlpIHash,
+  ClpIDigest,
+  ClpIPrehash,
+  ClpCryptoLibTypes;
+
+resourcestring
+  SNotSupported = 'not supported';
+  SIncorrectPrehashSize = 'Incorrect prehash size';
+
+type
+  /// <summary>
+  /// A digest that stores pre-hashed data.
+  /// Used for "raw" signature operations where the data has already been hashed.
+  /// </summary>
+  TPrehash = class sealed(TInterfacedObject, IDigest, IPrehash)
+
+  strict private
+  var
+    FAlgorithmName: String;
+    FDigestSize: Int32;
+    FBuffer: TMemoryStream;
+
+    function GetAlgorithmName: String;
+
+  public
+    class function ForDigest(const digest: IDigest): IPrehash; static;
+    class function ForParameters(const digestName: String;
+      digestSize: Int32): IPrehash; static;
+
+    constructor Create(const algorithmName: String; digestSize: Int32);
+    destructor Destroy; override;
+
+    function GetUnderlyingIHash: IHash;
+    function GetDigestSize: Int32;
+    function GetByteLength: Int32;
+
+    procedure Update(input: Byte);
+    procedure BlockUpdate(const input: TCryptoLibByteArray; inOff, len: Int32);
+    function DoFinal: TCryptoLibByteArray; overload;
+    function DoFinal(const output: TCryptoLibByteArray; outOff: Int32): Int32; overload;
+    procedure Reset;
+    function Clone: IDigest;
+
+    property AlgorithmName: String read GetAlgorithmName;
+
+  end;
+
+implementation
+
+{ TPrehash }
+
+class function TPrehash.ForDigest(const digest: IDigest): IPrehash;
+begin
+  Result := ForParameters(digest.AlgorithmName, digest.GetDigestSize());
+end;
+
+class function TPrehash.ForParameters(const digestName: String;
+  digestSize: Int32): IPrehash;
+begin
+  Result := TPrehash.Create(digestName, digestSize);
+end;
+
+constructor TPrehash.Create(const algorithmName: String; digestSize: Int32);
+begin
+  inherited Create();
+  FAlgorithmName := algorithmName;
+  FDigestSize := digestSize;
+  FBuffer := TMemoryStream.Create();
+end;
+
+destructor TPrehash.Destroy;
+begin
+  FBuffer.Free;
+  inherited Destroy;
+end;
+
+function TPrehash.GetAlgorithmName: String;
+begin
+  Result := FAlgorithmName;
+end;
+
+function TPrehash.GetUnderlyingIHash: IHash;
+begin
+  // Prehash doesn't have an underlying IHash
+  Result := nil;
+end;
+
+function TPrehash.GetDigestSize: Int32;
+begin
+  Result := FDigestSize;
+end;
+
+function TPrehash.GetByteLength: Int32;
+begin
+  raise ENotSupportedCryptoLibException.CreateRes(@SNotSupported);
+end;
+
+procedure TPrehash.Update(input: Byte);
+begin
+  if FBuffer.Size < FDigestSize then
+    FBuffer.Write(input, 1);
+end;
+
+procedure TPrehash.BlockUpdate(const input: TCryptoLibByteArray;
+  inOff, len: Int32);
+var
+  writeLen: Int32;
+begin
+  writeLen := len;
+  if FBuffer.Size + writeLen > FDigestSize then
+    writeLen := FDigestSize - FBuffer.Size;
+  if writeLen > 0 then
+    FBuffer.Write(input[inOff], writeLen);
+end;
+
+function TPrehash.DoFinal: TCryptoLibByteArray;
+begin
+  try
+    if FBuffer.Size <> FDigestSize then
+      raise EInvalidOperationCryptoLibException.CreateRes(@SIncorrectPrehashSize);
+    SetLength(Result, FDigestSize);
+    FBuffer.Position := 0;
+    FBuffer.Read(Result[0], FDigestSize);
+  finally
+    Reset();
+  end;
+end;
+
+function TPrehash.DoFinal(const output: TCryptoLibByteArray;
+  outOff: Int32): Int32;
+begin
+  try
+    if FBuffer.Size <> FDigestSize then
+      raise EInvalidOperationCryptoLibException.CreateRes(@SIncorrectPrehashSize);
+    FBuffer.Position := 0;
+    FBuffer.Read(output[outOff], FDigestSize);
+    Result := FDigestSize;
+  finally
+    Reset();
+  end;
+end;
+
+procedure TPrehash.Reset;
+begin
+  FBuffer.Clear;
+end;
+
+function TPrehash.Clone: IDigest;
+var
+  cloned: TPrehash;
+begin
+  cloned := TPrehash.Create(FAlgorithmName, FDigestSize);
+  FBuffer.Position := 0;
+  cloned.FBuffer.CopyFrom(FBuffer, FBuffer.Size);
+  Result := cloned;
+end;
+
+end.

CryptoLib/src/Crypto/Generators/ClpRsaKeyPairGenerator.pas

@@ -109,7 +109,7 @@ begin
       FDefaultPublicExponent, parameters.Random, parameters.Strength, DefaultTests);
 end;
 
-class function TRsaKeyPairGenerator.ArrayContains(const arr: TArray<Int32>;
+class function TRsaKeyPairGenerator.ArrayContains(const arr: TCryptoLibInt32Array;
   value: Int32): Boolean;
 var
   i: Int32;

CryptoLib/src/Crypto/Signers/ClpGenericSigner.pas

@@ -0,0 +1,181 @@
+{ *********************************************************************************** }
+{ *                              CryptoLib Library                                  * }
+{ *                Copyright (c) 2018 - 20XX Ugochukwu Mmaduekwe                    * }
+{ *                 Github Repository <https://github.com/Xor-el>                   * }
+
+{ *  Distributed under the MIT software license, see the accompanying file LICENSE  * }
+{ *          or visit http://www.opensource.org/licenses/mit-license.php.           * }
+
+{ *                              Acknowledgements:                                  * }
+{ *                                                                                 * }
+{ *      Thanks to Sphere 10 Software (http://www.sphere10.com/) for sponsoring     * }
+{ *                           development of this library                           * }
+
+{ * ******************************************************************************* * }
+
+(* &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& *)
+
+unit ClpGenericSigner;
+
+{$I ..\..\Include\CryptoLib.inc}
+
+interface
+
+uses
+  SysUtils,
+  ClpICipherParameters,
+  ClpIAsymmetricKeyParameter,
+  ClpIAsymmetricBlockCipher,
+  ClpIDigest,
+  ClpISigner,
+  ClpIGenericSigner,
+  ClpParameterUtilities,
+  ClpDigestUtilities,
+  ClpArrayUtils,
+  ClpCryptoLibTypes;
+
+resourcestring
+  SSigningRequiresPrivate = 'Signing requires private key.';
+  SVerificationRequiresPublic = 'Verification requires public key.';
+  SNotInitForSigning = 'GenericSigner not initialised for signature generation.';
+  SNotInitForVerification = 'GenericSigner not initialised for verification';
+
+type
+  /// <summary>
+  /// A generic signer that uses an asymmetric block cipher and a digest.
+  /// </summary>
+  TGenericSigner = class(TInterfacedObject, ISigner, IGenericSigner)
+
+  strict private
+  var
+    FEngine: IAsymmetricBlockCipher;
+    FDigest: IDigest;
+    FForSigning: Boolean;
+
+  strict protected
+    function GetAlgorithmName: String;
+
+  public
+    constructor Create(const engine: IAsymmetricBlockCipher;
+      const digest: IDigest);
+
+    procedure Init(forSigning: Boolean; const parameters: ICipherParameters);
+    procedure Update(input: Byte);
+    procedure BlockUpdate(const input: TCryptoLibByteArray;
+      inOff, len: Int32);
+    function GenerateSignature: TCryptoLibByteArray;
+    function VerifySignature(const signature: TCryptoLibByteArray): Boolean;
+    procedure Reset;
+
+    property AlgorithmName: String read GetAlgorithmName;
+
+  end;
+
+implementation
+
+{ TGenericSigner }
+
+constructor TGenericSigner.Create(const engine: IAsymmetricBlockCipher;
+  const digest: IDigest);
+begin
+  inherited Create();
+  FEngine := engine;
+  FDigest := digest;
+end;
+
+function TGenericSigner.GetAlgorithmName: String;
+begin
+  Result := 'Generic(' + FEngine.AlgorithmName + '/' + FDigest.AlgorithmName + ')';
+end;
+
+procedure TGenericSigner.Init(forSigning: Boolean;
+  const parameters: ICipherParameters);
+var
+  key: IAsymmetricKeyParameter;
+  keyParams: ICipherParameters;
+begin
+  FForSigning := forSigning;
+
+  keyParams := TParameterUtilities.IgnoreRandom(parameters);
+
+  if not Supports(keyParams, IAsymmetricKeyParameter, key) then
+  begin
+    raise EInvalidKeyCryptoLibException.Create('Expected asymmetric key parameter');
+  end;
+
+  if forSigning and (not key.IsPrivate) then
+  begin
+    raise EInvalidKeyCryptoLibException.CreateRes(@SSigningRequiresPrivate);
+  end;
+
+  if (not forSigning) and key.IsPrivate then
+  begin
+    raise EInvalidKeyCryptoLibException.CreateRes(@SVerificationRequiresPublic);
+  end;
+
+  Reset();
+
+  FEngine.Init(forSigning, parameters);
+end;
+
+procedure TGenericSigner.Update(input: Byte);
+begin
+  FDigest.Update(input);
+end;
+
+procedure TGenericSigner.BlockUpdate(const input: TCryptoLibByteArray;
+  inOff, len: Int32);
+begin
+  FDigest.BlockUpdate(input, inOff, len);
+end;
+
+function TGenericSigner.GenerateSignature: TCryptoLibByteArray;
+var
+  hash: TCryptoLibByteArray;
+begin
+  if not FForSigning then
+  begin
+    raise EInvalidOperationCryptoLibException.CreateRes(@SNotInitForSigning);
+  end;
+
+  hash := TDigestUtilities.DoFinal(FDigest);
+
+  Result := FEngine.ProcessBlock(hash, 0, System.Length(hash));
+end;
+
+function TGenericSigner.VerifySignature(
+  const signature: TCryptoLibByteArray): Boolean;
+var
+  hash, sig, tmp: TCryptoLibByteArray;
+begin
+  if FForSigning then
+  begin
+    raise EInvalidOperationCryptoLibException.CreateRes(@SNotInitForVerification);
+  end;
+
+  hash := TDigestUtilities.DoFinal(FDigest);
+
+  try
+    sig := FEngine.ProcessBlock(signature, 0, System.Length(signature));
+
+    // Extend with leading zeroes to match the digest size, if necessary.
+    if System.Length(sig) < System.Length(hash) then
+    begin
+      SetLength(tmp, System.Length(hash));
+      System.Move(sig[0], tmp[System.Length(tmp) - System.Length(sig)],
+        System.Length(sig));
+      sig := tmp;
+    end;
+
+    Result := TArrayUtils.ConstantTimeAreEqual(sig, hash);
+  except
+    Result := False;
+  end;
+end;
+
+procedure TGenericSigner.Reset;
+begin
+  FDigest.Reset();
+end;
+
+end.

CryptoLib/src/Crypto/Signers/ClpPssSigner.pas

@@ -0,0 +1,539 @@
+{ *********************************************************************************** }
+{ *                              CryptoLib Library                                  * }
+{ *                Copyright (c) 2018 - 20XX Ugochukwu Mmaduekwe                    * }
+{ *                 Github Repository <https://github.com/Xor-el>                   * }
+
+{ *  Distributed under the MIT software license, see the accompanying file LICENSE  * }
+{ *          or visit http://www.opensource.org/licenses/mit-license.php.           * }
+
+{ *                              Acknowledgements:                                  * }
+{ *                                                                                 * }
+{ *      Thanks to Sphere 10 Software (http://www.sphere10.com/) for sponsoring     * }
+{ *                           development of this library                           * }
+
+{ * ******************************************************************************* * }
+
+(* &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& *)
+
+unit ClpPssSigner;
+
+{$I ..\..\Include\CryptoLib.inc}
+
+interface
+
+uses
+  SysUtils,
+  HlpIHashInfo,
+  ClpICipherParameters,
+  ClpIAsymmetricBlockCipher,
+  ClpIDigest,
+  ClpISigner,
+  ClpIPssSigner,
+  ClpIRsaKeyParameters,
+  ClpIRsaBlindingParameters,
+  ClpISecureRandom,
+  ClpSecureRandom,
+  ClpParameterUtilities,
+  ClpBigInteger,
+  ClpCryptoLibTypes;
+
+resourcestring
+  SKeyTooSmall = 'key too small for specified hash and salt lengths';
+
+type
+  /// <summary>
+  /// RSA-PSS as described in PKCS# 1 v 2.1.
+  /// <para>
+  /// Note: the usual value for the salt length is the number of
+  /// bytes in the hash function.
+  /// </para>
+  /// </summary>
+  TPssSigner = class(TInterfacedObject, ISigner, IPssSigner)
+
+  public
+  const
+    TrailerImplicit = Byte($BC);
+
+  strict private
+  var
+    FContentDigest1, FContentDigest2: IDigest;
+    FMgfDigest: IDigest;
+    FCipher: IAsymmetricBlockCipher;
+    FRandom: ISecureRandom;
+    FhLen: Int32;
+    FMgfhLen: Int32;
+    FsLen: Int32;
+    FSSet: Boolean;
+    FEmBits: Int32;
+    FSalt: TCryptoLibByteArray;
+    FmDash: TCryptoLibByteArray;
+    FBlock: TCryptoLibByteArray;
+    FTrailer: Byte;
+
+    procedure ClearBlock(const block: TCryptoLibByteArray);
+    procedure ItoOSP(i: Int32; const sp: TCryptoLibByteArray);
+    function MaskGeneratorFunction(const Z: TCryptoLibByteArray;
+      zOff, zLen, length: Int32): TCryptoLibByteArray;
+    function MaskGeneratorFunction1(const Z: TCryptoLibByteArray;
+      zOff, zLen, length: Int32): TCryptoLibByteArray;
+
+  strict protected
+    function GetAlgorithmName: String;
+
+  public
+    /// <summary>
+    /// Create a raw signer for pre-hashed data with default salt length.
+    /// </summary>
+    class function CreateRawSigner(const cipher: IAsymmetricBlockCipher;
+      const digest: IDigest): IPssSigner; overload; static;
+
+    /// <summary>
+    /// Create a raw signer for pre-hashed data with specified salt length.
+    /// </summary>
+    class function CreateRawSigner(const cipher: IAsymmetricBlockCipher;
+      const digest: IDigest; saltLen: Int32): IPssSigner; overload; static;
+
+    /// <summary>
+    /// Create a raw signer for pre-hashed data with separate content/MGF digests.
+    /// </summary>
+    class function CreateRawSigner(const cipher: IAsymmetricBlockCipher;
+      const contentDigest, mgfDigest: IDigest; saltLen: Int32;
+      trailer: Byte): IPssSigner; overload; static;
+
+    /// <summary>
+    /// Create a raw signer for pre-hashed data with fixed salt.
+    /// </summary>
+    class function CreateRawSigner(const cipher: IAsymmetricBlockCipher;
+      const contentDigest, mgfDigest: IDigest;
+      const salt: TCryptoLibByteArray; trailer: Byte): IPssSigner; overload; static;
+
+    constructor Create(const cipher: IAsymmetricBlockCipher;
+      const digest: IDigest); overload;
+    constructor Create(const cipher: IAsymmetricBlockCipher;
+      const digest: IDigest; saltLen: Int32); overload;
+    constructor Create(const cipher: IAsymmetricBlockCipher;
+      const digest: IDigest; const salt: TCryptoLibByteArray); overload;
+    constructor Create(const cipher: IAsymmetricBlockCipher;
+      const contentDigest, mgfDigest: IDigest; saltLen: Int32); overload;
+    constructor Create(const cipher: IAsymmetricBlockCipher;
+      const contentDigest, mgfDigest: IDigest;
+      const salt: TCryptoLibByteArray); overload;
+    constructor Create(const cipher: IAsymmetricBlockCipher;
+      const digest: IDigest; saltLen: Int32; trailer: Byte); overload;
+    constructor Create(const cipher: IAsymmetricBlockCipher;
+      const contentDigest, mgfDigest: IDigest; saltLen: Int32;
+      trailer: Byte); overload;
+    constructor Create(const cipher: IAsymmetricBlockCipher;
+      const contentDigest1, contentDigest2, mgfDigest: IDigest;
+      saltLen: Int32; const salt: TCryptoLibByteArray;
+      trailer: Byte); overload;
+
+    procedure Init(forSigning: Boolean; const parameters: ICipherParameters);
+    procedure Update(input: Byte);
+    procedure BlockUpdate(const input: TCryptoLibByteArray;
+      inOff, len: Int32);
+    function GenerateSignature: TCryptoLibByteArray;
+    function VerifySignature(const signature: TCryptoLibByteArray): Boolean;
+    procedure Reset;
+
+    property AlgorithmName: String read GetAlgorithmName;
+
+  end;
+
+implementation
+
+uses
+  ClpPrehash;
+
+{ TPssSigner }
+
+class function TPssSigner.CreateRawSigner(const cipher: IAsymmetricBlockCipher;
+  const digest: IDigest): IPssSigner;
+begin
+  Result := TPssSigner.Create(cipher, TPrehash.ForDigest(digest), digest, digest,
+    digest.GetDigestSize(), nil, TrailerImplicit);
+end;
+
+class function TPssSigner.CreateRawSigner(const cipher: IAsymmetricBlockCipher;
+  const digest: IDigest; saltLen: Int32): IPssSigner;
+begin
+  Result := TPssSigner.Create(cipher, TPrehash.ForDigest(digest), digest, digest,
+    saltLen, nil, TrailerImplicit);
+end;
+
+class function TPssSigner.CreateRawSigner(const cipher: IAsymmetricBlockCipher;
+  const contentDigest, mgfDigest: IDigest; saltLen: Int32;
+  trailer: Byte): IPssSigner;
+begin
+  Result := TPssSigner.Create(cipher, TPrehash.ForDigest(contentDigest),
+    contentDigest, mgfDigest, saltLen, nil, trailer);
+end;
+
+class function TPssSigner.CreateRawSigner(const cipher: IAsymmetricBlockCipher;
+  const contentDigest, mgfDigest: IDigest; const salt: TCryptoLibByteArray;
+  trailer: Byte): IPssSigner;
+begin
+  Result := TPssSigner.Create(cipher, TPrehash.ForDigest(contentDigest),
+    contentDigest, mgfDigest, System.Length(salt), salt, trailer);
+end;
+
+constructor TPssSigner.Create(const cipher: IAsymmetricBlockCipher;
+  const digest: IDigest);
+begin
+  Create(cipher, digest, digest.GetDigestSize());
+end;
+
+constructor TPssSigner.Create(const cipher: IAsymmetricBlockCipher;
+  const digest: IDigest; saltLen: Int32);
+begin
+  Create(cipher, digest, saltLen, TrailerImplicit);
+end;
+
+constructor TPssSigner.Create(const cipher: IAsymmetricBlockCipher;
+  const digest: IDigest; const salt: TCryptoLibByteArray);
+begin
+  Create(cipher, digest, digest, digest, System.Length(salt), salt, TrailerImplicit);
+  //Create(cipher, digest.Clone, digest.Clone, digest.Clone, System.Length(salt), salt, TrailerImplicit);
+end;
+
+constructor TPssSigner.Create(const cipher: IAsymmetricBlockCipher;
+  const contentDigest, mgfDigest: IDigest; saltLen: Int32);
+begin
+  Create(cipher, contentDigest, mgfDigest, saltLen, TrailerImplicit);
+end;
+
+constructor TPssSigner.Create(const cipher: IAsymmetricBlockCipher;
+  const contentDigest, mgfDigest: IDigest;
+  const salt: TCryptoLibByteArray);
+begin
+  Create(cipher, contentDigest, contentDigest, mgfDigest, System.Length(salt),
+    salt, TrailerImplicit);
+end;
+
+constructor TPssSigner.Create(const cipher: IAsymmetricBlockCipher;
+  const digest: IDigest; saltLen: Int32; trailer: Byte);
+begin
+  Create(cipher, digest, digest, saltLen, trailer);
+end;
+
+constructor TPssSigner.Create(const cipher: IAsymmetricBlockCipher;
+  const contentDigest, mgfDigest: IDigest; saltLen: Int32; trailer: Byte);
+begin
+  Create(cipher, contentDigest, contentDigest, mgfDigest, saltLen, nil, trailer);
+end;
+
+constructor TPssSigner.Create(const cipher: IAsymmetricBlockCipher;
+  const contentDigest1, contentDigest2, mgfDigest: IDigest;
+  saltLen: Int32; const salt: TCryptoLibByteArray; trailer: Byte);
+begin
+  inherited Create();
+
+  FCipher := cipher;
+  FContentDigest1 := contentDigest1;
+  FContentDigest2 := contentDigest2;
+  FMgfDigest := mgfDigest;
+  FhLen := contentDigest2.GetDigestSize();
+  FMgfhLen := mgfDigest.GetDigestSize();
+  FsLen := saltLen;
+  FSSet := salt <> nil;
+  if FSSet then
+  begin
+    FSalt := System.Copy(salt);
+  end
+  else
+  begin
+    SetLength(FSalt, saltLen);
+  end;
+  SetLength(FmDash, 8 + saltLen + FhLen);
+  FTrailer := trailer;
+end;
+
+function TPssSigner.GetAlgorithmName: String;
+begin
+  Result := FMgfDigest.AlgorithmName + 'withRSAandMGF1';
+end;
+
+procedure TPssSigner.Init(forSigning: Boolean;
+  const parameters: ICipherParameters);
+var
+  kParams: ICipherParameters;
+  providedRandom: ISecureRandom;
+  kParam: IRsaKeyParameters;
+  blinding: IRsaBlindingParameters;
+begin
+  FCipher.Init(forSigning, parameters);
+
+  kParams := TParameterUtilities.GetRandom(parameters, providedRandom);
+
+  if forSigning then
+  begin
+    if providedRandom <> nil then
+      FRandom := providedRandom
+    else
+      FRandom := TSecureRandom.Create();
+  end
+  else
+    FRandom := nil;
+
+  if Supports(kParams, IRsaBlindingParameters, blinding) then
+  begin
+    kParam := blinding.PublicKey;
+  end
+  else
+  begin
+    kParam := kParams as IRsaKeyParameters;
+  end;
+
+  FEmBits := kParam.Modulus.BitLength - 1;
+
+  if FEmBits < ((8 * FhLen) + (8 * FsLen) + 9) then
+  begin
+    raise EArgumentCryptoLibException.CreateRes(@SKeyTooSmall);
+  end;
+
+  // C# creates new array each time, so we must zero it to match behavior
+  SetLength(FBlock, (FEmBits + 7) div 8);
+  ClearBlock(FBlock);
+end;
+
+procedure TPssSigner.ClearBlock(const block: TCryptoLibByteArray);
+begin
+  if block <> nil then
+    FillChar(block[0], System.Length(block), 0);
+end;
+
+procedure TPssSigner.Update(input: Byte);
+begin
+  FContentDigest1.Update(input);
+end;
+
+procedure TPssSigner.BlockUpdate(const input: TCryptoLibByteArray;
+  inOff, len: Int32);
+begin
+  FContentDigest1.BlockUpdate(input, inOff, len);
+end;
+
+function TPssSigner.GenerateSignature: TCryptoLibByteArray;
+var
+  h, dbMask: TCryptoLibByteArray;
+  firstByteMask: UInt32;
+  i: Int32;
+begin
+  if FContentDigest1.GetDigestSize() <> FhLen then
+  begin
+    raise EInvalidOperationCryptoLibException.Create('Digest size mismatch');
+  end;
+
+  // Ensure block is zero-initialized before use (C# creates new array in Init)
+  ClearBlock(FBlock);
+
+  // PSS requires first 8 bytes of mDash to be zeros (padding1)
+  FillChar(FmDash[0], 8, 0);
+
+  FContentDigest1.DoFinal(FmDash, System.Length(FmDash) - FhLen - FsLen);
+
+  if FsLen <> 0 then
+  begin
+    if not FSSet then
+    begin
+      FRandom.NextBytes(FSalt);
+    end;
+    System.Move(FSalt[0], FmDash[System.Length(FmDash) - FsLen], FsLen);
+  end;
+
+  SetLength(h, FhLen);
+
+  FContentDigest2.BlockUpdate(FmDash, 0, System.Length(FmDash));
+  FContentDigest2.DoFinal(h, 0);
+
+  FBlock[System.Length(FBlock) - FsLen - 1 - FhLen - 1] := $01;
+  System.Move(FSalt[0], FBlock[System.Length(FBlock) - FsLen - FhLen - 1], FsLen);
+
+  dbMask := MaskGeneratorFunction(h, 0, System.Length(h),
+    System.Length(FBlock) - FhLen - 1);
+  for i := 0 to System.Length(dbMask) - 1 do
+  begin
+    FBlock[i] := FBlock[i] xor dbMask[i];
+  end;
+
+  System.Move(h[0], FBlock[System.Length(FBlock) - FhLen - 1], System.Length(h));
+
+  firstByteMask := $FF shr ((System.Length(FBlock) * 8) - FEmBits);
+
+  FBlock[0] := FBlock[0] and Byte(firstByteMask);
+  FBlock[System.Length(FBlock) - 1] := FTrailer;
+
+  Result := FCipher.ProcessBlock(FBlock, 0, System.Length(FBlock));
+
+  ClearBlock(FBlock);
+end;
+
+function TPssSigner.VerifySignature(
+  const signature: TCryptoLibByteArray): Boolean;
+var
+  b, dbMask: TCryptoLibByteArray;
+  firstByteMask: UInt32;
+  i, j: Int32;
+begin
+  if FContentDigest1.GetDigestSize() <> FhLen then
+  begin
+    raise EInvalidOperationCryptoLibException.Create('Digest size mismatch');
+  end;
+
+  // PSS requires first 8 bytes of mDash to be zeros (padding1)
+  FillChar(FmDash[0], 8, 0);
+
+  FContentDigest1.DoFinal(FmDash, System.Length(FmDash) - FhLen - FsLen);
+
+  b := FCipher.ProcessBlock(signature, 0, System.Length(signature));
+  
+  FillChar(FBlock[0], System.Length(FBlock) - System.Length(b), 0);
+  System.Move(b[0], FBlock[System.Length(FBlock) - System.Length(b)],
+    System.Length(b));
+
+  firstByteMask := $FF shr ((System.Length(FBlock) * 8) - FEmBits);
+
+  if (FBlock[0] <> Byte(FBlock[0] and firstByteMask)) or
+     (FBlock[System.Length(FBlock) - 1] <> FTrailer) then
+  begin
+    ClearBlock(FBlock);
+    Result := False;
+    Exit;
+  end;
+
+  dbMask := MaskGeneratorFunction(FBlock, System.Length(FBlock) - FhLen - 1,
+    FhLen, System.Length(FBlock) - FhLen - 1);
+
+  for i := 0 to System.Length(dbMask) - 1 do
+  begin
+    FBlock[i] := FBlock[i] xor dbMask[i];
+  end;
+
+  FBlock[0] := FBlock[0] and Byte(firstByteMask);
+
+  for i := 0 to System.Length(FBlock) - FhLen - FsLen - 3 do
+  begin
+    if FBlock[i] <> 0 then
+    begin
+      ClearBlock(FBlock);
+      Result := False;
+      Exit;
+    end;
+  end;
+
+  if FBlock[System.Length(FBlock) - FhLen - FsLen - 2] <> $01 then
+  begin
+    ClearBlock(FBlock);
+    Result := False;
+    Exit;
+  end;
+
+  if FSSet then
+  begin
+    System.Move(FSalt[0], FmDash[System.Length(FmDash) - FsLen], FsLen);
+  end
+  else
+  begin
+    System.Move(FBlock[System.Length(FBlock) - FsLen - FhLen - 1],
+      FmDash[System.Length(FmDash) - FsLen], FsLen);
+  end;
+
+  FContentDigest2.BlockUpdate(FmDash, 0, System.Length(FmDash));
+  FContentDigest2.DoFinal(FmDash, System.Length(FmDash) - FhLen);
+
+  i := System.Length(FBlock) - FhLen - 1;
+  j := System.Length(FmDash) - FhLen;
+  while j < System.Length(FmDash) do
+  begin
+    if (FBlock[i] xor FmDash[j]) <> 0 then
+    begin
+      ClearBlock(FmDash);
+      ClearBlock(FBlock);
+      Result := False;
+      Exit;
+    end;
+    Inc(i);
+    Inc(j);
+  end;
+
+  ClearBlock(FmDash);
+  ClearBlock(FBlock);
+
+  Result := True;
+end;
+
+procedure TPssSigner.Reset;
+begin
+  FContentDigest1.Reset();
+end;
+
+procedure TPssSigner.ItoOSP(i: Int32; const sp: TCryptoLibByteArray);
+begin
+  sp[0] := Byte(UInt32(i) shr 24);
+  sp[1] := Byte(UInt32(i) shr 16);
+  sp[2] := Byte(UInt32(i) shr 8);
+  sp[3] := Byte(UInt32(i) shr 0);
+end;
+
+function TPssSigner.MaskGeneratorFunction(const Z: TCryptoLibByteArray;
+  zOff, zLen, length: Int32): TCryptoLibByteArray;
+var
+  mask: TCryptoLibByteArray;
+  xof: IXOF;
+begin
+  // Check if mgfDigest wraps an XOF hash
+  if Supports(FMgfDigest.GetUnderlyingIHash, IXOF, xof) then
+  begin
+    SetLength(mask, length);
+    xof.XOFSizeInBits := length * 8;
+    xof.Initialize;
+    xof.TransformBytes(Z, zOff, zLen);
+    mask := xof.TransformFinal.GetBytes();
+    Result := mask;
+    Exit;
+  end;
+
+  Result := MaskGeneratorFunction1(Z, zOff, zLen, length);
+end;
+
+function TPssSigner.MaskGeneratorFunction1(const Z: TCryptoLibByteArray;
+  zOff, zLen, length: Int32): TCryptoLibByteArray;
+var
+  mask, hashBuf, C: TCryptoLibByteArray;
+  counter: Int32;
+begin
+  SetLength(mask, length);
+  SetLength(hashBuf, FMgfhLen);
+  SetLength(C, 4);
+  counter := 0;
+
+  FMgfDigest.Reset();
+
+  while counter < (length div FMgfhLen) do
+  begin
+    ItoOSP(counter, C);
+
+    FMgfDigest.BlockUpdate(Z, zOff, zLen);
+    FMgfDigest.BlockUpdate(C, 0, System.Length(C));
+    FMgfDigest.DoFinal(hashBuf, 0);
+
+    System.Move(hashBuf[0], mask[counter * FMgfhLen], System.Length(hashBuf));
+    Inc(counter);
+  end;
+
+  if (counter * FMgfhLen) < length then
+  begin
+    ItoOSP(counter, C);
+
+    FMgfDigest.BlockUpdate(Z, zOff, zLen);
+    FMgfDigest.BlockUpdate(C, 0, System.Length(C));
+    FMgfDigest.DoFinal(hashBuf, 0);
+
+    System.Move(hashBuf[0], mask[counter * FMgfhLen],
+      System.Length(mask) - (counter * FMgfhLen));
+  end;
+
+  Result := mask;
+end;
+
+end.

CryptoLib/src/Interfaces/ClpIGenericSigner.pas

@@ -0,0 +1,34 @@
+{ *********************************************************************************** }
+{ *                              CryptoLib Library                                  * }
+{ *                Copyright (c) 2018 - 20XX Ugochukwu Mmaduekwe                    * }
+{ *                 Github Repository <https://github.com/Xor-el>                   * }
+
+{ *  Distributed under the MIT software license, see the accompanying file LICENSE  * }
+{ *          or visit http://www.opensource.org/licenses/mit-license.php.           * }
+
+{ *                              Acknowledgements:                                  * }
+{ *                                                                                 * }
+{ *      Thanks to Sphere 10 Software (http://www.sphere10.com/) for sponsoring     * }
+{ *                           development of this library                           * }
+
+{ * ******************************************************************************* * }
+
+(* &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& *)
+
+unit ClpIGenericSigner;
+
+{$I ..\Include\CryptoLib.inc}
+
+interface
+
+uses
+  ClpISigner;
+
+type
+  IGenericSigner = interface(ISigner)
+    ['{E6F5D4C3-B2A1-9087-6543-21FEDCBA0987}']
+  end;
+
+implementation
+
+end.

CryptoLib/src/Interfaces/ClpIPrehash.pas

@@ -0,0 +1,34 @@
+{ *********************************************************************************** }
+{ *                              CryptoLib Library                                  * }
+{ *                Copyright (c) 2018 - 20XX Ugochukwu Mmaduekwe                    * }
+{ *                 Github Repository <https://github.com/Xor-el>                   * }
+
+{ *  Distributed under the MIT software license, see the accompanying file LICENSE  * }
+{ *          or visit http://www.opensource.org/licenses/mit-license.php.           * }
+
+{ *                              Acknowledgements:                                  * }
+{ *                                                                                 * }
+{ *      Thanks to Sphere 10 Software (http://www.sphere10.com/) for sponsoring     * }
+{ *                           development of this library                           * }
+
+{ * ******************************************************************************* * }
+
+(* &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& *)
+
+unit ClpIPrehash;
+
+{$I ..\Include\CryptoLib.inc}
+
+interface
+
+uses
+  ClpIDigest;
+
+type
+  IPrehash = interface(IDigest)
+    ['{C1D2E3F4-A5B6-7890-1234-56789ABCDEF1}']
+  end;
+
+implementation
+
+end.

CryptoLib/src/Interfaces/ClpIPssSigner.pas

@@ -0,0 +1,34 @@
+{ *********************************************************************************** }
+{ *                              CryptoLib Library                                  * }
+{ *                Copyright (c) 2018 - 20XX Ugochukwu Mmaduekwe                    * }
+{ *                 Github Repository <https://github.com/Xor-el>                   * }
+
+{ *  Distributed under the MIT software license, see the accompanying file LICENSE  * }
+{ *          or visit http://www.opensource.org/licenses/mit-license.php.           * }
+
+{ *                              Acknowledgements:                                  * }
+{ *                                                                                 * }
+{ *      Thanks to Sphere 10 Software (http://www.sphere10.com/) for sponsoring     * }
+{ *                           development of this library                           * }
+
+{ * ******************************************************************************* * }
+
+(* &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& *)
+
+unit ClpIPssSigner;
+
+{$I ..\Include\CryptoLib.inc}
+
+interface
+
+uses
+  ClpISigner;
+
+type
+  IPssSigner = interface(ISigner)
+    ['{A1B2C3D4-E5F6-7890-1234-56789ABCDEF0}']
+  end;
+
+implementation
+
+end.

CryptoLib/src/Packages/Delphi/CryptoLib4PascalPackage.dpk

@@ -394,7 +394,6 @@ contains
   ClpECCompUtilities in '..\..\Math\EC\ClpECCompUtilities.pas',
   ClpIKMac in '..\..\Interfaces\ClpIKMac.pas',
   ClpKMac in '..\..\Crypto\Macs\ClpKMac.pas',
-  { RSA Implementation }
   ClpIRsa in '..\..\Interfaces\ClpIRsa.pas',
   ClpIRsaKeyParameters in '..\..\Interfaces\ClpIRsaKeyParameters.pas',
   ClpRsaKeyParameters in '..\..\Crypto\Parameters\ClpRsaKeyParameters.pas',
@@ -431,6 +430,12 @@ contains
   ClpIRsaBlindingEngine in '..\..\Interfaces\ClpIRsaBlindingEngine.pas',
   ClpRsaBlindingEngine in '..\..\Crypto\Engines\ClpRsaBlindingEngine.pas',
   ClpIBufferedAsymmetricBlockCipher in '..\..\Interfaces\ClpIBufferedAsymmetricBlockCipher.pas',
-  ClpBufferedAsymmetricBlockCipher in '..\..\Crypto\ClpBufferedAsymmetricBlockCipher.pas';
+  ClpBufferedAsymmetricBlockCipher in '..\..\Crypto\ClpBufferedAsymmetricBlockCipher.pas',
+  ClpIPssSigner in '..\..\Interfaces\ClpIPssSigner.pas',
+  ClpPssSigner in '..\..\Crypto\Signers\ClpPssSigner.pas',
+  ClpIGenericSigner in '..\..\Interfaces\ClpIGenericSigner.pas',
+  ClpGenericSigner in '..\..\Crypto\Signers\ClpGenericSigner.pas',
+  ClpIPrehash in '..\..\Interfaces\ClpIPrehash.pas',
+  ClpPrehash in '..\..\Crypto\Digests\ClpPrehash.pas';
 
 end.

CryptoLib/src/Packages/FPC/CryptoLib4PascalPackage.lpk

@@ -10,7 +10,7 @@
       <PathDelim Value="\"/>
       <SearchPaths>
         <IncludeFiles Value="..\..\Include"/>
-        <OtherUnitFiles Value="..\..\Asn1;..\..\Asn1\CryptoPro;..\..\Asn1\Nist;..\..\Asn1\Oiw;..\..\Asn1\Pkcs;..\..\Asn1\RossStandart;..\..\Asn1\Sec;..\..\Asn1\TeleTrust;..\..\Asn1\X9;..\..\Crypto;..\..\Crypto\Generators;..\..\Crypto\Parameters;..\..\Crypto\Prng;..\..\Crypto\Signers;..\..\Interfaces;..\..\Math;..\..\Math\EC;..\..\Math\EC\Abc;..\..\Math\EC\Endo;..\..\Math\EC\Multiplier;..\..\Math\Field;..\..\Math\Raw;..\..\Security;..\..\Utils;..\..\Utils\Encoders;..\..\Utils\Randoms;..\..\Utils\Rng;..\..\Crypto\Modes;..\..\Crypto\Paddings;..\..\Crypto\Engines;..\..\Crypto\Parsers;..\..\Crypto\Agreement;..\..\Crypto\Macs;..\..\Asn1\Misc;..\..\Asn1\Iana;..\..\Crypto\Digests;..\..\Asn1\X509;..\..\Crypto\EC;..\..\Math\EC\Custom\Sec;..\..\Asn1\Bsi;..\..\Asn1\Eac;..\..\Crypto\Signers\SignersEncodings;..\..\Math\EC\Custom\Djb;..\..\Math\EC\Rfc7748;..\..\Math\EC\Rfc8032;..\..\Asn1\Edec;..\..\Asn1\CryptLib"/>
+        <OtherUnitFiles Value="..\..\Asn1;..\..\Asn1\CryptoPro;..\..\Asn1\Nist;..\..\Asn1\Oiw;..\..\Asn1\Pkcs;..\..\Asn1\RossStandart;..\..\Asn1\Sec;..\..\Asn1\TeleTrust;..\..\Asn1\X9;..\..\Crypto;..\..\Crypto\Generators;..\..\Crypto\Parameters;..\..\Crypto\Prng;..\..\Crypto\Signers;..\..\Interfaces;..\..\Math;..\..\Math\EC;..\..\Math\EC\Abc;..\..\Math\EC\Endo;..\..\Math\EC\Multiplier;..\..\Math\Field;..\..\Math\Raw;..\..\Security;..\..\Utils;..\..\Utils\Encoders;..\..\Utils\Randoms;..\..\Utils\Rng;..\..\Crypto\Modes;..\..\Crypto\Paddings;..\..\Crypto\Engines;..\..\Crypto\Parsers;..\..\Crypto\Agreement;..\..\Crypto\Macs;..\..\Asn1\Misc;..\..\Asn1\Iana;..\..\Crypto\Digests;..\..\Asn1\X509;..\..\Crypto\EC;..\..\Math\EC\Custom\Sec;..\..\Asn1\Bsi;..\..\Asn1\Eac;..\..\Crypto\Signers\SignersEncodings;..\..\Math\EC\Custom\Djb;..\..\Math\EC\Rfc7748;..\..\Math\EC\Rfc8032;..\..\Asn1\Edec;..\..\Asn1\CryptLib;..\..\Crypto\Encodings"/>
         <UnitOutputDirectory Value="lib\$(TargetCPU)-$(TargetOS)"/>
       </SearchPaths>
       <CodeGeneration>
@@ -25,7 +25,7 @@
  Acknowledgements: 
 Thanks to Sphere 10 Software (http://www.sphere10.com/) for sponsoring the development of this library "/>
     <Version Major="3" Minor="2"/>
-    <Files Count="360">
+    <Files Count="402">
       <Item1>
         <Filename Value="..\..\Asn1\ClpOidTokenizer.pas"/>
         <UnitName Value="ClpOidTokenizer"/>
@@ -1467,6 +1467,174 @@ Thanks to Sphere 10 Software (http://www.sphere10.com/) for sponsoring the devel
         <Filename Value="..\..\Math\EC\Multiplier\ClpMultipliers.pas"/>
         <UnitName Value="ClpMultipliers"/>
       </Item360>
+      <Item361>
+        <Filename Value="..\..\Interfaces\ClpIPrehash.pas"/>
+        <UnitName Value="ClpIPrehash"/>
+      </Item361>
+      <Item362>
+        <Filename Value="..\..\Interfaces\ClpIPssSigner.pas"/>
+        <UnitName Value="ClpIPssSigner"/>
+      </Item362>
+      <Item363>
+        <Filename Value="..\..\Interfaces\ClpIGenericSigner.pas"/>
+        <UnitName Value="ClpIGenericSigner"/>
+      </Item363>
+      <Item364>
+        <Filename Value="..\..\Interfaces\ClpIAlgorithmIdentifier.pas"/>
+        <UnitName Value="ClpIAlgorithmIdentifier"/>
+      </Item364>
+      <Item365>
+        <Filename Value="..\..\Interfaces\ClpIAsymmetricBlockCipher.pas"/>
+        <UnitName Value="ClpIAsymmetricBlockCipher"/>
+      </Item365>
+      <Item366>
+        <Filename Value="..\..\Interfaces\ClpIBufferedAsymmetricBlockCipher.pas"/>
+        <UnitName Value="ClpIBufferedAsymmetricBlockCipher"/>
+      </Item366>
+      <Item367>
+        <Filename Value="..\..\Interfaces\ClpIDigestInfo.pas"/>
+        <UnitName Value="ClpIDigestInfo"/>
+      </Item367>
+      <Item368>
+        <Filename Value="..\..\Interfaces\ClpIISO9796d1Encoding.pas"/>
+        <UnitName Value="ClpIISO9796d1Encoding"/>
+      </Item368>
+      <Item369>
+        <Filename Value="..\..\Interfaces\ClpIOaepEncoding.pas"/>
+        <UnitName Value="ClpIOaepEncoding"/>
+      </Item369>
+      <Item370>
+        <Filename Value="..\..\Interfaces\ClpIPkcs1Encoding.pas"/>
+        <UnitName Value="ClpIPkcs1Encoding"/>
+      </Item370>
+      <Item371>
+        <Filename Value="..\..\Interfaces\ClpIRsa.pas"/>
+        <UnitName Value="ClpIRsa"/>
+      </Item371>
+      <Item372>
+        <Filename Value="..\..\Interfaces\ClpIRsaBlindedEngine.pas"/>
+        <UnitName Value="ClpIRsaBlindedEngine"/>
+      </Item372>
+      <Item373>
+        <Filename Value="..\..\Interfaces\ClpIRsaBlindingEngine.pas"/>
+        <UnitName Value="ClpIRsaBlindingEngine"/>
+      </Item373>
+      <Item374>
+        <Filename Value="..\..\Interfaces\ClpIRsaBlindingFactorGenerator.pas"/>
+        <UnitName Value="ClpIRsaBlindingFactorGenerator"/>
+      </Item374>
+      <Item375>
+        <Filename Value="..\..\Interfaces\ClpIRsaBlindingParameters.pas"/>
+        <UnitName Value="ClpIRsaBlindingParameters"/>
+      </Item375>
+      <Item376>
+        <Filename Value="..\..\Interfaces\ClpIRsaCoreEngine.pas"/>
+        <UnitName Value="ClpIRsaCoreEngine"/>
+      </Item376>
+      <Item377>
+        <Filename Value="..\..\Interfaces\ClpIRsaDigestSigner.pas"/>
+        <UnitName Value="ClpIRsaDigestSigner"/>
+      </Item377>
+      <Item378>
+        <Filename Value="..\..\Interfaces\ClpIRsaEngine.pas"/>
+        <UnitName Value="ClpIRsaEngine"/>
+      </Item378>
+      <Item379>
+        <Filename Value="..\..\Interfaces\ClpIRsaKeyGenerationParameters.pas"/>
+        <UnitName Value="ClpIRsaKeyGenerationParameters"/>
+      </Item379>
+      <Item380>
+        <Filename Value="..\..\Interfaces\ClpIRsaKeyPairGenerator.pas"/>
+        <UnitName Value="ClpIRsaKeyPairGenerator"/>
+      </Item380>
+      <Item381>
+        <Filename Value="..\..\Interfaces\ClpIRsaKeyParameters.pas"/>
+        <UnitName Value="ClpIRsaKeyParameters"/>
+      </Item381>
+      <Item382>
+        <Filename Value="..\..\Interfaces\ClpIRsaPrivateCrtKeyParameters.pas"/>
+        <UnitName Value="ClpIRsaPrivateCrtKeyParameters"/>
+      </Item382>
+      <Item383>
+        <Filename Value="..\..\Crypto\Parameters\ClpRsaBlindingParameters.pas"/>
+        <UnitName Value="ClpRsaBlindingParameters"/>
+      </Item383>
+      <Item384>
+        <Filename Value="..\..\Crypto\Parameters\ClpRsaKeyGenerationParameters.pas"/>
+        <UnitName Value="ClpRsaKeyGenerationParameters"/>
+      </Item384>
+      <Item385>
+        <Filename Value="..\..\Crypto\Parameters\ClpRsaKeyParameters.pas"/>
+        <UnitName Value="ClpRsaKeyParameters"/>
+      </Item385>
+      <Item386>
+        <Filename Value="..\..\Crypto\Parameters\ClpRsaPrivateCrtKeyParameters.pas"/>
+        <UnitName Value="ClpRsaPrivateCrtKeyParameters"/>
+      </Item386>
+      <Item387>
+        <Filename Value="..\..\Crypto\Encodings\ClpISO9796d1Encoding.pas"/>
+        <UnitName Value="ClpISO9796d1Encoding"/>
+      </Item387>
+      <Item388>
+        <Filename Value="..\..\Crypto\Encodings\ClpOaepEncoding.pas"/>
+        <UnitName Value="ClpOaepEncoding"/>
+      </Item388>
+      <Item389>
+        <Filename Value="..\..\Crypto\Encodings\ClpPkcs1Encoding.pas"/>
+        <UnitName Value="ClpPkcs1Encoding"/>
+      </Item389>
+      <Item390>
+        <Filename Value="..\..\Crypto\Engines\ClpRsaBlindedEngine.pas"/>
+        <UnitName Value="ClpRsaBlindedEngine"/>
+      </Item390>
+      <Item391>
+        <Filename Value="..\..\Crypto\Engines\ClpRsaBlindingEngine.pas"/>
+        <UnitName Value="ClpRsaBlindingEngine"/>
+      </Item391>
+      <Item392>
+        <Filename Value="..\..\Crypto\Engines\ClpRsaCoreEngine.pas"/>
+        <UnitName Value="ClpRsaCoreEngine"/>
+      </Item392>
+      <Item393>
+        <Filename Value="..\..\Crypto\Engines\ClpRsaEngine.pas"/>
+        <UnitName Value="ClpRsaEngine"/>
+      </Item393>
+      <Item394>
+        <Filename Value="..\..\Crypto\Signers\ClpPssSigner.pas"/>
+        <UnitName Value="ClpPssSigner"/>
+      </Item394>
+      <Item395>
+        <Filename Value="..\..\Crypto\Signers\ClpGenericSigner.pas"/>
+        <UnitName Value="ClpGenericSigner"/>
+      </Item395>
+      <Item396>
+        <Filename Value="..\..\Crypto\Signers\ClpRsaDigestSigner.pas"/>
+        <UnitName Value="ClpRsaDigestSigner"/>
+      </Item396>
+      <Item397>
+        <Filename Value="..\..\Crypto\Generators\ClpRsaBlindingFactorGenerator.pas"/>
+        <UnitName Value="ClpRsaBlindingFactorGenerator"/>
+      </Item397>
+      <Item398>
+        <Filename Value="..\..\Crypto\Generators\ClpRsaKeyPairGenerator.pas"/>
+        <UnitName Value="ClpRsaKeyPairGenerator"/>
+      </Item398>
+      <Item399>
+        <Filename Value="..\..\Asn1\X509\ClpAlgorithmIdentifier.pas"/>
+        <UnitName Value="ClpAlgorithmIdentifier"/>
+      </Item399>
+      <Item400>
+        <Filename Value="..\..\Asn1\X509\ClpDigestInfo.pas"/>
+        <UnitName Value="ClpDigestInfo"/>
+      </Item400>
+      <Item401>
+        <Filename Value="..\..\Asn1\X509\ClpX509ObjectIdentifiers.pas"/>
+        <UnitName Value="ClpX509ObjectIdentifiers"/>
+      </Item401>
+      <Item402>
+        <Filename Value="..\..\Crypto\Digests\ClpPrehash.pas"/>
+        <UnitName Value="ClpPrehash"/>
+      </Item402>
     </Files>
     <RequiredPkgs Count="3">
       <Item1>

CryptoLib/src/Packages/FPC/CryptoLib4PascalPackage.pas

@@ -126,7 +126,22 @@ uses
   ClpScalarSplitParameters, ClpIGlvTypeAParameters, ClpIGlvTypeAEndomorphism, 
   ClpIScaleXNegateYPointMap, ClpIScaleYNegateXPointMap, 
   ClpIScalarSplitParameters, ClpECCompUtilities, ClpValidityPreCompInfo, 
-  ClpIValidityPreCompInfo, ClpKMac, ClpIKMac, ClpMultipliers;
+  ClpIValidityPreCompInfo, ClpKMac, ClpIKMac, ClpMultipliers, ClpIPrehash, 
+  ClpIPssSigner, ClpIGenericSigner, ClpIAlgorithmIdentifier, 
+  ClpIAsymmetricBlockCipher, ClpIBufferedAsymmetricBlockCipher, 
+  ClpIDigestInfo, ClpIISO9796d1Encoding, ClpIOaepEncoding, ClpIPkcs1Encoding, 
+  ClpIRsa, ClpIRsaBlindedEngine, ClpIRsaBlindingEngine, 
+  ClpIRsaBlindingFactorGenerator, ClpIRsaBlindingParameters, 
+  ClpIRsaCoreEngine, ClpIRsaDigestSigner, ClpIRsaEngine, 
+  ClpIRsaKeyGenerationParameters, ClpIRsaKeyPairGenerator, 
+  ClpIRsaKeyParameters, ClpIRsaPrivateCrtKeyParameters, 
+  ClpRsaBlindingParameters, ClpRsaKeyGenerationParameters, 
+  ClpRsaKeyParameters, ClpRsaPrivateCrtKeyParameters, ClpISO9796d1Encoding, 
+  ClpOaepEncoding, ClpPkcs1Encoding, ClpRsaBlindedEngine, 
+  ClpRsaBlindingEngine, ClpRsaCoreEngine, ClpRsaEngine, ClpPssSigner, 
+  ClpGenericSigner, ClpRsaDigestSigner, ClpRsaBlindingFactorGenerator, 
+  ClpRsaKeyPairGenerator, ClpAlgorithmIdentifier, ClpDigestInfo, 
+  ClpX509ObjectIdentifiers, ClpPrehash;
 
 implementation
 

CryptoLib/src/Security/ClpSecureRandom.pas

@@ -299,6 +299,7 @@ class function TSecureRandom.CreatePrng(const digestName: String;
 var
   digest: IDigest;
   prng: IDigestRandomGenerator;
+  seedLength: Int32;
 begin
   digest := TDigestUtilities.GetDigest(digestName);
   if (digest = Nil) then
@@ -310,8 +311,9 @@ begin
   prng := TDigestRandomGenerator.Create(digest);
   if (autoSeed) then
   begin
+    seedLength := 2 * digest.GetDigestSize;
     prng.AddSeedMaterial(NextCounterValue());
-    prng.AddSeedMaterial(GetNextBytes(Master, digest.GetDigestSize));
+    prng.AddSeedMaterial(GetNextBytes(Master, seedLength));
   end;
   Result := prng;
 end;

CryptoLib/src/Security/ClpSignerUtilities.pas

@@ -60,6 +60,13 @@ uses
   ClpIECSchnorrSipaSigner,
   ClpRsaDigestSigner,
   ClpIRsaDigestSigner,
+  ClpPssSigner,
+  ClpIPssSigner,
+  ClpGenericSigner,
+  ClpIGenericSigner,
+  ClpRsaBlindedEngine,
+  ClpPkcs1Encoding,
+  ClpIPkcs1Encoding,
   ClpPkcsObjectIdentifiers,
   ClpStringUtils,
   ClpCryptoLibTypes;
@@ -453,6 +460,55 @@ begin
   Falgorithms.Add('SHA-512(256)WITHRSAENCRYPTION', 'SHA-512(256)withRSA');
   Falgorithms.Add(TPkcsObjectIdentifiers.Sha512_256WithRSAEncryption.id, 'SHA-512(256)withRSA');
 
+  // PSS / RSA-OAEP signatures
+  Falgorithms.Add('PSSWITHRSA', 'PSSwithRSA');
+  Falgorithms.Add('RSASSA-PSS', 'PSSwithRSA');
+  Falgorithms.Add('RSAPSS', 'PSSwithRSA');
+  Falgorithms.Add(TPkcsObjectIdentifiers.IdRsassaPss.id, 'PSSwithRSA');
+
+  Falgorithms.Add('SHA1WITHRSAANDMGF1', 'SHA-1withRSAandMGF1');
+  Falgorithms.Add('SHA-1WITHRSAANDMGF1', 'SHA-1withRSAandMGF1');
+  Falgorithms.Add('SHA1WITHRSA/PSS', 'SHA-1withRSAandMGF1');
+  Falgorithms.Add('SHA-1WITHRSA/PSS', 'SHA-1withRSAandMGF1');
+  Falgorithms.Add('SHA1WITHRSASSA-PSS', 'SHA-1withRSAandMGF1');
+  Falgorithms.Add('SHA-1WITHRSASSA-PSS', 'SHA-1withRSAandMGF1');
+
+  Falgorithms.Add('SHA224WITHRSAANDMGF1', 'SHA-224withRSAandMGF1');
+  Falgorithms.Add('SHA-224WITHRSAANDMGF1', 'SHA-224withRSAandMGF1');
+  Falgorithms.Add('SHA224WITHRSA/PSS', 'SHA-224withRSAandMGF1');
+  Falgorithms.Add('SHA-224WITHRSA/PSS', 'SHA-224withRSAandMGF1');
+  Falgorithms.Add('SHA224WITHRSASSA-PSS', 'SHA-224withRSAandMGF1');
+  Falgorithms.Add('SHA-224WITHRSASSA-PSS', 'SHA-224withRSAandMGF1');
+
+  Falgorithms.Add('SHA256WITHRSAANDMGF1', 'SHA-256withRSAandMGF1');
+  Falgorithms.Add('SHA-256WITHRSAANDMGF1', 'SHA-256withRSAandMGF1');
+  Falgorithms.Add('SHA256WITHRSA/PSS', 'SHA-256withRSAandMGF1');
+  Falgorithms.Add('SHA-256WITHRSA/PSS', 'SHA-256withRSAandMGF1');
+  Falgorithms.Add('SHA256WITHRSASSA-PSS', 'SHA-256withRSAandMGF1');
+  Falgorithms.Add('SHA-256WITHRSASSA-PSS', 'SHA-256withRSAandMGF1');
+
+  Falgorithms.Add('SHA384WITHRSAANDMGF1', 'SHA-384withRSAandMGF1');
+  Falgorithms.Add('SHA-384WITHRSAANDMGF1', 'SHA-384withRSAandMGF1');
+  Falgorithms.Add('SHA384WITHRSA/PSS', 'SHA-384withRSAandMGF1');
+  Falgorithms.Add('SHA-384WITHRSA/PSS', 'SHA-384withRSAandMGF1');
+  Falgorithms.Add('SHA384WITHRSASSA-PSS', 'SHA-384withRSAandMGF1');
+  Falgorithms.Add('SHA-384WITHRSASSA-PSS', 'SHA-384withRSAandMGF1');
+
+  Falgorithms.Add('SHA512WITHRSAANDMGF1', 'SHA-512withRSAandMGF1');
+  Falgorithms.Add('SHA-512WITHRSAANDMGF1', 'SHA-512withRSAandMGF1');
+  Falgorithms.Add('SHA512WITHRSA/PSS', 'SHA-512withRSAandMGF1');
+  Falgorithms.Add('SHA-512WITHRSA/PSS', 'SHA-512withRSAandMGF1');
+  Falgorithms.Add('SHA512WITHRSASSA-PSS', 'SHA-512withRSAandMGF1');
+  Falgorithms.Add('SHA-512WITHRSASSA-PSS', 'SHA-512withRSAandMGF1');
+
+  // Raw RSA (NONEWITHRSA) and raw PSS
+  Falgorithms.Add('NONEWITHRSA', 'RSA');
+  Falgorithms.Add('RSAWITHNONE', 'RSA');
+  Falgorithms.Add('RAWRSA', 'RSA');
+
+  Falgorithms.Add('RAWRSAPSS', 'RAWRSASSA-PSS');
+  Falgorithms.Add('NONEWITHRSAPSS', 'RAWRSASSA-PSS');
+  Falgorithms.Add('NONEWITHRSASSA-PSS', 'RAWRSASSA-PSS');
 
   // ECSCHNORR SIPA
 
@@ -709,6 +765,23 @@ begin
     Exit;
   end;
 
+  if TStringUtils.EndsWith(mechanism, 'withRSAandMGF1', True) then
+  begin
+    DigestName := System.Copy(mechanism, 1, TStringUtils.LastIndexOf(mechanism,
+      'with', True));
+    DigestInstance := TDigestUtilities.GetDigest(DigestName);
+    Result := TPssSigner.Create(TRsaBlindedEngine.Create(), DigestInstance);
+    Exit;
+  end;
+
+  // TODO: PSSwithRSA - The Sha1Digest here is a default.
+  // if (mechanism = 'PSSwithRSA') then
+  // begin
+  //   Result := TPssSigner.Create(TRsaBlindedEngine.Create(),
+  //     TDigestUtilities.GetDigest('SHA-1'));
+  //   Exit;
+  // end;
+
   if TStringUtils.EndsWith(mechanism, 'withRSA', True) then
   begin
     DigestName := System.Copy(mechanism, 1, TStringUtils.LastIndexOf(mechanism,
@@ -719,6 +792,22 @@ begin
     Exit;
   end;
 
+  if (mechanism = 'RSA') then
+  begin
+    Result := TGenericSigner.Create(
+      TPkcs1Encoding.Create(TRsaBlindedEngine.Create()),
+      TDigestUtilities.GetDigest('NONE'));
+    Exit;
+  end;
+
+  // TODO: RAWRSASSA-PSS - Add support for other parameter settings
+  // if (mechanism = 'RAWRSASSA-PSS') then
+  // begin
+  //   Result := TPssSigner.CreateRawSigner(TRsaBlindedEngine.Create(),
+  //     TDigestUtilities.GetDigest('SHA-1'));
+  //   Exit;
+  // end;
+
   raise ESecurityUtilityCryptoLibException.CreateResFmt(@SUnRecognizedAlgorithm,
     [algorithm]);
 

CryptoLib/src/Utils/ClpBigIntegers.pas

@@ -151,6 +151,7 @@ class function TBigIntegers.AsUnsignedByteArray(length: Int32;
 var
   bytes: TCryptoLibByteArray;
 begin
+  Result := nil;
   bytes := n.ToByteArrayUnsigned();
 
   if (System.length(bytes) > length) then