• Filippo Valsorda's avatar
    crypto/tls: advertise and accept rsa_pss_rsae signature algorithms · ee7e4433
    Filippo Valsorda authored
    crypto/x509 already supports PSS signatures (with rsaEncryption OID),
    and crypto/tls support was added in CL 79736. Advertise support for the
    algorithms and accept them as a peer.
    
    Note that this is about PSS signatures from regular RSA public keys.
    RSA-PSS only public keys (with RSASSA-PSS OID) are supported in neither
    crypto/tls nor crypto/x509. See RFC 8446, Section 4.2.3.
    
    testdata/Server-TLSv12-ClientAuthRequested* got modified because the
    CertificateRequest carries the supported signature algorithms.
    
    The net/smtp tests changed because 512 bits keys are too small for PSS.
    
    Based on Peter Wu's CL 79738, who did all the actual work in CL 79736.
    
    Updates #9671
    
    Change-Id: I4a31e9c6e152ff4c50a5c8a274edd610d5fff231
    Reviewed-on: https://go-review.googlesource.com/c/146258
    Run-TryBot: Filippo Valsorda <filippo@golang.org>
    TryBot-Result: Gobot Gobot <gobot@golang.org>
    Reviewed-by: 's avatarAdam Langley <agl@golang.org>
    ee7e4433
smtp_test.go 23.2 KB