Ensure that RSA signatures have the correct length

third_party/tlslite/patches/rsa_signature_length.patch

Index: third_party/tlslite/patches/rsa_signature_length.patch
diff --git a/third_party/tlslite/patches/rsa_signature_length.patch b/third_party/tlslite/patches/rsa_signature_length.patch
new file mode 100644
index 0000000000000000000000000000000000000000..5f936a5aab6da933478003e7d3982f3e5bc5b831
--- /dev/null
+++ b/third_party/tlslite/patches/rsa_signature_length.patch
@@ -0,0 +1,29 @@
+diff --git a/third_party/tlslite/tlslite/utils/RSAKey.py b/third_party/tlslite/tlslite/utils/RSAKey.py
+index 37c292d..1b91742 100644
+--- a/third_party/tlslite/tlslite/utils/RSAKey.py
++++ b/third_party/tlslite/tlslite/utils/RSAKey.py
+@@ -117,7 +117,7 @@ class RSAKey:
+         if m >= self.n:
+             raise ValueError()
+         c = self._rawPrivateKeyOp(m)
+-        sigBytes = numberToBytes(c)
++        sigBytes = numberToBytes(c, numBytes(self.n))
+         return sigBytes
+ 
+     def verify(self, sigBytes, bytes):
+diff --git a/third_party/tlslite/tlslite/utils/cryptomath.py b/third_party/tlslite/tlslite/utils/cryptomath.py
+index 385095d..86da25e 100644
+--- a/third_party/tlslite/tlslite/utils/cryptomath.py
++++ b/third_party/tlslite/tlslite/utils/cryptomath.py
+@@ -129,8 +129,9 @@ def bytesToNumber(bytes):
+         multiplier *= 256
+     return total
+ 
+-def numberToBytes(n):
+-    howManyBytes = numBytes(n)
++def numberToBytes(n, howManyBytes=None):
++    if howManyBytes == None:
++      howManyBytes = numBytes(n)
+     bytes = createByteArrayZeros(howManyBytes)
+     for count in range(howManyBytes-1, -1, -1):
+         bytes[count] = int(n % 256)