open-vault/sdk/helper/keysutil
Alexander Scheel 1733d2a3d6
Add support for PKCSv1_5_NoOID signatures (#17636)
* Add support for PKCSv1_5_NoOID signatures

This assumes a pre-hashed input has been provided to Vault, but we do
not write the hash's OID into the signature stream. This allows us to
generate the alternative PKCSv1_5_NoOID signature type rather than the
existing PKCSv1_5_DERnull signature type we presently use.

These are specified in RFC 3447 Section 9.2.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add changelog

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Exclude new none type from PSS based tests

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add tests for PKCS#1v1.5 signatures

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-10-27 08:26:20 -04:00
..
cache.go transit cache is an Interface implemented by wrapped versions of sync… (#6225) 2019-06-04 15:40:56 -07:00
consts.go Add support for PKCSv1_5_NoOID signatures (#17636) 2022-10-27 08:26:20 -04:00
encrypted_key_storage.go
encrypted_key_storage_test.go Migrate to sdk/internalshared libs in go-secure-stdlib (#12090) 2021-07-15 20:17:31 -04:00
lock_manager.go Add support for a dedicated HMAC type in Transit. (#16668) 2022-09-06 10:17:58 -05:00
policy.go Add AD mode to Transit's AEAD ciphers (#17638) 2022-10-24 13:41:02 -04:00
policy_test.go Add support for PKCSv1_5_NoOID signatures (#17636) 2022-10-27 08:26:20 -04:00
transit_lru.go transit cache is an Interface implemented by wrapped versions of sync… (#6225) 2019-06-04 15:40:56 -07:00
transit_syncmap.go transit cache is an Interface implemented by wrapped versions of sync… (#6225) 2019-06-04 15:40:56 -07:00
util.go Add parsing for NSS-wrapped Ed25519 keys (#15742) 2022-06-06 18:09:21 -04:00