Add support for SHA-224 for PKCS1 signatures

[joostrijneveld]

Since version 2.2, PKCS1 also includes SHA-224. Since it's available in hashlib, adding support was straight-forward. I've omitted SHA-512/224 and SHA-512/256 for now, since the fact that they're not in hashlib would make it a bit clunky.

[coveralls]

Coverage remained the same at 91.848% when pulling 3f0dc88 on joostrijneveld:pkcs1-sha224 into 8affa13 on sybrenstuvel:master.

[coveralls]

Coverage remained the same at 91.848% when pulling 47ca8ab on joostrijneveld:pkcs1-sha224 into 8affa13 on sybrenstuvel:master.

[joostrijneveld]

In doc/usage.rst, you mention key size recommendations. What is the source or reason behind these recommendations? I'm unsure how to make a similar recommendation for SHA-224.

[coveralls]

Coverage remained the same at 92.414% when pulling 0d83823 on joostrijneveld:pkcs1-sha224 into fa9b787 on sybrenstuvel:master.

[sybrenstuvel]

That is a very good question... You can see that I wrote that before I got my Ph.D., nowadays I would certainly have added a reference ;-)

Looking at that list now, I agree with you that it's hard to make a good recommendation. Searching for "SHA-512 752" shows the Python-RSA documentation as top hit, which means that this is not a widely used recommendation. Let's just drop it, and suggest people to use modern recommendations for the key size from, for example, NIST Special Publication 800-131A. At this time they simply recommend RSA keys of at least 2048 bits.

[joostrijneveld]

That sounds very reasonable. I've submitted a different pull request that removes the whole key size discussion.

[sybrenstuvel]

Merged in 173be1f, with some additional work in da7145a and 83e273b.

Please include unit testing and updating documentation (like the changelog) in your future pull requests.