e28552dec8
Chrome uses the platform certificate verifier and thus cannot reliably expect PSS signatures to work in all configurations. Add an API for the consumer to inform BoringSSL of this ability. We will then adjust our advertisements accordingly. Note that, because TLS 1.2 does not have the signature_algorithms_cert extension, turning off TLS 1.3 and using this API will stop advertising RSA-PSS. I believe this is the correct behavior given the semantics of that code point. The tests check the various combinations here, as well as checking that the peer never sends signature_algorithms_cert identical to signature_algorithms. Bug: 229 Change-Id: I8c33a93efdc9252097e3899425b49548fc42a93a Reviewed-on: https://boringssl-review.googlesource.com/27488 Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Reviewed-by: Steven Valdez <svaldez@google.com> |
||
|---|---|---|
| .. | ||
| curve25519 | ||
| ed25519 | ||
| poly1305 | ||
| alert.go | ||
| cert.pem | ||
| chacha20_poly1305_test.go | ||
| chacha20_poly1305.go | ||
| channel_id_key.pem | ||
| cipher_suites.go | ||
| common.go | ||
| conn.go | ||
| deterministic.go | ||
| dtls.go | ||
| ecdsa_p224_cert.pem | ||
| ecdsa_p224_key.pem | ||
| ecdsa_p256_cert.pem | ||
| ecdsa_p256_key.pem | ||
| ecdsa_p384_cert.pem | ||
| ecdsa_p384_key.pem | ||
| ecdsa_p521_cert.pem | ||
| ecdsa_p521_key.pem | ||
| ed25519_cert.pem | ||
| ed25519_key.pem | ||
| fuzzer_mode.json | ||
| handshake_client.go | ||
| handshake_messages.go | ||
| handshake_server.go | ||
| hkdf_test.go | ||
| hkdf.go | ||
| key_agreement.go | ||
| key.pem | ||
| packet_adapter.go | ||
| prf.go | ||
| recordingconn.go | ||
| rsa_1024_cert.pem | ||
| rsa_1024_key.pem | ||
| rsa_chain_cert.pem | ||
| rsa_chain_key.pem | ||
| runner_test.go | ||
| runner.go | ||
| shim_ticket.go | ||
| sign.go | ||
| test_output.go | ||
| ticket.go | ||
| tls.go | ||