Skip to content

check RSA key size for PSS#10866

Open
kojo1 wants to merge 1 commit into
wolfSSL:masterfrom
kojo1:rsaKeySz
Open

check RSA key size for PSS#10866
kojo1 wants to merge 1 commit into
wolfSSL:masterfrom
kojo1:rsaKeySz

Conversation

@kojo1

@kojo1 kojo1 commented Jul 8, 2026

Copy link
Copy Markdown
Contributor

Description

Don't select RSA-PSS in MatchSigAlgo when the RSA key is too small for the signature.
When a TLS 1.2 server holds a small RSA certificate (e.g. 512bit) and the ClientHello's signature_algorithms extension offers rsa_pss_rsae_sha256 (0x0804), the handshake is aborted even though the client also offers rsa_pkcs1_sha256 (0x0401), which the key can use.

Fixes zd#22091

Testing

Local test with 512bit cert and run time SetMinRsaKey_Sz.

Checklist

  • added tests
  • updated/added doxygen
  • updated appropriate READMEs
  • Updated manual and documentation

@kojo1 kojo1 changed the title check if the RSA key is big enough to actually produce an RSA-PSS/SHA… check if the RSA key is big enough Jul 8, 2026
@kojo1 kojo1 changed the title check if the RSA key is big enough check RSA key size for PSS Jul 8, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant