| Jerry Yu | eec4f03 | 2022-07-23 11:31:51 +0800 | [diff] [blame] | 1 | Features |
| Jerry Yu | 72a8585 | 2022-06-27 14:40:08 +0800 | [diff] [blame] | 2 | * When GnuTLS/Openssl server is configured in TLS 1.2 mode with a certificate |
| 3 | declaring an RSA public key and Mbed TLS is configured in hybrid mode, if |
| 4 | `rsa_pss_rsae_*` algorithms are before `rsa_pkcs1_*` ones in this list then |
| 5 | the GnuTLS/Openssl server chooses an `rsa_pss_rsae_*` signature algorithm |
| 6 | for its signature in the key exchange message. As Mbed TLS 1.2 does not |
| Jerry Yu | eec4f03 | 2022-07-23 11:31:51 +0800 | [diff] [blame] | 7 | support them, the handshake fails. Add `rsa_pss_rsae_*` support for TLS 1.2 |
| 8 | to resolve the compitablity issue. |