6d644880bd
CloudKMS keys signs data using an specific signature algorithm, in RSA keys, this can be PKCS#1 RSA or RSA-PSS, if the later is used, x509.CreateCertificate will fail unless the template SignatureCertificate is properly set. On contrast, AWSKMS RSA keys, are just RSA keys, and can sign with PKCS#1 or RSA-PSS schemes, so right now the way to enforce one or the other is to used templates. |
||
---|---|---|
.. | ||
testdata | ||
cloudkms.go | ||
cloudkms_test.go | ||
mock_test.go | ||
signer.go | ||
signer_test.go |