3.1.4.1.4 Signed Hash Calculation
The signed hash is used to provide integrity checking by the receiver.
The sender MUST perform the following steps to calculate the hash:
Compute an MD5 hash of cleartext data.
Use the sender's signature private key (the server will use the server's signature private key, and the client will use the client's signature private key) to sign the MD5 hash, as specified in [RFC8017].
The size of the signed hash will match the number of bits in the signature key. The 512-bit RSA signature keys will be used for signing, so the signed hash will always be 0x40 bytes long.