diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-06-26 15:02:47 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2017-09-13 07:52:17 +0000 |
| commit | 4dea5ce73de8c7b8ebd12f8b1bc6210e54101488 (patch) | |
| tree | c1f02f8a7297245316398c97a7b0ad427cb63720 | |
| parent | 7626ad451ca069aca1e8bfe36b9f71d7c72953ac (diff) | |
| download | gnutls-4dea5ce73de8c7b8ebd12f8b1bc6210e54101488.tar.gz | |
algorithms/sign: legacy signature algorithms were moved toward the end of the list
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
| -rw-r--r-- | lib/algorithms/sign.c | 351 |
1 files changed, 183 insertions, 168 deletions
diff --git a/lib/algorithms/sign.c b/lib/algorithms/sign.c index fe11dd9a2c..84015fc2b3 100644 --- a/lib/algorithms/sign.c +++ b/lib/algorithms/sign.c @@ -40,6 +40,173 @@ * e.g., RSA-PSS-SHA256 can be generated by GNUTLS_PK_RSA or GNUTLS_PK_RSA_PSS. */ static const gnutls_sign_entry_st sign_algorithms[] = { + /* RSA-PKCS#1 1.5: must be before PSS, + * so that gnutls_pk_to_sign() will return + * these first for backwards compatibility. */ + {.name = "RSA-SHA256", + .oid = SIG_RSA_SHA256_OID, + .id = GNUTLS_SIGN_RSA_SHA256, + .pk = GNUTLS_PK_RSA, + .hash = GNUTLS_DIG_SHA256, + .aid = {{4, 1}}}, + {.name = "RSA-SHA384", + .oid = SIG_RSA_SHA384_OID, + .id = GNUTLS_SIGN_RSA_SHA384, + .pk = GNUTLS_PK_RSA, + .hash = GNUTLS_DIG_SHA384, + .aid = {{5, 1}}}, + {.name = "RSA-SHA512", + .oid = SIG_RSA_SHA512_OID, + .id = GNUTLS_SIGN_RSA_SHA512, + .pk = GNUTLS_PK_RSA, + .hash = GNUTLS_DIG_SHA512, + .aid = {{6, 1}}}, + + /* RSA-PSS */ + {.name = "RSA-PSS-SHA256", + .oid = PK_PKIX1_RSA_PSS_OID, + .id = GNUTLS_SIGN_RSA_PSS_SHA256, + .pk = GNUTLS_PK_RSA_PSS, + .hash = GNUTLS_DIG_SHA256, + .aid = {{8, 4}}}, + {.name = "RSA-PSS-SHA256", + .oid = PK_PKIX1_RSA_PSS_OID, + .id = GNUTLS_SIGN_RSA_PSS_SHA256, + .pk = GNUTLS_PK_RSA, + .hash = GNUTLS_DIG_SHA256, + .aid = {{8, 4}}}, + {.name = "RSA-PSS-SHA384", + .oid = PK_PKIX1_RSA_PSS_OID, + .id = GNUTLS_SIGN_RSA_PSS_SHA384, + .pk = GNUTLS_PK_RSA_PSS, + .hash = GNUTLS_DIG_SHA384, + .aid = {{8, 5}}}, + {.name = "RSA-PSS-SHA384", + .oid = PK_PKIX1_RSA_PSS_OID, + .id = GNUTLS_SIGN_RSA_PSS_SHA384, + .pk = GNUTLS_PK_RSA, + .hash = GNUTLS_DIG_SHA384, + .aid = {{8, 5}}}, + {.name = "RSA-PSS-SHA512", + .oid = PK_PKIX1_RSA_PSS_OID, + .id = GNUTLS_SIGN_RSA_PSS_SHA512, + .pk = GNUTLS_PK_RSA_PSS, + .hash = GNUTLS_DIG_SHA512, + .aid = {{8, 6}}}, + {.name = "RSA-PSS-SHA512", + .oid = PK_PKIX1_RSA_PSS_OID, + .id = GNUTLS_SIGN_RSA_PSS_SHA512, + .pk = GNUTLS_PK_RSA, + .hash = GNUTLS_DIG_SHA512, + .aid = {{8, 6}}}, + + /* Ed25519: The hash algorithm here is set to be SHA512, although that is + * an internal detail of Ed25519; we set it, because CMS/PKCS#7 requires + * that mapping. */ + {.name = "EdDSA-Ed25519", + .oid = SIG_EDDSA_SHA512_OID, + .id = GNUTLS_SIGN_EDDSA_ED25519, + .pk = GNUTLS_PK_EDDSA_ED25519, + .hash = GNUTLS_DIG_SHA512, + .aid = {{8, 7}}}, + + /* ECDSA */ + {.name = "ECDSA-SHA256", + .oid = "1.2.840.10045.4.3.2", + .id = GNUTLS_SIGN_ECDSA_SHA256, + .pk = GNUTLS_PK_EC, + .hash = GNUTLS_DIG_SHA256, + .aid = {{4, 3}}}, + {.name = "ECDSA-SHA384", + .oid = "1.2.840.10045.4.3.3", + .id = GNUTLS_SIGN_ECDSA_SHA384, + .pk = GNUTLS_PK_EC, + .hash = GNUTLS_DIG_SHA384, + .aid = {{5, 3}}}, + {.name = "ECDSA-SHA512", + .oid = "1.2.840.10045.4.3.4", + .id = GNUTLS_SIGN_ECDSA_SHA512, + .pk = GNUTLS_PK_EC, + .hash = GNUTLS_DIG_SHA512, + .aid = {{6, 3}}}, + + /* ECDSA-SHA3 */ + {.name = "ECDSA-SHA3-224", + .oid = SIG_ECDSA_SHA3_224_OID, + .id = GNUTLS_SIGN_ECDSA_SHA3_224, + .pk = GNUTLS_PK_EC, + .hash = GNUTLS_DIG_SHA3_224, + .aid = TLS_SIGN_AID_UNKNOWN}, + {.name = "ECDSA-SHA3-256", + .oid = SIG_ECDSA_SHA3_256_OID, + .id = GNUTLS_SIGN_ECDSA_SHA3_256, + .pk = GNUTLS_PK_EC, + .hash = GNUTLS_DIG_SHA3_256, + .aid = TLS_SIGN_AID_UNKNOWN}, + {.name = "ECDSA-SHA3-384", + .oid = SIG_ECDSA_SHA3_384_OID, + .id = GNUTLS_SIGN_ECDSA_SHA3_384, + .pk = GNUTLS_PK_EC, + .hash = GNUTLS_DIG_SHA3_384, + .aid = TLS_SIGN_AID_UNKNOWN}, + {.name = "ECDSA-SHA3-512", + .oid = SIG_ECDSA_SHA3_512_OID, + .id = GNUTLS_SIGN_ECDSA_SHA3_512, + .pk = GNUTLS_PK_EC, + .hash = GNUTLS_DIG_SHA3_512, + .aid = TLS_SIGN_AID_UNKNOWN}, + {.name = "RSA-SHA3-224", + .oid = SIG_RSA_SHA3_224_OID, + .id = GNUTLS_SIGN_RSA_SHA3_224, + .pk = GNUTLS_PK_RSA, + .hash = GNUTLS_DIG_SHA3_224, + .aid = TLS_SIGN_AID_UNKNOWN}, + {.name = "RSA-SHA3-256", + .oid = SIG_RSA_SHA3_256_OID, + .id = GNUTLS_SIGN_RSA_SHA3_256, + .pk = GNUTLS_PK_RSA, + .hash = GNUTLS_DIG_SHA3_256, + .aid = TLS_SIGN_AID_UNKNOWN}, + {.name = "RSA-SHA3-384", + .oid = SIG_RSA_SHA3_384_OID, + .id = GNUTLS_SIGN_RSA_SHA3_384, + .pk = GNUTLS_PK_RSA, + .hash = GNUTLS_DIG_SHA3_384, + .aid = TLS_SIGN_AID_UNKNOWN}, + {.name = "RSA-SHA3-512", + .oid = SIG_RSA_SHA3_512_OID, + .id = GNUTLS_SIGN_RSA_SHA3_512, + .pk = GNUTLS_PK_RSA, + .hash = GNUTLS_DIG_SHA3_512, + .aid = TLS_SIGN_AID_UNKNOWN}, + + /* DSA-SHA3 */ + {.name = "DSA-SHA3-224", + .oid = SIG_DSA_SHA3_224_OID, + .id = GNUTLS_SIGN_DSA_SHA3_224, + .pk = GNUTLS_PK_DSA, + .hash = GNUTLS_DIG_SHA3_224, + .aid = TLS_SIGN_AID_UNKNOWN}, + {.name = "DSA-SHA3-256", + .oid = SIG_DSA_SHA3_256_OID, + .id = GNUTLS_SIGN_DSA_SHA3_256, + .pk = GNUTLS_PK_DSA, + .hash = GNUTLS_DIG_SHA3_256, + .aid = TLS_SIGN_AID_UNKNOWN}, + {.name = "DSA-SHA3-384", + .oid = SIG_DSA_SHA3_384_OID, + .id = GNUTLS_SIGN_DSA_SHA3_384, + .pk = GNUTLS_PK_DSA, + .hash = GNUTLS_DIG_SHA3_384, + .aid = TLS_SIGN_AID_UNKNOWN}, + {.name = "DSA-SHA3-512", + .oid = SIG_DSA_SHA3_512_OID, + .id = GNUTLS_SIGN_DSA_SHA3_512, + .pk = GNUTLS_PK_DSA, + .hash = GNUTLS_DIG_SHA3_512, + .aid = TLS_SIGN_AID_UNKNOWN}, + + /* legacy */ {.name = "RSA-RAW", .oid = NULL, .id = GNUTLS_SIGN_RSA_RAW, @@ -48,128 +215,92 @@ static const gnutls_sign_entry_st sign_algorithms[] = { .aid = TLS_SIGN_AID_UNKNOWN }, {.name = "RSA-SHA1", - .oid = SIG_RSA_SHA1_OID, + .oid = SIG_RSA_SHA1_OID, .id = GNUTLS_SIGN_RSA_SHA1, .pk = GNUTLS_PK_RSA, .hash = GNUTLS_DIG_SHA1, .slevel = SHA1_SECURE_VAL, .aid = {{2, 1}}}, {.name = "RSA-SHA1", - .oid = ISO_SIG_RSA_SHA1_OID, + .oid = ISO_SIG_RSA_SHA1_OID, .id = GNUTLS_SIGN_RSA_SHA1, .pk = GNUTLS_PK_RSA, .slevel = SHA1_SECURE_VAL, .hash = GNUTLS_DIG_SHA1, .aid = {{2, 1}}}, {.name = "RSA-SHA224", - .oid = SIG_RSA_SHA224_OID, + .oid = SIG_RSA_SHA224_OID, .id = GNUTLS_SIGN_RSA_SHA224, .pk = GNUTLS_PK_RSA, .hash = GNUTLS_DIG_SHA224, .aid = TLS_SIGN_AID_UNKNOWN}, - {.name = "RSA-SHA256", - .oid = SIG_RSA_SHA256_OID, - .id = GNUTLS_SIGN_RSA_SHA256, - .pk = GNUTLS_PK_RSA, - .hash = GNUTLS_DIG_SHA256, - .aid = {{4, 1}}}, - {.name = "RSA-SHA384", - .oid = SIG_RSA_SHA384_OID, - .id = GNUTLS_SIGN_RSA_SHA384, - .pk = GNUTLS_PK_RSA, - .hash = GNUTLS_DIG_SHA384, - .aid = {{5, 1}}}, - {.name = "RSA-SHA512", - .oid = SIG_RSA_SHA512_OID, - .id = GNUTLS_SIGN_RSA_SHA512, - .pk = GNUTLS_PK_RSA, - .hash = GNUTLS_DIG_SHA512, - .aid = {{6, 1}}}, {.name = "RSA-RMD160", - .oid = SIG_RSA_RMD160_OID, + .oid = SIG_RSA_RMD160_OID, .id = GNUTLS_SIGN_RSA_RMD160, .pk = GNUTLS_PK_RSA, .hash = GNUTLS_DIG_RMD160, .slevel = _INSECURE_FOR_CERTS, .aid = TLS_SIGN_AID_UNKNOWN}, {.name = "DSA-SHA1", - .oid = SIG_DSA_SHA1_OID, + .oid = SIG_DSA_SHA1_OID, .id = GNUTLS_SIGN_DSA_SHA1, .pk = GNUTLS_PK_DSA, .slevel = SHA1_SECURE_VAL, .hash = GNUTLS_DIG_SHA1, .aid = {{2, 2}}}, {.name = "DSA-SHA1", - .oid = "1.3.14.3.2.27", + .oid = "1.3.14.3.2.27", .id = GNUTLS_SIGN_DSA_SHA1, .pk = GNUTLS_PK_DSA, .hash = GNUTLS_DIG_SHA1, .slevel = SHA1_SECURE_VAL, .aid = {{2, 2}}}, {.name = "DSA-SHA224", - .oid = SIG_DSA_SHA224_OID, + .oid = SIG_DSA_SHA224_OID, .id = GNUTLS_SIGN_DSA_SHA224, .pk = GNUTLS_PK_DSA, .hash = GNUTLS_DIG_SHA224, .aid = TLS_SIGN_AID_UNKNOWN}, {.name = "DSA-SHA256", - .oid = SIG_DSA_SHA256_OID, + .oid = SIG_DSA_SHA256_OID, .id = GNUTLS_SIGN_DSA_SHA256, .pk = GNUTLS_PK_DSA, .hash = GNUTLS_DIG_SHA256, .aid = {{4, 2}}}, {.name = "RSA-MD5", - .oid = SIG_RSA_MD5_OID, + .oid = SIG_RSA_MD5_OID, .id = GNUTLS_SIGN_RSA_MD5, .pk = GNUTLS_PK_RSA, .hash = GNUTLS_DIG_MD5, .slevel = _INSECURE, .aid = {{1, 1}}}, {.name = "RSA-MD5", - .oid = "1.3.14.3.2.25", + .oid = "1.3.14.3.2.25", .id = GNUTLS_SIGN_RSA_MD5, .pk = GNUTLS_PK_RSA, .hash = GNUTLS_DIG_MD5, .slevel = _INSECURE, .aid = {{1, 1}}}, {.name = "RSA-MD2", - .oid = SIG_RSA_MD2_OID, + .oid = SIG_RSA_MD2_OID, .id = GNUTLS_SIGN_RSA_MD2, .pk = GNUTLS_PK_RSA, .hash = GNUTLS_DIG_MD2, .slevel = _INSECURE, .aid = TLS_SIGN_AID_UNKNOWN}, {.name = "ECDSA-SHA1", - .oid = "1.2.840.10045.4.1", + .oid = "1.2.840.10045.4.1", .id = GNUTLS_SIGN_ECDSA_SHA1, .pk = GNUTLS_PK_EC, .slevel = SHA1_SECURE_VAL, .hash = GNUTLS_DIG_SHA1, .aid = {{2, 3}}}, {.name = "ECDSA-SHA224", - .oid = "1.2.840.10045.4.3.1", + .oid = "1.2.840.10045.4.3.1", .id = GNUTLS_SIGN_ECDSA_SHA224, .pk = GNUTLS_PK_EC, .hash = GNUTLS_DIG_SHA224, .aid = TLS_SIGN_AID_UNKNOWN}, - {.name = "ECDSA-SHA256", - .oid = "1.2.840.10045.4.3.2", - .id = GNUTLS_SIGN_ECDSA_SHA256, - .pk = GNUTLS_PK_EC, - .hash = GNUTLS_DIG_SHA256, - .aid = {{4, 3}}}, - {.name = "ECDSA-SHA384", - .oid = "1.2.840.10045.4.3.3", - .id = GNUTLS_SIGN_ECDSA_SHA384, - .pk = GNUTLS_PK_EC, - .hash = GNUTLS_DIG_SHA384, - .aid = {{5, 3}}}, - {.name = "ECDSA-SHA512", - .oid = "1.2.840.10045.4.3.4", - .id = GNUTLS_SIGN_ECDSA_SHA512, - .pk = GNUTLS_PK_EC, - .hash = GNUTLS_DIG_SHA512, - .aid = {{6, 3}}}, {.name = "GOST R 34.10-2001", .oid = SIG_GOST_R3410_2001_OID, .id = 0, @@ -183,135 +314,19 @@ static const gnutls_sign_entry_st sign_algorithms[] = { .hash = 0, .aid = TLS_SIGN_AID_UNKNOWN}, {.name = "DSA-SHA384", - .oid = SIG_DSA_SHA384_OID, + .oid = SIG_DSA_SHA384_OID, .id = GNUTLS_SIGN_DSA_SHA384, .pk = GNUTLS_PK_DSA, .hash = GNUTLS_DIG_SHA384, .aid = {{5, 2}}}, {.name = "DSA-SHA512", - .oid = SIG_DSA_SHA512_OID, + .oid = SIG_DSA_SHA512_OID, .id = GNUTLS_SIGN_DSA_SHA512, .pk = GNUTLS_PK_DSA, .hash = GNUTLS_DIG_SHA512, .aid = {{6, 2}}}, - {.name = "ECDSA-SHA3-224", - .oid = SIG_ECDSA_SHA3_224_OID, - .id = GNUTLS_SIGN_ECDSA_SHA3_224, - .pk = GNUTLS_PK_EC, - .hash = GNUTLS_DIG_SHA3_224, - .aid = TLS_SIGN_AID_UNKNOWN}, - {.name = "ECDSA-SHA3-256", - .oid = SIG_ECDSA_SHA3_256_OID, - .id = GNUTLS_SIGN_ECDSA_SHA3_256, - .pk = GNUTLS_PK_EC, - .hash = GNUTLS_DIG_SHA3_256, - .aid = TLS_SIGN_AID_UNKNOWN}, - {.name = "ECDSA-SHA3-384", - .oid = SIG_ECDSA_SHA3_384_OID, - .id = GNUTLS_SIGN_ECDSA_SHA3_384, - .pk = GNUTLS_PK_EC, - .hash = GNUTLS_DIG_SHA3_384, - .aid = TLS_SIGN_AID_UNKNOWN}, - {.name = "ECDSA-SHA3-512", - .oid = SIG_ECDSA_SHA3_512_OID, - .id = GNUTLS_SIGN_ECDSA_SHA3_512, - .pk = GNUTLS_PK_EC, - .hash = GNUTLS_DIG_SHA3_512, - .aid = TLS_SIGN_AID_UNKNOWN}, - {.name = "RSA-SHA3-224", - .oid = SIG_RSA_SHA3_224_OID, - .id = GNUTLS_SIGN_RSA_SHA3_224, - .pk = GNUTLS_PK_RSA, - .hash = GNUTLS_DIG_SHA3_224, - .aid = TLS_SIGN_AID_UNKNOWN}, - {.name = "RSA-SHA3-256", - .oid = SIG_RSA_SHA3_256_OID, - .id = GNUTLS_SIGN_RSA_SHA3_256, - .pk = GNUTLS_PK_RSA, - .hash = GNUTLS_DIG_SHA3_256, - .aid = TLS_SIGN_AID_UNKNOWN}, - {.name = "RSA-SHA3-384", - .oid = SIG_RSA_SHA3_384_OID, - .id = GNUTLS_SIGN_RSA_SHA3_384, - .pk = GNUTLS_PK_RSA, - .hash = GNUTLS_DIG_SHA3_384, - .aid = TLS_SIGN_AID_UNKNOWN}, - {.name = "RSA-SHA3-512", - .oid = SIG_RSA_SHA3_512_OID, - .id = GNUTLS_SIGN_RSA_SHA3_512, - .pk = GNUTLS_PK_RSA, - .hash = GNUTLS_DIG_SHA3_512, - .aid = TLS_SIGN_AID_UNKNOWN}, - {.name = "DSA-SHA3-224", - .oid = SIG_DSA_SHA3_224_OID, - .id = GNUTLS_SIGN_DSA_SHA3_224, - .pk = GNUTLS_PK_DSA, - .hash = GNUTLS_DIG_SHA3_224, - .aid = TLS_SIGN_AID_UNKNOWN}, - {.name = "DSA-SHA3-256", - .oid = SIG_DSA_SHA3_256_OID, - .id = GNUTLS_SIGN_DSA_SHA3_256, - .pk = GNUTLS_PK_DSA, - .hash = GNUTLS_DIG_SHA3_256, - .aid = TLS_SIGN_AID_UNKNOWN}, - {.name = "DSA-SHA3-384", - .oid = SIG_DSA_SHA3_384_OID, - .id = GNUTLS_SIGN_DSA_SHA3_384, - .pk = GNUTLS_PK_DSA, - .hash = GNUTLS_DIG_SHA3_384, - .aid = TLS_SIGN_AID_UNKNOWN}, - {.name = "DSA-SHA3-512", - .oid = SIG_DSA_SHA3_512_OID, - .id = GNUTLS_SIGN_DSA_SHA3_512, - .pk = GNUTLS_PK_DSA, - .hash = GNUTLS_DIG_SHA3_512, - .aid = TLS_SIGN_AID_UNKNOWN}, - {.name = "RSA-PSS-SHA256", - .oid = PK_PKIX1_RSA_PSS_OID, - .id = GNUTLS_SIGN_RSA_PSS_SHA256, - .pk = GNUTLS_PK_RSA_PSS, - .hash = GNUTLS_DIG_SHA256, - .aid = {{8, 4}}}, - {.name = "RSA-PSS-SHA256", - .oid = PK_PKIX1_RSA_PSS_OID, - .id = GNUTLS_SIGN_RSA_PSS_SHA256, - .pk = GNUTLS_PK_RSA, - .hash = GNUTLS_DIG_SHA256, - .aid = {{8, 4}}}, - {.name = "RSA-PSS-SHA384", - .oid = PK_PKIX1_RSA_PSS_OID, - .id = GNUTLS_SIGN_RSA_PSS_SHA384, - .pk = GNUTLS_PK_RSA_PSS, - .hash = GNUTLS_DIG_SHA384, - .aid = {{8, 5}}}, - {.name = "RSA-PSS-SHA384", - .oid = PK_PKIX1_RSA_PSS_OID, - .id = GNUTLS_SIGN_RSA_PSS_SHA384, - .pk = GNUTLS_PK_RSA, - .hash = GNUTLS_DIG_SHA384, - .aid = {{8, 5}}}, - {.name = "RSA-PSS-SHA512", - .oid = PK_PKIX1_RSA_PSS_OID, - .id = GNUTLS_SIGN_RSA_PSS_SHA512, - .pk = GNUTLS_PK_RSA_PSS, - .hash = GNUTLS_DIG_SHA512, - .aid = {{8, 6}}}, - {.name = "RSA-PSS-SHA512", - .oid = PK_PKIX1_RSA_PSS_OID, - .id = GNUTLS_SIGN_RSA_PSS_SHA512, - .pk = GNUTLS_PK_RSA, - .hash = GNUTLS_DIG_SHA512, - .aid = {{8, 6}}}, - /* The hash algorithm here is set to be SHA512, although that is - * an internal detail of Ed25519; we set it, because CMS/PKCS#7 requires - * that mapping. */ - {.name = "EdDSA-Ed25519", - .oid = SIG_EDDSA_SHA512_OID, - .id = GNUTLS_SIGN_EDDSA_ED25519, - .pk = GNUTLS_PK_EDDSA_ED25519, - .hash = GNUTLS_DIG_SHA512, - .aid = {{8, 7}}}, + {0, 0, 0, 0, 0, TLS_SIGN_AID_UNKNOWN} }; |