kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
eff1e8d9c7
boringssl/ssl
History
Steven Valdez eff1e8d9c7 Adding RSA-PSS signature algorithms. 
[Rebased and tests added by davidben.]

In doing so, regenerate the test RSA certificate to be 2048-bit RSA.
RSA-PSS with SHA-512 is actually too large for 1024-bit RSA. Also make
the sigalg test loop test versions that do and don't work which subsumes
the ecdsa_sha1 TLS 1.3 test.

For now, RSA-PKCS1 is still allowed because NSS has yet to implement
RSA-PSS and we'd like to avoid complicated interop testing.

Change-Id: I686b003ef7042ff757bdaab8d5838b7a4d6edd87
Reviewed-on: https://boringssl-review.googlesource.com/8613
Reviewed-by: David Benjamin <davidben@google.com>
2016-07-12 19:10:51 +00:00
..
test Adding RSA-PSS signature algorithms. 2016-07-12 19:10:51 +00:00
CMakeLists.txt Rename (s3,d1)_meth.c. 2016-07-11 17:22:35 +00:00
custom_extensions.c Align the SSL stack on #include style. 2015-09-15 23:32:07 +00:00
d1_both.c Simplify ssl_get_message somewhat. 2016-07-11 23:01:32 +00:00
d1_lib.c Stop using the word 'buffer' everywhere. 2016-06-27 22:15:22 +00:00
d1_pkt.c Stop using the word 'buffer' everywhere. 2016-06-27 22:15:22 +00:00
d1_srtp.c Make kSRTPProfiles static. 2016-05-13 14:12:22 +00:00
dtls_method.c Don't use init_buf in DTLS. 2016-07-11 23:01:11 +00:00
dtls_record.c Fix the alias checks in dtls_record.c. 2016-06-09 21:11:22 +00:00
handshake_client.c Move the key type check from tls12_check_peer_sigalg to ssl_verify_*. 2016-07-12 18:25:05 +00:00
handshake_server.c Move the key type check from tls12_check_peer_sigalg to ssl_verify_*. 2016-07-12 18:25:05 +00:00
internal.h Enforce ECDSA curve matching in TLS 1.3. 2016-07-12 18:40:08 +00:00
s3_both.c Simplify ssl_get_message somewhat. 2016-07-11 23:01:32 +00:00
s3_enc.c Don't call tls12_get_hash in the server handshake. 2016-07-12 16:30:10 +00:00
s3_lib.c Disconnect handshake message creation from init_buf. 2016-06-27 22:15:01 +00:00
s3_pkt.c Forbid renegotiation in TLS 1.3. 2016-07-11 18:26:27 +00:00
ssl_aead_ctx.c Fixing iv_length for TLS 1.3. 2016-06-16 17:04:14 +00:00
ssl_asn1.c Disconnect handshake message creation from init_buf. 2016-06-27 22:15:01 +00:00
ssl_buffer.c Remove in-place TLS record assembly for now. 2016-06-09 19:47:44 +00:00
ssl_cert.c Change |EVP_PKEY_up_ref| to return int. 2016-07-12 17:55:41 +00:00
ssl_cipher.c Add TLS 1.3 record layer to go implementation. 2016-06-21 21:43:40 +00:00
ssl_ecdh.c Add SSL_get_curve_id and SSL_get_dhe_group_size. 2016-06-30 23:20:34 +00:00
ssl_file.c Banish SSL_add_dir_cert_subjects_to_stack and OPENSSL_DIR_CTX to decrepit. 2016-04-27 18:40:25 +00:00
ssl_lib.c Change |EVP_PKEY_up_ref| to return int. 2016-07-12 17:55:41 +00:00
ssl_rsa.c Adding RSA-PSS signature algorithms. 2016-07-12 19:10:51 +00:00
ssl_session.c Split unlock functions into read/write variants. 2016-05-31 21:09:29 +00:00
ssl_stat.c Remove a/b parameters to send_change_cipher_spec. 2016-06-29 18:50:47 +00:00
ssl_test.cc Revert "Move C++ helpers into |bssl| namespace." 2016-07-12 08:09:33 -07:00
t1_enc.c Move the Digest/Sign split for SignatureAlgorithms to a lower level. 2016-07-01 19:01:33 +00:00
t1_lib.c Adding RSA-PSS signature algorithms. 2016-07-12 19:10:51 +00:00
tls_method.c Don't use init_buf in DTLS. 2016-07-11 23:01:11 +00:00
tls_record.c Build up TLS 1.3 record-layer tests. 2016-06-27 17:02:01 +00:00