]> git.ipfire.org Git - thirdparty/gnutls.git/commit
projects / thirdparty / gnutls.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c4f1d53) | patch
pk: add flags to force RSA-PSS salt length to match digest length
authorDaiki Ueno <ueno@gnu.org>
Mon, 2 Aug 2021 16:32:28 +0000 (18:32 +0200)
committerDaiki Ueno <ueno@gnu.org>
Sat, 7 Aug 2021 06:51:52 +0000 (08:51 +0200)
commit3cdbb84fab1dfbe157804eb72e279265eaaa2cb7
tree8c4bfe6d66f8401bd78e59dcdfc87915925f1bb2tree | snapshot
parentc4f1d5308f3c14f5a82dd1debf5dc0806f361399commit | diff
pk: add flags to force RSA-PSS salt length to match digest length

This adds a couple of flags to RSA-PSS signing and verification, to
enforce that the salt length matches the digest length.  That is not
only recommended in RFC 4055, but also mandated in RFC 8446 in the TLS
1.3 context.

Signed-off-by: Daiki Ueno <ueno@gnu.org>
NEWS diff | blob | blame | history
lib/crypto-backend.h diff | blob | blame | history
lib/includes/gnutls/abstract.h diff | blob | blame | history
lib/includes/gnutls/x509.h diff | blob | blame | history
lib/nettle/pk.c diff | blob | blame | history
lib/privkey.c diff | blob | blame | history
lib/pubkey.c diff | blob | blame | history
lib/tls13-sig.c diff | blob | blame | history
tests/rsa-rsa-pss.c diff | blob | blame | history
Mirror of https://gitlab.com/gnutls/gnutls.git