Commit 99fbca1d authored by Andrew Huang's avatar Andrew Huang Committed by Facebook GitHub Bot

Add rsa_pss signature schemes to SSLCommonOptions

Summary: Required to support RSA certificates in TLS 1.3.

Reviewed By: knekritz

Differential Revision: D28606758

fbshipit-source-id: 0b75eccf207c1327e590675137ce3289956d8771
parent 85d4e767
...@@ -52,10 +52,22 @@ struct SSLCommonOptions { ...@@ -52,10 +52,22 @@ struct SSLCommonOptions {
*/ */
static constexpr auto sigalgs() { static constexpr auto sigalgs() {
return folly::make_array( return folly::make_array(
#if FOLLY_OPENSSL_PREREQ(1, 1, 1)
"rsa_pss_pss_sha512",
"rsa_pss_rsae_sha512",
#endif // FOLLY_OPENSSL_PREREQ(1, 1, 1)
"RSA+SHA512", "RSA+SHA512",
"ECDSA+SHA512", "ECDSA+SHA512",
#if FOLLY_OPENSSL_PREREQ(1, 1, 1)
"rsa_pss_pss_sha384",
"rsa_pss_rsae_sha384",
#endif // FOLLY_OPENSSL_PREREQ(1, 1, 1)
"RSA+SHA384", "RSA+SHA384",
"ECDSA+SHA384", "ECDSA+SHA384",
#if FOLLY_OPENSSL_PREREQ(1, 1, 1)
"rsa_pss_pss_sha256",
"rsa_pss_rsae_sha256",
#endif // FOLLY_OPENSSL_PREREQ(1, 1, 1)
"RSA+SHA256", "RSA+SHA256",
"ECDSA+SHA256", "ECDSA+SHA256",
"RSA+SHA1", "RSA+SHA1",
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment