espressif/mbedtls
1
0
Fork 0
mirror of https://github.com/espressif/mbedtls.git synced 2026-06-05 21:14:47 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
5ee161822c478da38af8142feb882b5cf95f39d8
mbedtls/ChangeLog.d/fix-tls12-rsa-pss-sigalgs.txt
T
Viktor Sokolovskiy 08a217c560 ssl: accept TLS 1.2 rsa_pss_rsae in client SKE 
Fix a TLS 1.2 client regression that caused valid ServerKeyExchange signatures using rsa_pss_rsae_* to be rejected.

Allow rsa_pss_rsae_* in the TLS 1.2 client ServerKeyExchange parse path when the algorithm is supported and was offered by the client. Add OpenSSL and GnuTLS interoperability coverage for TLS 1.2 servers that force rsa_pss_rsae_sha256.

Fixes #10668.

Signed-off-by: Viktor Sokolovskiy <maokaman@gmail.com>
2026-04-28 14:02:54 +08:00

5 lines
162 B
Plaintext
Raw Blame History

Bugfix
* Fix a TLS 1.2 regression that caused clients to reject valid
ServerKeyExchange signatures using RSA-PSS signature algorithms.
Fixes #10668.
Reference in New Issue View Git Blame Copy Permalink