lints: enforce Mozilla PKI policy RSASSA-PSS encoding requirements

[mtgag]

Implementation of #356

[cpu]

@mtgag If you wouldn't mind could you resolve the conflicts on this branch? I'll start reviewing it afterwards. Thanks!

[cpu]

Thanks @mtgag. Here's some initial feedback.

[cpu]

Thanks for the iteration @mtgag! I'll be travelling over the next few days but will endeavour to give the code & your replies my attention next week.

[cpu]

Thanks @mtgag, I appreciate your patience through the review process.

[sleevi]

These look good to me, so I'm not doing "Request Changes", but there's one possible easy improvement and one possibly quite difficult (and thus better not in this change, but worth noting).

[sleevi]

Suggestion: These variations all only exercise a single mis-encoding (empty hash parameters). Would it be useful to include explicit hash parameters that are more esoteric, such as a different mask length?

I'm not sure if I'm underestimating the difficulty, so I thought I'd check here.

[mtgag]

Added a test case for irregular (maybe invalid or unsupported is a better name for this?) salt length. Other test cases (e.g. irregular trailerField) are indeed more work to implement also because the crypto libraries do not support it out-of-the-box.

[cpu]

@mtgag Thanks for adding another test case. I think the coverage in-branch is sufficient to see the lint merged. It would be nice to have more malformed test cases but it sounds like the difficulty would mean holding up the PR longer and I'd prefer to see it merged and iterated on as time allows.

Since @sleevi gave this branch a +1 without requesting the test case change as blocking feedback I'm going to go ahead and merge. @mtgag If you think you'd be up to adding the more difficult test cases would you mind filing an issue to act as a marker/discussion point?

Thanks all!