commit a83014db4a2f734af9b5b65ca022f016d9da6b2d
author XiaokangQian <xiaokang.qian@arm.com> Mon Nov 22 07:53:34 2021 +0000
committer XiaokangQian <xiaokang.qian@arm.com> Thu Nov 25 02:21:16 2021 +0000
tree c8aef4d45969fc8bff830139594818442bff826a
parent e0bbedfe7a401a1134d38d0c02f7602334be1c41

TLS1.3: Add signature scheme pkcs1 v1.5

Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>

library/ssl_tls.c

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index b07d07a..0d54ae9 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -6376,6 +6376,7 @@
 #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
     MBEDTLS_TLS13_SIG_RSA_PSS_RSAE_SHA256,
 #endif
+    MBEDTLS_TLS13_SIG_RSA_PKCS1_SHA256,
 
     MBEDTLS_TLS13_SIG_NONE
 };
@@ -6395,6 +6396,7 @@
 #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
     MBEDTLS_TLS13_SIG_RSA_PSS_RSAE_SHA256,
 #endif
+    MBEDTLS_TLS13_SIG_RSA_PKCS1_SHA256,
 
     MBEDTLS_TLS13_SIG_NONE
 };

library/ssl_tls13_generic.c

diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c
index 2dd5c50..d5a67a9 100644
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c
@@ -376,11 +376,16 @@
             break;
 #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
         case MBEDTLS_TLS13_SIG_RSA_PSS_RSAE_SHA256:
-            MBEDTLS_SSL_DEBUG_MSG( 4, ( "Certificate Verify: using RSA" ) );
+            MBEDTLS_SSL_DEBUG_MSG( 4, ( "Certificate Verify: using RSA PSS" ) );
             md_alg = MBEDTLS_MD_SHA256;
             sig_alg = MBEDTLS_PK_RSASSA_PSS;
             break;
 #endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */
+        case MBEDTLS_TLS13_SIG_RSA_PKCS1_SHA256:
+            MBEDTLS_SSL_DEBUG_MSG( 4, ( "Certificate Verify: using RSA PKCS1 V1.5" ) );
+            md_alg = MBEDTLS_MD_SHA256;
+            sig_alg = MBEDTLS_PK_RSA;
+            break;
         default:
             MBEDTLS_SSL_DEBUG_MSG( 1, ( "Certificate Verify: Unknown signature algorithm." ) );
             goto error;