Renumber TLS 1.3 signature algorithms.

The old numbers violate a MUST-level requirement in TLS 1.2 to not advertise anonymous (0x0700 ends in 0x00). The spec has been updated with new allocations which avoid these. BUG=webrtc:6342 Change-Id: Ia5663ada98fa1ebf0f8a7f50fe74a0e9206c4194 Reviewed-on: https://boringssl-review.googlesource.com/11131 Reviewed-by: Adam Langley <agl@google.com>
author: David Benjamin <davidben@google.com> 2016-09-21 21:38:06 +0300
committer: Adam Langley <agl@google.com> 2016-09-21 23:54:15 +0300
commit: af56fbd62aa4e60b9085a9b390b9db30af5ebd1e (patch)
tree: 89de5fc3610f954064b514e1c0c15649b31f7cc9 /include/openssl
parent: 88536c3cb129c6d20bc9892f2726f1a457842e12 (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 1e76df39..d7e5add9 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -908,9 +908,9 @@ OPENSSL_EXPORT int SSL_CTX_set_ocsp_response(SSL_CTX *ctx,
 #define SSL_SIGN_ECDSA_SECP256R1_SHA256 0x0403
 #define SSL_SIGN_ECDSA_SECP384R1_SHA384 0x0503
 #define SSL_SIGN_ECDSA_SECP521R1_SHA512 0x0603
-#define SSL_SIGN_RSA_PSS_SHA256 0x0700
-#define SSL_SIGN_RSA_PSS_SHA384 0x0701
-#define SSL_SIGN_RSA_PSS_SHA512 0x0702
+#define SSL_SIGN_RSA_PSS_SHA256 0x0804
+#define SSL_SIGN_RSA_PSS_SHA384 0x0805
+#define SSL_SIGN_RSA_PSS_SHA512 0x0806
 
 /* SSL_SIGN_RSA_PKCS1_MD5_SHA1 is an internal signature algorithm used to
  * specify raw RSASSA-PKCS1-v1_5 with an MD5/SHA-1 concatenation, as used in TLS
author	David Benjamin <davidben@google.com>	2016-09-21 21:38:06 +0300
committer	Adam Langley <agl@google.com>	2016-09-21 23:54:15 +0300
commit	af56fbd62aa4e60b9085a9b390b9db30af5ebd1e (patch)
tree	89de5fc3610f954064b514e1c0c15649b31f7cc9 /include/openssl
parent	88536c3cb129c6d20bc9892f2726f1a457842e12 (diff)