Hi,
This started exactly a year ago, so let's get over with it :)
By any chance is this an older version rebased to master? Saying this
because
most of the comments below are also in my previous remarks and were agreed
to
in your response...
See https://patchwork.openvpn.net/patch/587/#1157 and
For TLS 1.0 to 1.2 and OpenSSL 1.1.0 calls us and requires a PKCS1
padded response. As TLS 1.3 mandates RSA-PSS padding support and also
requires an TLS 1.3 implementation to support RSA-PSS for older TLS
version, OpenSSL will query us to sign an already RSA-PSS padded
string.
This patch adds an '