Adding RSA-PSS signature algorithms.

[Rebased and tests added by davidben.] In doing so, regenerate the test RSA certificate to be 2048-bit RSA. RSA-PSS with SHA-512 is actually too large for 1024-bit RSA. Also make the sigalg test loop test versions that do and don't work which subsumes the ecdsa_sha1 TLS 1.3 test. For now, RSA-PKCS1 is still allowed because NSS has yet to implement RSA-PSS and we'd like to avoid complicated interop testing. Change-Id: I686b003ef7042ff757bdaab8d5838b7a4d6edd87 Reviewed-on: https://boringssl-review.googlesource.com/8613 Reviewed-by: David Benjamin <davidben@google.com>
author: Steven Valdez <svaldez@google.com> 2016-07-06 21:24:47 +0300
committer: David Benjamin <davidben@google.com> 2016-07-12 22:10:51 +0300
commit: eff1e8d9c7d039a36519122237047da3745fac0f (patch)
tree: 9e2bfcea5ba74c0895ca31850ea5e61b15261410 /include/openssl/tls1.h
parent: 0c222956683144754da1a643093960f813e8ec8c (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/include/openssl/tls1.h b/include/openssl/tls1.h
index cfb314d7..84ff12fb 100644
--- a/include/openssl/tls1.h
+++ b/include/openssl/tls1.h
@@ -253,6 +253,9 @@ extern "C" {
 #define SSL_SIGN_ECDSA_SECP256R1_SHA256 0x0403
 #define SSL_SIGN_ECDSA_SECP384R1_SHA384 0x0503
 #define SSL_SIGN_ECDSA_SECP521R1_SHA512 0x0603
+#define SSL_SIGN_RSA_PSS_SHA256         0x0700
+#define SSL_SIGN_RSA_PSS_SHA384         0x0701
+#define SSL_SIGN_RSA_PSS_SHA512         0x0702
 
 /* Reserved SignatureScheme value to indicate RSA with MD5-SHA1. This will never
  * be negotiated in TLS 1.2 and up, but is used to unify signing interfaces in
author	Steven Valdez <svaldez@google.com>	2016-07-06 21:24:47 +0300
committer	David Benjamin <davidben@google.com>	2016-07-12 22:10:51 +0300
commit	eff1e8d9c7d039a36519122237047da3745fac0f (patch)
tree	9e2bfcea5ba74c0895ca31850ea5e61b15261410 /include/openssl/tls1.h
parent	0c222956683144754da1a643093960f813e8ec8c (diff)