Add three additional signature algorithms, offered by atleast AWS

drogue-iot / embedded-tls

An Rust TLS 1.3 implementation for embedded devices.

Apache License 2.0

172 stars 22 forks source link

Add three additional signature algorithms, offered by atleast AWS #139

Closed MathiasKoch closed 6 months ago

MathiasKoch commented 6 months ago

This PR adds three additional SignatureAlgorithms, that are at least offered by AWS, making it impossible to decode their extension data without them in the enum.

An alternative approach would be to silently ignore unknown signature algorithms rather than turning it into an error?

 Sha224Ecdsa = 0x0303,
 Sha224Rsa = 0x0301,
 Sha224Dsa = 0x0302,

MathiasKoch commented 6 months ago

Hmm.. Not sure that I understand why that test case is suddenly failing? It does however also fail on main, if i check that out.

EDIT: AHH.. InvalidCertificate(Expired). Did not think about that when I created it. I will add some new long-living certificates for the tests.