smimesign icon indicating copy to clipboard operation
smimesign copied to clipboard
verified publisher icon github

Signer ignores PSS

Open avivklas opened this issue 5 years ago • 3 comments

On both windows and darwin, using the Signer of an Identity object as a private key of a TLS certificate doesn't work against a server that requires TLS v1.3. In this case, a GO TLS server, for example, returns an "error decrypting message" error due to missing 0xbc at the end of the signature during the handshake. The reason for this is not using the padding scheme when signing the digest.

avivklas avatar Sep 01 '20 12:09 avivklas

I already have a working fix and I'm about to issue a PR soon

avivklas avatar Sep 01 '20 12:09 avivklas

link github/certstore#20, I fixed PSS when remove cgo as well

tg123 avatar Nov 15 '20 15:11 tg123