blackbeard420/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf synced 2025-03-10 17:49:10 -04:00
Code Issues Projects Releases Wiki Activity

mbedtls: disable support for RSASSA-PSS signatures

Browse Source 
This is a workaround for CVE-2018-0487.
Ref. https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-01
Ref. https://github.com/espressif/esp-idf/issues/1730
This commit is contained in:
Ivan Grokhotkov 2018-04-19 11:40:06 +08:00
parent 594e1b5e44
commit 0a97cb62ef
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
components/mbedtls/port/include/mbedtls/esp_config.h
View File

@ -926,7 +926,7 @@
* *
* This enables support for RSAES-OAEP and RSASSA-PSS operations. * This enables support for RSAES-OAEP and RSASSA-PSS operations.
*/ */
#define MBEDTLS_PKCS1_V21 //#define MBEDTLS_PKCS1_V21
/** /**
* \def MBEDTLS_RSA_NO_CRT * \def MBEDTLS_RSA_NO_CRT
@ -1420,7 +1420,7 @@
* *
* Comment this macro to disallow using RSASSA-PSS in certificates. * Comment this macro to disallow using RSASSA-PSS in certificates.
*/ */
#define MBEDTLS_X509_RSASSA_PSS_SUPPORT //#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
/** /**
* \def MBEDTLS_ZLIB_SUPPORT * \def MBEDTLS_ZLIB_SUPPORT