[TEMP] bearssl aiotc_profile. enable ECDHE_RSA for file downloading from storage service

pennam · andreagilardoni · commit df4b1bfada58 · 2024-04-17T17:07:59.000+02:00
diff --git a/src/tls/profile/aiotc_profile.c b/src/tls/profile/aiotc_profile.c
@@ -48,7 +48,8 @@ void aiotc_client_profile_init(br_ssl_client_context *cc, br_x509_minimal_contex
    *    strong enough, and AES-256 is 40% more expensive).
    */
   static const uint16_t suites[] = {
-    BR_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+    BR_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+    BR_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
   };
 
   /*
@@ -74,6 +75,10 @@ void aiotc_client_profile_init(br_ssl_client_context *cc, br_x509_minimal_contex
   br_ssl_engine_set_default_ecdsa(&cc->eng);
   br_x509_minimal_set_ecdsa(xc, br_ssl_engine_get_ec(&cc->eng), br_ssl_engine_get_ecdsa(&cc->eng));
 
+	br_ssl_client_set_default_rsapub(cc);
+	br_ssl_engine_set_default_rsavrfy(&cc->eng);
+	br_x509_minimal_set_rsa(xc, br_ssl_engine_get_rsavrfy(&cc->eng));
+
   /*
    * Set supported hash functions, for the SSL engine and for the
    * X.509 engine.
