crypto/x509: can't verify signature on RSA-PSS certificate requests it created

### What version of Go are you using (`go version`)?

<pre>
 $ $GODIR/bin/go version
go version devel go1.17-1108cbe60b Thu May 6 02:21:55 2021 +0000 linux/amd64
</pre>
(Freshly compiled from master)

### Does this issue reproduce with the latest release?
Yes


### What operating system and processor architecture are you using (`go env`)?

<details><summary><code>go env</code> Output</summary><br><pre>
 $ $GODIR/bin/go env |sed "s,$HOME,\$HOME,"
GO111MODULE=""
GOARCH="amd64"
GOBIN=""
GOCACHE="$HOME/.cache/go-build"
GOENV="$HOME/.config/go/env"
GOEXE=""
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GOINSECURE=""
GOMODCACHE="$HOME/go/pkg/mod"
GONOPROXY=""
GONOSUMDB=""
GOOS="linux"
GOPATH="$HOME/go"
GOPRIVATE=""
GOPROXY="https://proxy.golang.org,direct"
GOROOT="$HOME/Documents/projets/misc/bug_go_pss/go"
GOSUMDB="sum.golang.org"
GOTMPDIR=""
GOTOOLDIR="$HOME/Documents/projets/misc/bug_go_pss/go/pkg/tool/linux_amd64"
GOVCS=""
GOVERSION="devel go1.17-1108cbe60b Thu May 6 02:21:55 2021 +0000"
GCCGO="gccgo"
AR="ar"
CC="gcc"
CXX="g++"
CGO_ENABLED="1"
GOMOD="$HOME/Documents/projets/misc/bug_go_pss/go/src/go.mod"
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -m64 -pthread -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build3149370505=/tmp/go-build -gno-record-gcc-switches"
</pre></details>

### What did you do?
I created a RSA-PSS CertificateRequest and tried to check its signature.

Here is a simple test program : https://play.golang.org/p/TGNgUYvNH5o

It can also be reproduced with the tests from `crypto/x509/x509_test.go` :
```patch
From 6d9c39291cf2d3b6de10b0889d7d1baa72c81d93 Mon Sep 17 00:00:00 2001
From: Yoann Congal <yoann.congal@smile.fr>
Date: Thu, 6 May 2021 11:39:29 +0200
Subject: [PATCH] crypto/x509: add test for RSA-PSS CertificateRequest

---
 src/crypto/x509/x509_test.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/crypto/x509/x509_test.go b/src/crypto/x509/x509_test.go
index 51dda16815..5314a99cf7 100644
--- a/src/crypto/x509/x509_test.go
+++ b/src/crypto/x509/x509_test.go
@@ -1390,6 +1390,7 @@ func TestCreateCertificateRequest(t *testing.T) {
 		sigAlgo SignatureAlgorithm
 	}{
 		{"RSA", testPrivateKey, SHA1WithRSA},
+		{"RSA-256-PSS", testPrivateKey, SHA256WithRSAPSS},
 		{"ECDSA-256", ecdsa256Priv, ECDSAWithSHA1},
 		{"ECDSA-384", ecdsa384Priv, ECDSAWithSHA1},
 		{"ECDSA-521", ecdsa521Priv, ECDSAWithSHA1},
-- 
2.20.1
```

### What did you expect to see?
Program should display "OK" and the test should be OK.

### What did you see instead?
Program panicked and test failed : csr.CheckSignature() returned an error instead of `nil` which would mean a verified signature.


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

crypto/x509: can't verify signature on RSA-PSS certificate requests it created #45990

What version of Go are you using (`go version`)?

Does this issue reproduce with the latest release?

What operating system and processor architecture are you using (`go env`)?

What did you do?

What did you expect to see?

What did you see instead?

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

crypto/x509: can't verify signature on RSA-PSS certificate requests it created #45990

Description

What version of Go are you using (go version)?

Does this issue reproduce with the latest release?

What operating system and processor architecture are you using (go env)?

What did you do?

What did you expect to see?

What did you see instead?

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions

What version of Go are you using (`go version`)?

What operating system and processor architecture are you using (`go env`)?