Get required size of signature before signing.

[NIIBE Yutaka]

Hello,

Stef Bon <stefbon at gmail.com> wrote:
> The size of the signature with RSA is equal to the size of n?

Not really.  It depends.  Speaking about RSA, in general, it depends on
encoding/padding scheme used, and the representation of integer.

Particularly, we need to care about the case: In BER encoding for ASN.1
integers, leading zero octets are omitted to ensure that the integer is
represented in its minimal form.  In this case, the exact size of the
signature depends on not only the key, but also the message.

			*	*	*

If we care about memory allocation in some resource tight system and
want to know the possible size of maximum memory consumption in fine
grain manner, not runtime but design time, I can't recommend using
libgcrypt (or an implementation using malloc/free API internally, even
if it can be hooked/replaceable).  We need something like lower-level
memory allocation conscious/friendly library written in such a language.

PS: It seems for me that your questions are relevant to this list since
it's not about libgcrypt but crypto basics.  I won't have time to answer
in future, possibly.  Others would be able to answer, though.
--