You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Does this issue reproduce with the latest release?
Yes.
What operating system and processor architecture are you using (go env)?
go env Output
$ go env
What did you do?
When calling rsa.SignPSS, you can provide a salt length in PSSOptions. When providing a negative salt length of -2 or less, a panic occurs when constructing the array. Note that -1 does not panic since it is handled in the case statement.
What version of Go are you using (
go version
)?Go 1.19
Does this issue reproduce with the latest release?
Yes.
What operating system and processor architecture are you using (
go env
)?go env
OutputWhat did you do?
When calling rsa.SignPSS, you can provide a salt length in PSSOptions. When providing a negative salt length of -2 or less, a panic occurs when constructing the array. Note that -1 does not panic since it is handled in the case statement.
Proof: https://go.dev/play/p/uSgZHLJvoJJ
Line: https://go.dev/src/crypto/rsa/pss.go#L302
What did you expect to see?
A negative salt length handled gracefully, returning an error.
What did you see instead?
The text was updated successfully, but these errors were encountered: