rsa digital sign: set pss option salt length equal to digest size

rsax/sign.go

@@ -23,7 +23,8 @@ func signWithPSS(privateKey *rsa.PrivateKey,
 
 	msgHashSum := d.Sum(nil)
 
-	signature, err := rsa.SignPSS(rand.Reader, privateKey, h, msgHashSum, nil)
+	signature, err := rsa.SignPSS(rand.Reader,
+		privateKey, h, msgHashSum, &rsa.PSSOptions{SaltLength: rsa.PSSSaltLengthEqualsHash})
 	if err != nil {
 		return nil, err
 	}
@@ -41,7 +42,8 @@ func signWithPSSIO(privateKey *rsa.PrivateKey,
 
 	msgHashSum := d.Sum(nil)
 
-	signature, err := rsa.SignPSS(rand.Reader, privateKey, h, msgHashSum, nil)
+	signature, err := rsa.SignPSS(rand.Reader,
+		privateKey, h, msgHashSum, &rsa.PSSOptions{SaltLength: rsa.PSSSaltLengthEqualsHash})
 	if err != nil {
 		return nil, err
 	}

rsax/verify_sign.go

@@ -22,7 +22,8 @@ func verifySignatureWithPSS(publicKey *rsa.PublicKey,
 
 	msgHashSum := d.Sum(nil)
 
-	return rsa.VerifyPSS(publicKey, h, msgHashSum, signature, nil)
+	return rsa.VerifyPSS(publicKey, h,
+		msgHashSum, signature, &rsa.PSSOptions{SaltLength: rsa.PSSSaltLengthEqualsHash})
 }
 
 func verifySignatureWithPSSIO(publicKey *rsa.PublicKey,
@@ -35,7 +36,8 @@ func verifySignatureWithPSSIO(publicKey *rsa.PublicKey,
 
 	msgHashSum := d.Sum(nil)
 
-	return rsa.VerifyPSS(publicKey, h, msgHashSum, signature, nil)
+	return rsa.VerifyPSS(publicKey, h,
+		msgHashSum, signature, &rsa.PSSOptions{SaltLength: rsa.PSSSaltLengthEqualsHash})
 }
 
 // VerifySignatureWithPSSMd5 will verify signature data with RSA PSS and MD5