([]byte, error) { fipsSelfTest() fips140.RecordApproved() checkApprovedHash(hash) // Note that while we don't commit to deterministic execution with respect // to the rand stream, we also don't apply MaybeReadByte, so per Hyrum's Law // it's probably relied upon by some. It's a tolerable promise because a // well-specified number of random bytes is included in the signature, in a // well-specified way. if saltLength < 0 { return nil, errors.New("crypto/rsa: salt length cannot be negative") } // FIPS...

([]byte, error) { fipsSelfTest() fips140.RecordApproved() checkApprovedHash(hash) // Note that while we don't commit to deterministic execution with respect // to the rand stream, we also never applied MaybeReadByte, so per Hyrum's // Law it's probably relied upon by some. It's a tolerable promise because a // well-specified number of random bytes is included in the signature, in a // well-specified way. if saltLength < 0 { return nil, errors.New("crypto/rsa: salt length cannot be negative") } // FIPS...