sysadmin/ipxe
1
0
Fork 0
mirror of https://github.com/ipxe/ipxe synced 2026-05-20 05:09:59 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
0c617b913235cbfc82b41db2595cdad10957f1ac
ipxe/src
T
History
Michael Brown 0c617b9132 [crypto] Add support for RSA-PSS signature scheme 
Add support for the RSA-PSS signature scheme as defined in RFC 8017
and required for TLS version 1.3.

Signature verification is deliberately implemented by first deriving
the salt value and then reconstructing the entire expected signature.
This is arguably inefficient since it involves two invocations of the
mask generation function when only one is required.  However, this
implementation approach keeps the code size minimal (since there is no
need to implement separate verification logic), and makes it provably
impossible to accidentally omit a verification step (such as checking
the leading zero bits or the fixed 0x01 or 0xbc bytes).  Since
signature verification is not a fast-path operation, the guaranteed
correctness is more valuable than a marginally faster execution.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2026-05-06 22:14:41 +01:00
..
arch
[librm] Specify regparm function attribute only for i386
2026-05-01 14:34:52 +01:00
bin
[build] Reduce scope of wildcard .gitignore rules
2024-01-09 12:39:48 +00:00
config
[ci] Add a workflow to import images to Alibaba Cloud
2026-04-22 18:24:45 +01:00
core
[disklog] Generalise disk log console mechanism
2026-04-07 18:42:30 +01:00
crypto
[crypto] Add support for RSA-PSS signature scheme
2026-05-06 22:14:41 +01:00
doc
[build] Rename gPXE to iPXE
2010-04-19 23:43:39 +01:00
drivers
[bnxt] Do not abort teardown on command failure
2026-05-01 17:09:32 +01:00
hci
[dynui] Allow for duplicate shortcut keys
2026-02-26 12:28:50 +00:00
image
[efi] Allow creating an image device handle with no parent device
2026-03-05 13:25:25 +00:00
include
[crypto] Add support for RSA-PSS signature scheme
2026-05-06 22:14:41 +01:00
interface
[efi] Register EFI IPv6 device path settings as netX.ndp
2026-04-30 14:25:18 +01:00
libgcc
[libgcc] Change __divmoddi4 from int64 [unknown] to int64_t
2020-07-21 14:33:32 +01:00
net
[tls] Treat signature algorithm identifiers as opaque 16-bit values
2026-04-30 13:14:20 +01:00
scripts
[build] Allow binaries to request a log partition from genfsimg
2026-03-26 15:12:52 +00:00
tests
[crypto] Add support for RSA-PSS signature scheme
2026-05-06 22:14:41 +01:00
usr
[build] Mark compressed image tools as permitted for UEFI Secure Boot
2026-01-28 16:34:57 +00:00
util
[build] Add Ubuntu/Debian syslinux mbr.bin search path
2026-03-27 20:42:18 +00:00
.gitignore
[build] Reduce scope of wildcard .gitignore rules
2024-01-09 12:39:48 +00:00
doxygen.cfg
[build] Remove PACKED macro
2010-05-29 23:49:47 +01:00
Makefile
[release] Update version number after release
2026-03-06 16:17:42 +00:00
Makefile.efi
[build] Include USB drivers in the all-drivers build by default
2026-02-13 18:36:14 +00:00
Makefile.housekeeping
[build] Use Markdown consistently within release notes
2026-03-02 22:19:52 +00:00
Makefile.linux
[build] Handle all driver list construction via parserom.pl
2026-02-13 14:16:44 +00:00