say-yawn
commented
1 month ago Decided to merge this without tests because the ContentSignature is only used for integration testing.
Closed say-yawn closed 1 month ago
say-yawn
commented
1 month ago Decided to merge this without tests because the ContentSignature is only used for integration testing.
As part of initializing the contentsignature signer we call conf.GetRand(). This will be either a rand.Reader or crypto11.PKCSRandReader depending on whether or not an HSM is available. However, the SignHash method ends up just using rand.Reader directly, and s.rand goes unused altogether.
Make sure
SignHashuses the same rand as the initializedContentSignerby usings.rand.Fix AUT-251