diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-03-06 15:09:50 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-03-09 17:01:10 +0100 |
| commit | 51d21634c9329463a8d7def24550ef268bc9b88c (patch) | |
| tree | 49a8e2370b632040c8fbdbd03b9f8b51cef34677 /tests/common-cert-key-exchange.h | |
| parent | 02354f173e66df3dad4ac9447e4965aecfad65e8 (diff) | |
| download | gnutls-51d21634c9329463a8d7def24550ef268bc9b88c.tar.gz | |
signatures: distinguish RSA-PSS signatures with RSA PKCS#1 1.5 certificates from "pure"
This change enhances signature algorithms to have a private key algorithm
parameter. That is, to allow signature algorithms operating with a private
key of type X while the public key is of type Y. That is useful for the
RSA-PSS signatures which are of two types; one which is seen from servers
having PKCS#1 1.5 certificates, the other with RSA-PSS certificates, while
both utilize RSA-PSS private keys.
This is a draft-ietf-tls-tls13-23 change.
Resolves #400
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Diffstat (limited to 'tests/common-cert-key-exchange.h')
| -rw-r--r-- | tests/common-cert-key-exchange.h | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/tests/common-cert-key-exchange.h b/tests/common-cert-key-exchange.h index 4c7d6c0ca9..47e3738900 100644 --- a/tests/common-cert-key-exchange.h +++ b/tests/common-cert-key-exchange.h @@ -36,7 +36,7 @@ extern const char *server_priority; &server_ca3_localhost_cert, &server_ca3_key, NULL, NULL, 0) #define try_ks(name, client_prio, client_kx, group) \ - try_with_key_ks(name, client_prio, client_kx, GNUTLS_SIGN_RSA_PSS_SHA256, GNUTLS_SIGN_UNKNOWN, \ + try_with_key_ks(name, client_prio, client_kx, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, GNUTLS_SIGN_UNKNOWN, \ &server_ca3_localhost_cert, &server_ca3_key, NULL, NULL, 0, group) #define try_cli(name, client_prio, client_kx, server_sign_algo, client_sign_algo, client_cert) \ |