Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / cryptography / 3367806cd464fac96abd1b8416700ad174e8b64d
commit3367806cd464fac96abd1b8416700ad174e8b64d[log] [tgz]
authorMarti Raudsepp <marti@juffo.org>Sat Jun 30 02:27:28 2018 +0300
committerPaul Kehrer <paul.l.kehrer@gmail.com>Fri Jun 29 16:27:28 2018 -0700
tree914a214ce9072c46db1f911926a8785fc60530ff
parent682014558f3521a942cdce3932837659ce24df34 [diff]
Add OID for RSASSA-PSS X.509 signature algorithm (RFC 4055) (#4294)

In 2005, IETF devised a more secure padding scheme to replace PKCS #1
v1.5. To make sure that nobody can easily support or use it, they
mandated lots of complicated parameters in the certificate, unlike any
other X.509 signature scheme.

https://tools.ietf.org/html/rfc4055

`_SIG_OIDS_TO_HASH` and `Certificate.signature_hash_algorithm` cannot be
supported as-is, because the hash algorithm is defined in the signature
algorithm parameters, not by the OID itself.
3 files changed
tree: 914a214ce9072c46db1f911926a8785fc60530ff
  1. .github/
  2. .jenkins/
  3. .travis/
  4. docs/
  5. src/
  6. tests/
  7. vectors/
  8. .coveragerc
  9. .gitignore
  10. .mention-bot
  11. .travis.yml
  12. AUTHORS.rst
  13. CHANGELOG.rst
  14. codecov.yml
  15. CONTRIBUTING.rst
  16. dev-requirements.txt
  17. Jenkinsfile
  18. LICENSE
  19. LICENSE.APACHE
  20. LICENSE.BSD
  21. LICENSE.PSF
  22. MANIFEST.in
  23. README.rst
  24. release.py
  25. rtd-requirements.txt
  26. setup.py
  27. tox.ini