Add rsa_pss signature schemes to SSLCommonOptions

Summary: Required to support RSA certificates in TLS 1.3. Reviewed By: knekritz Differential Revision: D28606758 fbshipit-source-id: 0b75eccf207c1327e590675137ce3289956d8771

Add rsa_pss signature schemes to SSLCommonOptions
Summary: Required to support RSA certificates in TLS 1.3. Reviewed By: knekritz Differential Revision: D28606758 fbshipit-source-id: 0b75eccf207c1327e590675137ce3289956d8771
99fbca1d · Andrew Huang · Facebook GitHub Bot · 85d4e767 · 99fbca1d
Commit 99fbca1d authored May 24, 2021 by Andrew Huang Committed by Facebook GitHub Bot May 24, 2021
Hide whitespace changes
Inline Side-by-side

Showing with 12 additions and 0 deletions

folly/io/async/SSLOptions.h folly/io/async/SSLOptions.h +12 -0

No files found.
--- a/folly/io/async/SSLOptions.h
+++ b/folly/io/async/SSLOptions.h
@@ -52,10 +52,22 @@ struct SSLCommonOptions {
   */
  static constexpr auto sigalgs() {
    return folly::make_array(
+#if FOLLY_OPENSSL_PREREQ(1, 1, 1)
+        "rsa_pss_pss_sha512",
+        "rsa_pss_rsae_sha512",
+#endif // FOLLY_OPENSSL_PREREQ(1, 1, 1)
        "RSA+SHA512",
        "ECDSA+SHA512",
+#if FOLLY_OPENSSL_PREREQ(1, 1, 1)
+        "rsa_pss_pss_sha384",
+        "rsa_pss_rsae_sha384",
+#endif // FOLLY_OPENSSL_PREREQ(1, 1, 1)
        "RSA+SHA384",
        "ECDSA+SHA384",
+#if FOLLY_OPENSSL_PREREQ(1, 1, 1)
+        "rsa_pss_pss_sha256",
+        "rsa_pss_rsae_sha256",
+#endif // FOLLY_OPENSSL_PREREQ(1, 1, 1)
        "RSA+SHA256",
        "ECDSA+SHA256",
        "RSA+SHA1",