Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

crypto/rsa: pss with zero salt length for backward compatiblity with openssl #45684

Open
karanjmu92 opened this issue Apr 22, 2021 · 1 comment
Open

Comments

@karanjmu92
Copy link

@karanjmu92 karanjmu92 commented Apr 22, 2021

What version of Go are you using (go version)?

$ go version
go version go1.13.5 linux/amd64

Does this issue reproduce with the latest release?

yes.

What did you do?

I have an application which is doing rsa pss sign using openssl and it is allowing zero salt length. Go crypto handles zero length in a different way, it maximizes the salt length.
I am migrating it to go crypto and there might be users who are using zero salt length in openssl and it may break for them.

What did you expect to see?

I expected it to work in same way as openssl because it may break some users.

What did you see instead?

I see that go crypto does not allow zero salt length, it maximizes the salt length when zero is passed for salt length.

@cherrymui cherrymui changed the title crypto/rsa pss with zero salt length for backward compatiblity with openssl crypto/rsa: pss with zero salt length for backward compatiblity with openssl Apr 26, 2021
@cherrymui cherrymui added this to the Backlog milestone Apr 26, 2021
@cherrymui
Copy link
Contributor

@cherrymui cherrymui commented Apr 26, 2021

cc @FiloSottile

This may be working as intended.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
2 participants