open-vault/sdk/helper/keysutil
Alexander Scheel 1733d2a3d6
Add support for PKCSv1_5_NoOID signatures (#17636)
* Add support for PKCSv1_5_NoOID signatures

This assumes a pre-hashed input has been provided to Vault, but we do
not write the hash's OID into the signature stream. This allows us to
generate the alternative PKCSv1_5_NoOID signature type rather than the
existing PKCSv1_5_DERnull signature type we presently use.

These are specified in RFC 3447 Section 9.2.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add changelog

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Exclude new none type from PSS based tests

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add tests for PKCS#1v1.5 signatures

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-10-27 08:26:20 -04:00
..
cache.go
consts.go Add support for PKCSv1_5_NoOID signatures (#17636) 2022-10-27 08:26:20 -04:00
encrypted_key_storage.go
encrypted_key_storage_test.go
lock_manager.go
policy.go
policy_test.go Add support for PKCSv1_5_NoOID signatures (#17636) 2022-10-27 08:26:20 -04:00
transit_lru.go
transit_syncmap.go
util.go