Basic parsing of certs signed with RSASSA-PSS

2025-07-29 11:41:15 +03:00 · 2014-01-22 10:12:57 +01:00
parent 1ebc0c592c
commit 59a75d5b9d
11 changed files with 90 additions and 3 deletions
--- a/include/polarssl/config.h
+++ b/include/polarssl/config.h
@ -220,6 +220,22 @@
 //#define POLARSSL_SHA256_ALT
 //#define POLARSSL_SHA512_ALT

+/**
+ * \def POLARSSL_RSASSA_PSS_CERTIFICATES
+ *
+ * Enable parsing and verification of X.509 certificates and CRLs signed with
+ * RSASSA-PSS.
+ *
+ * This is disabled by default since it breaks binary compatibility with the
+ * 1.3.x line. If you choose to enable it, you will need to rebuild your
+ * application against the new header files, relinking will not be enough.
+ *
+ * TODO: actually disable it when done working on this branch ,)
+ *
+ * Uncomment this macro to allow using RSASSA-PSS in certificates.
+ */
+#define POLARSSL_RSASSA_PSS_CERTIFICATES
+
 /**
 * \def POLARSSL_AES_ROM_TABLES
 *