commit a1255e6b8c8063319b9420239c0fce8fc3eb843a
author Jerry Yu <jerry.h.yu@arm.com> Fri Jun 24 10:10:47 2022 +0800
committer Jerry Yu <jerry.h.yu@arm.com> Wed Jun 29 16:16:09 2022 +0800
tree e9bfac05b957ab35e87b1935b2f85d5832cfe4fc
parent 9bb3ee436baca2f298fdb66e642ffe6377ad9066

fix various issues

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>

library/ssl_tls13_generic.c

diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c
index d470b70..418fc13 100644
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c
@@ -898,17 +898,17 @@
 #if defined(MBEDTLS_PKCS1_V21)
 #if defined(MBEDTLS_SHA256_C)
                 case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256:
-                    return( key_size <= 2048 );
+                    return( key_size <= 3072 );
 #endif /* MBEDTLS_SHA256_C */
 
 #if defined(MBEDTLS_SHA384_C)
                 case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA384:
-                    return( key_size <= 3072 );
+                    return( key_size <= 7680 );
 #endif /* MBEDTLS_SHA384_C */
 
 #if defined(MBEDTLS_SHA512_C)
                 case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA512:
-                    return( key_size <= 4096 );
+                    return( 1 );
 #endif /* MBEDTLS_SHA512_C */
 #endif /* MBEDTLS_PKCS1_V21 */
 
@@ -935,7 +935,8 @@
     *algorithm = MBEDTLS_TLS1_3_SIG_NONE;
     for( ; *sig_alg != MBEDTLS_TLS1_3_SIG_NONE ; sig_alg++ )
     {
-        if( mbedtls_ssl_tls13_sig_alg_is_supported_for_certificate( *sig_alg ) &&
+        if( mbedtls_ssl_tls13_sig_alg_for_cert_verify_is_supported(
+                                                            *sig_alg ) &&
             mbedtls_ssl_tls13_check_sig_alg_cert_key_match(
                                                         *sig_alg, own_key ) )
         {