wolfSSL / wolfssl

The wolfSSL library is a small, fast, portable implementation of TLS/SSL for embedded devices to the cloud. wolfSSL supports up to TLS 1.3 and DTLS 1.3!

https://www.wolfssl.com

GNU General Public License v2.0

2.22k stars 798 forks source link

Fixes ZD 18204: check hashsigalgo matches ssl suites. #7693

Closed philljj closed 2 days ago

philljj commented 1 week ago

Description

When picking a hash sig algo in MatchSuite, require that peer hash sig algo is supported in our ssl->suites or ssl->ctx->suites.

Fixes zd#18204.

Testing

Reproducers in ticket.

philljj commented 1 week ago

Note: this requires https://github.com/wolfSSL/osp/pull/186 for the Python port test to pass.

JacobBarthelmeh commented 1 week ago

Retest this please Jenkins