I've been using the cryptography library to create a self-signed X.509 certificate, and had difficulty verifying the signature until I discovered that sha256WithRSAEncryption also implies PKCS 1.5, rather than PSS. I didn't expect this, as the docs recommend PSS everywhere, so I thought it would naturally be selected by default.
Now I understand that I can verify the signature, but I cannot *choose* the signing algorithm: CertificateBuilder.sign() only allows specification of the *hashing* algorithm. Is the algorithm a choice made by the underlying backend? I'm guessing not, but is there a way to choose the signing algorithm to be used? Otherwise, when I'm verifying the signature, how do I determine the padding strategy: do I have to embed a lookup table storing the padding name for a given signing algorithm OID/name? TIA -- rob
_______________________________________________ Cryptography-dev mailing list Cryptography-dev@python.org https://mail.python.org/mailman/listinfo/cryptography-dev
