From d5e76205339d5f5991bba6690e6429ecbc2102ea Mon Sep 17 00:00:00 2001
From: Dominik Roos <domi.roos@gmail.com>
Date: Sun, 31 Oct 2021 00:39:04 +0200
Subject: [PATCH] Use appropriate digest algorithm during signature creation

Pass the public key instead of the marshalled public key to
`digestAlgorithmForPublicKey` in `SignedData.AddSignerInfo`.

Previously, the marshalled public key was passed instead of the actual
public key. The result is that always SHA256 was being selected, even
for ECDSA where the hash algorithm should be selected based on the curve.
---
 ietf-cms/protocol/protocol.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ietf-cms/protocol/protocol.go b/ietf-cms/protocol/protocol.go
index 127ff51..ed66642 100644
--- a/ietf-cms/protocol/protocol.go
+++ b/ietf-cms/protocol/protocol.go
@@ -659,7 +659,7 @@ func (sd *SignedData) AddSignerInfo(chain []*x509.Certificate, signer crypto.Sig
 		return err
 	}
 
-	digestAlgorithmID := digestAlgorithmForPublicKey(pub)
+	digestAlgorithmID := digestAlgorithmForPublicKey(signer.Public())
 
 	signatureAlgorithmOID, ok := oid.X509PublicKeyAndDigestAlgorithmToSignatureAlgorithm[cert.PublicKeyAlgorithm][digestAlgorithmID.Algorithm.String()]
 	if !ok {