1733d2a3d6
* Add support for PKCSv1_5_NoOID signatures This assumes a pre-hashed input has been provided to Vault, but we do not write the hash's OID into the signature stream. This allows us to generate the alternative PKCSv1_5_NoOID signature type rather than the existing PKCSv1_5_DERnull signature type we presently use. These are specified in RFC 3447 Section 9.2. Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Add changelog Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Exclude new none type from PSS based tests Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Add tests for PKCS#1v1.5 signatures Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
4 lines
95 B
Plaintext
4 lines
95 B
Plaintext
```release-note:improvement
|
|
secrets/transit: Add support for PKCSv1_5_NoOID RSA signatures
|
|
```
|