boringssl

kris/boringssl

Fork 0

Commit Graph

Author	SHA1	Message	Date
Steven Valdez	eff1e8d9c7	Adding RSA-PSS signature algorithms. [Rebased and tests added by davidben.] In doing so, regenerate the test RSA certificate to be 2048-bit RSA. RSA-PSS with SHA-512 is actually too large for 1024-bit RSA. Also make the sigalg test loop test versions that do and don't work which subsumes the ecdsa_sha1 TLS 1.3 test. For now, RSA-PKCS1 is still allowed because NSS has yet to implement RSA-PSS and we'd like to avoid complicated interop testing. Change-Id: I686b003ef7042ff757bdaab8d5838b7a4d6edd87 Reviewed-on: https://boringssl-review.googlesource.com/8613 Reviewed-by: David Benjamin <davidben@google.com>	2016-07-12 19:10:51 +00:00
Adam Langley	95c29f3cd1	Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)	2014-06-20 13:17:32 -07:00

Author

SHA1

Message

Date

Steven Valdez

eff1e8d9c7

Adding RSA-PSS signature algorithms.

[Rebased and tests added by davidben.]

In doing so, regenerate the test RSA certificate to be 2048-bit RSA.
RSA-PSS with SHA-512 is actually too large for 1024-bit RSA. Also make
the sigalg test loop test versions that do and don't work which subsumes
the ecdsa_sha1 TLS 1.3 test.

For now, RSA-PKCS1 is still allowed because NSS has yet to implement
RSA-PSS and we'd like to avoid complicated interop testing.

Change-Id: I686b003ef7042ff757bdaab8d5838b7a4d6edd87
Reviewed-on: https://boringssl-review.googlesource.com/8613
Reviewed-by: David Benjamin <davidben@google.com>

2016-07-12 19:10:51 +00:00

Adam Langley

95c29f3cd1

Inital import.

Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta).

(This change contains substantial changes from the original and
effectively starts a new history.)

2014-06-20 13:17:32 -07:00

2 Commits