crypto/tls: advertise and accept rsa_pss_rsae signature algorithms - go - Fork of Go programming language with my patches.

diff options

author	Filippo Valsorda <filippo@golang.org>	2018-10-31 12:14:51 -0400
committer	Filippo Valsorda <filippo@golang.org>	2018-11-02 22:05:52 +0000
commit	ee7e443389f7c8aabc58d49e42880b96f0955361 (patch)
tree	8c527cd14abc5f060d40399104bf80ea45824241 /src/database/sql/sql.go
parent	7f5dce08ad77519bfea58880492e1d290cd13cb0 (diff)
download	go-ee7e443389f7c8aabc58d49e42880b96f0955361.tar.xz

crypto/tls: advertise and accept rsa_pss_rsae signature algorithms

crypto/x509 already supports PSS signatures (with rsaEncryption OID), and crypto/tls support was added in CL 79736. Advertise support for the algorithms and accept them as a peer. Note that this is about PSS signatures from regular RSA public keys. RSA-PSS only public keys (with RSASSA-PSS OID) are supported in neither crypto/tls nor crypto/x509. See RFC 8446, Section 4.2.3. testdata/Server-TLSv12-ClientAuthRequested* got modified because the CertificateRequest carries the supported signature algorithms. The net/smtp tests changed because 512 bits keys are too small for PSS. Based on Peter Wu's CL 79738, who did all the actual work in CL 79736. Updates #9671 Change-Id: I4a31e9c6e152ff4c50a5c8a274edd610d5fff231 Reviewed-on: https://go-review.googlesource.com/c/146258 Run-TryBot: Filippo Valsorda <filippo@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Adam Langley <agl@golang.org>

Diffstat (limited to 'src/database/sql/sql.go')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: