certificates

History

Mariano Cano 6d644880bd Allow to kms signers to define the SignatureAlgorithm CloudKMS keys signs data using an specific signature algorithm, in RSA keys, this can be PKCS#1 RSA or RSA-PSS, if the later is used, x509.CreateCertificate will fail unless the template SignatureCertificate is properly set. On contrast, AWSKMS RSA keys, are just RSA keys, and can sign with PKCS#1 or RSA-PSS schemes, so right now the way to enforce one or the other is to used templates.	2021-09-08 17:48:50 -07:00
..
softcas.go	Allow to kms signers to define the SignatureAlgorithm	2021-09-08 17:48:50 -07:00
softcas_test.go	Allow to kms signers to define the SignatureAlgorithm	2021-09-08 17:48:50 -07:00

Mariano Cano 6d644880bd Allow to kms signers to define the SignatureAlgorithm

CloudKMS keys signs data using an specific signature algorithm, in RSA keys,
this can be PKCS#1 RSA or RSA-PSS, if the later is used, x509.CreateCertificate
will fail unless the template SignatureCertificate is properly set.

On contrast, AWSKMS RSA keys, are just RSA keys, and can sign with PKCS#1 or
RSA-PSS schemes, so right now the way to enforce one or the other is to used
templates.

2021-09-08 17:48:50 -07:00

softcas.go

Allow to kms signers to define the SignatureAlgorithm

2021-09-08 17:48:50 -07:00

softcas_test.go

Allow to kms signers to define the SignatureAlgorithm

2021-09-08 17:48:50 -07:00