diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-07-28 13:40:21 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-08-04 16:53:53 +0200 |
| commit | 2931d8709c6283462c53d2b67e1480109536e772 (patch) | |
| tree | b8ae045502a6e2c48a9c5ee36e9b5c4faad79ed5 | |
| parent | 687940f25b29650a949e100038964e9601b672df (diff) | |
| download | gnutls-2931d8709c6283462c53d2b67e1480109536e772.tar.gz | |
sign: use C99 syntax for signature algorithm's table
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
| -rw-r--r-- | lib/algorithms/sign.c | 349 |
1 files changed, 252 insertions, 97 deletions
diff --git a/lib/algorithms/sign.c b/lib/algorithms/sign.c index 65fa432dee..265dca9708 100644 --- a/lib/algorithms/sign.c +++ b/lib/algorithms/sign.c @@ -33,106 +33,261 @@ * e.g., RSA-PSS-SHA256 can be generated by GNUTLS_PK_RSA or GNUTLS_PK_RSA_PSS. */ static const gnutls_sign_entry_st sign_algorithms[] = { - {"RSA-SHA1", SIG_RSA_SHA1_OID, GNUTLS_SIGN_RSA_SHA1, GNUTLS_PK_RSA, - GNUTLS_DIG_SHA1, {{2, 1}}}, - {"RSA-SHA1", ISO_SIG_RSA_SHA1_OID, GNUTLS_SIGN_RSA_SHA1, - GNUTLS_PK_RSA, - GNUTLS_DIG_SHA1, {{2, 1}}}, - {"RSA-SHA224", SIG_RSA_SHA224_OID, GNUTLS_SIGN_RSA_SHA224, - GNUTLS_PK_RSA, - GNUTLS_DIG_SHA224, {{3, 1}}}, - {"RSA-SHA256", SIG_RSA_SHA256_OID, GNUTLS_SIGN_RSA_SHA256, - GNUTLS_PK_RSA, - GNUTLS_DIG_SHA256, {{4, 1}}}, - {"RSA-SHA384", SIG_RSA_SHA384_OID, GNUTLS_SIGN_RSA_SHA384, - GNUTLS_PK_RSA, - GNUTLS_DIG_SHA384, {{5, 1}}}, - {"RSA-SHA512", SIG_RSA_SHA512_OID, GNUTLS_SIGN_RSA_SHA512, - GNUTLS_PK_RSA, - GNUTLS_DIG_SHA512, {{6, 1}}}, - {"RSA-RMD160", SIG_RSA_RMD160_OID, GNUTLS_SIGN_RSA_RMD160, - GNUTLS_PK_RSA, - GNUTLS_DIG_RMD160, TLS_SIGN_AID_UNKNOWN}, - {"DSA-SHA1", SIG_DSA_SHA1_OID, GNUTLS_SIGN_DSA_SHA1, GNUTLS_PK_DSA, - GNUTLS_DIG_SHA1, {{2, 2}}}, - {"DSA-SHA1", "1.3.14.3.2.27", GNUTLS_SIGN_DSA_SHA1, GNUTLS_PK_DSA, - GNUTLS_DIG_SHA1, {{2, 2}}}, - {"DSA-SHA224", SIG_DSA_SHA224_OID, GNUTLS_SIGN_DSA_SHA224, - GNUTLS_PK_DSA, - GNUTLS_DIG_SHA224, {{3, 2}}}, - {"DSA-SHA256", SIG_DSA_SHA256_OID, GNUTLS_SIGN_DSA_SHA256, - GNUTLS_PK_DSA, GNUTLS_DIG_SHA256, {{4, 2}}}, - {"RSA-MD5", SIG_RSA_MD5_OID, GNUTLS_SIGN_RSA_MD5, GNUTLS_PK_RSA, - GNUTLS_DIG_MD5, {{1, 1}}}, - {"RSA-MD5", "1.3.14.3.2.25", GNUTLS_SIGN_RSA_MD5, GNUTLS_PK_RSA, - GNUTLS_DIG_MD5, {{1, 1}}}, - {"RSA-MD2", SIG_RSA_MD2_OID, GNUTLS_SIGN_RSA_MD2, GNUTLS_PK_RSA, - GNUTLS_DIG_MD2, TLS_SIGN_AID_UNKNOWN}, - {"ECDSA-SHA1", "1.2.840.10045.4.1", GNUTLS_SIGN_ECDSA_SHA1, - GNUTLS_PK_EC, GNUTLS_DIG_SHA1, {{2, 3}}}, - {"ECDSA-SHA224", "1.2.840.10045.4.3.1", GNUTLS_SIGN_ECDSA_SHA224, - GNUTLS_PK_EC, GNUTLS_DIG_SHA224, {{3, 3}}}, - {"ECDSA-SHA256", "1.2.840.10045.4.3.2", GNUTLS_SIGN_ECDSA_SHA256, - GNUTLS_PK_EC, GNUTLS_DIG_SHA256, {{4, 3}}}, - {"ECDSA-SHA384", "1.2.840.10045.4.3.3", GNUTLS_SIGN_ECDSA_SHA384, - GNUTLS_PK_EC, GNUTLS_DIG_SHA384, {{5, 3}}}, - {"ECDSA-SHA512", "1.2.840.10045.4.3.4", GNUTLS_SIGN_ECDSA_SHA512, - GNUTLS_PK_EC, GNUTLS_DIG_SHA512, {{6, 3}}}, - {"GOST R 34.10-2001", SIG_GOST_R3410_2001_OID, 0, 0, 0, - TLS_SIGN_AID_UNKNOWN}, - {"GOST R 34.10-94", SIG_GOST_R3410_94_OID, 0, 0, 0, - TLS_SIGN_AID_UNKNOWN}, - {"DSA-SHA384", SIG_DSA_SHA384_OID, GNUTLS_SIGN_DSA_SHA384, - GNUTLS_PK_DSA, GNUTLS_DIG_SHA384, {{5, 2}}}, - {"DSA-SHA512", SIG_DSA_SHA512_OID, GNUTLS_SIGN_DSA_SHA512, - GNUTLS_PK_DSA, GNUTLS_DIG_SHA512, {{6, 2}}}, - - {"ECDSA-SHA3-224", SIG_ECDSA_SHA3_224_OID, GNUTLS_SIGN_ECDSA_SHA3_224, - GNUTLS_PK_EC, GNUTLS_DIG_SHA3_224, TLS_SIGN_AID_UNKNOWN}, - {"ECDSA-SHA3-256", SIG_ECDSA_SHA3_256_OID, GNUTLS_SIGN_ECDSA_SHA3_256, - GNUTLS_PK_EC, GNUTLS_DIG_SHA3_256, TLS_SIGN_AID_UNKNOWN}, - {"ECDSA-SHA3-384", SIG_ECDSA_SHA3_384_OID, GNUTLS_SIGN_ECDSA_SHA3_384, - GNUTLS_PK_EC, GNUTLS_DIG_SHA3_384, TLS_SIGN_AID_UNKNOWN}, - {"ECDSA-SHA3-512", SIG_ECDSA_SHA3_512_OID, GNUTLS_SIGN_ECDSA_SHA3_512, - GNUTLS_PK_EC, GNUTLS_DIG_SHA3_512, TLS_SIGN_AID_UNKNOWN}, - - {"RSA-SHA3-224", SIG_RSA_SHA3_224_OID, GNUTLS_SIGN_RSA_SHA3_224, - GNUTLS_PK_RSA, GNUTLS_DIG_SHA3_224, TLS_SIGN_AID_UNKNOWN}, - {"RSA-SHA3-256", SIG_RSA_SHA3_256_OID, GNUTLS_SIGN_RSA_SHA3_256, - GNUTLS_PK_RSA, GNUTLS_DIG_SHA3_256, TLS_SIGN_AID_UNKNOWN}, - {"RSA-SHA3-384", SIG_RSA_SHA3_384_OID, GNUTLS_SIGN_RSA_SHA3_384, - GNUTLS_PK_RSA, GNUTLS_DIG_SHA3_384, TLS_SIGN_AID_UNKNOWN}, - {"RSA-SHA3-512", SIG_RSA_SHA3_512_OID, GNUTLS_SIGN_RSA_SHA3_512, - GNUTLS_PK_RSA, GNUTLS_DIG_SHA3_512, TLS_SIGN_AID_UNKNOWN}, - - {"DSA-SHA3-224", SIG_DSA_SHA3_224_OID, GNUTLS_SIGN_DSA_SHA3_224, - GNUTLS_PK_DSA, GNUTLS_DIG_SHA3_224, TLS_SIGN_AID_UNKNOWN}, - {"DSA-SHA3-256", SIG_DSA_SHA3_256_OID, GNUTLS_SIGN_DSA_SHA3_256, - GNUTLS_PK_DSA, GNUTLS_DIG_SHA3_256, TLS_SIGN_AID_UNKNOWN}, - {"DSA-SHA3-384", SIG_DSA_SHA3_384_OID, GNUTLS_SIGN_DSA_SHA3_384, - GNUTLS_PK_DSA, GNUTLS_DIG_SHA3_384, TLS_SIGN_AID_UNKNOWN}, - {"DSA-SHA3-512", SIG_DSA_SHA3_512_OID, GNUTLS_SIGN_DSA_SHA3_512, - GNUTLS_PK_DSA, GNUTLS_DIG_SHA3_512, TLS_SIGN_AID_UNKNOWN}, - - {"RSA-PSS-SHA256", PK_PKIX1_RSA_PSS_OID, GNUTLS_SIGN_RSA_PSS_SHA256, - GNUTLS_PK_RSA_PSS, GNUTLS_DIG_SHA256, {{8, 4}}}, - {"RSA-PSS-SHA256", PK_PKIX1_RSA_PSS_OID, GNUTLS_SIGN_RSA_PSS_SHA256, - GNUTLS_PK_RSA, GNUTLS_DIG_SHA256, {{8, 4}}}, - {"RSA-PSS-SHA384", PK_PKIX1_RSA_PSS_OID, GNUTLS_SIGN_RSA_PSS_SHA384, - GNUTLS_PK_RSA_PSS, GNUTLS_DIG_SHA384, {{8, 5}}}, - {"RSA-PSS-SHA384", PK_PKIX1_RSA_PSS_OID, GNUTLS_SIGN_RSA_PSS_SHA384, - GNUTLS_PK_RSA, GNUTLS_DIG_SHA384, {{8, 5}}}, - {"RSA-PSS-SHA512", PK_PKIX1_RSA_PSS_OID, GNUTLS_SIGN_RSA_PSS_SHA512, - GNUTLS_PK_RSA_PSS, GNUTLS_DIG_SHA512, {{8, 6}}}, - {"RSA-PSS-SHA512", PK_PKIX1_RSA_PSS_OID, GNUTLS_SIGN_RSA_PSS_SHA512, - GNUTLS_PK_RSA, GNUTLS_DIG_SHA512, {{8, 6}}}, - + {.name = "RSA-SHA1", + .oid = SIG_RSA_SHA1_OID, + .id = GNUTLS_SIGN_RSA_SHA1, + .pk = GNUTLS_PK_RSA, + .hash = GNUTLS_DIG_SHA1, + .aid = {{2, 1}}}, + {.name = "RSA-SHA1", + .oid = ISO_SIG_RSA_SHA1_OID, + .id = GNUTLS_SIGN_RSA_SHA1, + .pk = GNUTLS_PK_RSA, + .hash = GNUTLS_DIG_SHA1, + .aid = {{2, 1}}}, + {.name = "RSA-SHA224", + .oid = SIG_RSA_SHA224_OID, + .id = GNUTLS_SIGN_RSA_SHA224, + .pk = GNUTLS_PK_RSA, + .hash = GNUTLS_DIG_SHA224, + .aid = {{3, 1}}}, + {.name = "RSA-SHA256", + .oid = SIG_RSA_SHA256_OID, + .id = GNUTLS_SIGN_RSA_SHA256, + .pk = GNUTLS_PK_RSA, + .hash = GNUTLS_DIG_SHA256, + .aid = {{4, 1}}}, + {.name = "RSA-SHA384", + .oid = SIG_RSA_SHA384_OID, + .id = GNUTLS_SIGN_RSA_SHA384, + .pk = GNUTLS_PK_RSA, + .hash = GNUTLS_DIG_SHA384, + .aid = {{5, 1}}}, + {.name = "RSA-SHA512", + .oid = SIG_RSA_SHA512_OID, + .id = GNUTLS_SIGN_RSA_SHA512, + .pk = GNUTLS_PK_RSA, + .hash = GNUTLS_DIG_SHA512, + .aid = {{6, 1}}}, + {.name = "RSA-RMD160", + .oid = SIG_RSA_RMD160_OID, + .id = GNUTLS_SIGN_RSA_RMD160, + .pk = GNUTLS_PK_RSA, + .hash = GNUTLS_DIG_RMD160, + .aid = TLS_SIGN_AID_UNKNOWN}, + {.name = "DSA-SHA1", + .oid = SIG_DSA_SHA1_OID, + .id = GNUTLS_SIGN_DSA_SHA1, + .pk = GNUTLS_PK_DSA, + .hash = GNUTLS_DIG_SHA1, + .aid = {{2, 2}}}, + {.name = "DSA-SHA1", + .oid = "1.3.14.3.2.27", + .id = GNUTLS_SIGN_DSA_SHA1, + .pk = GNUTLS_PK_DSA, + .hash = GNUTLS_DIG_SHA1, + .aid = {{2, 2}}}, + {.name = "DSA-SHA224", + .oid = SIG_DSA_SHA224_OID, + .id = GNUTLS_SIGN_DSA_SHA224, + .pk = GNUTLS_PK_DSA, + .hash = GNUTLS_DIG_SHA224, + .aid = {{3, 2}}}, + {.name = "DSA-SHA256", + .oid = SIG_DSA_SHA256_OID, + .id = GNUTLS_SIGN_DSA_SHA256, + .pk = GNUTLS_PK_DSA, + .hash = GNUTLS_DIG_SHA256, + .aid = {{4, 2}}}, + {.name = "RSA-MD5", + .oid = SIG_RSA_MD5_OID, + .id = GNUTLS_SIGN_RSA_MD5, + .pk = GNUTLS_PK_RSA, + .hash = GNUTLS_DIG_MD5, + .aid = {{1, 1}}}, + {.name = "RSA-MD5", + .oid = "1.3.14.3.2.25", + .id = GNUTLS_SIGN_RSA_MD5, + .pk = GNUTLS_PK_RSA, + .hash = GNUTLS_DIG_MD5, + .aid = {{1, 1}}}, + {.name = "RSA-MD2", + .oid = SIG_RSA_MD2_OID, + .id = GNUTLS_SIGN_RSA_MD2, + .pk = GNUTLS_PK_RSA, + .hash = GNUTLS_DIG_MD2, + .aid = TLS_SIGN_AID_UNKNOWN}, + {.name = "ECDSA-SHA1", + .oid = "1.2.840.10045.4.1", + .id = GNUTLS_SIGN_ECDSA_SHA1, + .pk = GNUTLS_PK_EC, + .hash = GNUTLS_DIG_SHA1, + .aid = {{2, 3}}}, + {.name = "ECDSA-SHA224", + .oid = "1.2.840.10045.4.3.1", + .id = GNUTLS_SIGN_ECDSA_SHA224, + .pk = GNUTLS_PK_EC, + .hash = GNUTLS_DIG_SHA224, + .aid = {{3, 3}}}, + {.name = "ECDSA-SHA256", + .oid = "1.2.840.10045.4.3.2", + .id = GNUTLS_SIGN_ECDSA_SHA256, + .pk = GNUTLS_PK_EC, + .hash = GNUTLS_DIG_SHA256, + .aid = {{4, 3}}}, + {.name = "ECDSA-SHA384", + .oid = "1.2.840.10045.4.3.3", + .id = GNUTLS_SIGN_ECDSA_SHA384, + .pk = GNUTLS_PK_EC, + .hash = GNUTLS_DIG_SHA384, + .aid = {{5, 3}}}, + {.name = "ECDSA-SHA512", + .oid = "1.2.840.10045.4.3.4", + .id = GNUTLS_SIGN_ECDSA_SHA512, + .pk = GNUTLS_PK_EC, + .hash = GNUTLS_DIG_SHA512, + .aid = {{6, 3}}}, + {.name = "GOST R 34.10-2001", + .oid = SIG_GOST_R3410_2001_OID, + .id = 0, + .pk = 0, + .hash = 0, + .aid = TLS_SIGN_AID_UNKNOWN}, + {.name = "GOST R 34.10-94", + .oid = SIG_GOST_R3410_94_OID, + .id = 0, + .pk = 0, + .hash = 0, + .aid = TLS_SIGN_AID_UNKNOWN}, + {.name = "DSA-SHA384", + .oid = SIG_DSA_SHA384_OID, + .id = GNUTLS_SIGN_DSA_SHA384, + .pk = GNUTLS_PK_DSA, + .hash = GNUTLS_DIG_SHA384, + .aid = {{5, 2}}}, + {.name = "DSA-SHA512", + .oid = SIG_DSA_SHA512_OID, + .id = GNUTLS_SIGN_DSA_SHA512, + .pk = GNUTLS_PK_DSA, + .hash = GNUTLS_DIG_SHA512, + .aid = {{6, 2}}}, + {.name = "ECDSA-SHA3-224", + .oid = SIG_ECDSA_SHA3_224_OID, + .id = GNUTLS_SIGN_ECDSA_SHA3_224, + .pk = GNUTLS_PK_EC, + .hash = GNUTLS_DIG_SHA3_224, + .aid = TLS_SIGN_AID_UNKNOWN}, + {.name = "ECDSA-SHA3-256", + .oid = SIG_ECDSA_SHA3_256_OID, + .id = GNUTLS_SIGN_ECDSA_SHA3_256, + .pk = GNUTLS_PK_EC, + .hash = GNUTLS_DIG_SHA3_256, + .aid = TLS_SIGN_AID_UNKNOWN}, + {.name = "ECDSA-SHA3-384", + .oid = SIG_ECDSA_SHA3_384_OID, + .id = GNUTLS_SIGN_ECDSA_SHA3_384, + .pk = GNUTLS_PK_EC, + .hash = GNUTLS_DIG_SHA3_384, + .aid = TLS_SIGN_AID_UNKNOWN}, + {.name = "ECDSA-SHA3-512", + .oid = SIG_ECDSA_SHA3_512_OID, + .id = GNUTLS_SIGN_ECDSA_SHA3_512, + .pk = GNUTLS_PK_EC, + .hash = GNUTLS_DIG_SHA3_512, + .aid = TLS_SIGN_AID_UNKNOWN}, + {.name = "RSA-SHA3-224", + .oid = SIG_RSA_SHA3_224_OID, + .id = GNUTLS_SIGN_RSA_SHA3_224, + .pk = GNUTLS_PK_RSA, + .hash = GNUTLS_DIG_SHA3_224, + .aid = TLS_SIGN_AID_UNKNOWN}, + {.name = "RSA-SHA3-256", + .oid = SIG_RSA_SHA3_256_OID, + .id = GNUTLS_SIGN_RSA_SHA3_256, + .pk = GNUTLS_PK_RSA, + .hash = GNUTLS_DIG_SHA3_256, + .aid = TLS_SIGN_AID_UNKNOWN}, + {.name = "RSA-SHA3-384", + .oid = SIG_RSA_SHA3_384_OID, + .id = GNUTLS_SIGN_RSA_SHA3_384, + .pk = GNUTLS_PK_RSA, + .hash = GNUTLS_DIG_SHA3_384, + .aid = TLS_SIGN_AID_UNKNOWN}, + {.name = "RSA-SHA3-512", + .oid = SIG_RSA_SHA3_512_OID, + .id = GNUTLS_SIGN_RSA_SHA3_512, + .pk = GNUTLS_PK_RSA, + .hash = GNUTLS_DIG_SHA3_512, + .aid = TLS_SIGN_AID_UNKNOWN}, + {.name = "DSA-SHA3-224", + .oid = SIG_DSA_SHA3_224_OID, + .id = GNUTLS_SIGN_DSA_SHA3_224, + .pk = GNUTLS_PK_DSA, + .hash = GNUTLS_DIG_SHA3_224, + .aid = TLS_SIGN_AID_UNKNOWN}, + {.name = "DSA-SHA3-256", + .oid = SIG_DSA_SHA3_256_OID, + .id = GNUTLS_SIGN_DSA_SHA3_256, + .pk = GNUTLS_PK_DSA, + .hash = GNUTLS_DIG_SHA3_256, + .aid = TLS_SIGN_AID_UNKNOWN}, + {.name = "DSA-SHA3-384", + .oid = SIG_DSA_SHA3_384_OID, + .id = GNUTLS_SIGN_DSA_SHA3_384, + .pk = GNUTLS_PK_DSA, + .hash = GNUTLS_DIG_SHA3_384, + .aid = TLS_SIGN_AID_UNKNOWN}, + {.name = "DSA-SHA3-512", + .oid = SIG_DSA_SHA3_512_OID, + .id = GNUTLS_SIGN_DSA_SHA3_512, + .pk = GNUTLS_PK_DSA, + .hash = GNUTLS_DIG_SHA3_512, + .aid = TLS_SIGN_AID_UNKNOWN}, + {.name = "RSA-PSS-SHA256", + .oid = PK_PKIX1_RSA_PSS_OID, + .id = GNUTLS_SIGN_RSA_PSS_SHA256, + .pk = GNUTLS_PK_RSA_PSS, + .hash = GNUTLS_DIG_SHA256, + .aid = {{8, 4}}}, + {.name = "RSA-PSS-SHA256", + .oid = PK_PKIX1_RSA_PSS_OID, + .id = GNUTLS_SIGN_RSA_PSS_SHA256, + .pk = GNUTLS_PK_RSA, + .hash = GNUTLS_DIG_SHA256, + .aid = {{8, 4}}}, + {.name = "RSA-PSS-SHA384", + .oid = PK_PKIX1_RSA_PSS_OID, + .id = GNUTLS_SIGN_RSA_PSS_SHA384, + .pk = GNUTLS_PK_RSA_PSS, + .hash = GNUTLS_DIG_SHA384, + .aid = {{8, 5}}}, + {.name = "RSA-PSS-SHA384", + .oid = PK_PKIX1_RSA_PSS_OID, + .id = GNUTLS_SIGN_RSA_PSS_SHA384, + .pk = GNUTLS_PK_RSA, + .hash = GNUTLS_DIG_SHA384, + .aid = {{8, 5}}}, + {.name = "RSA-PSS-SHA512", + .oid = PK_PKIX1_RSA_PSS_OID, + .id = GNUTLS_SIGN_RSA_PSS_SHA512, + .pk = GNUTLS_PK_RSA_PSS, + .hash = GNUTLS_DIG_SHA512, + .aid = {{8, 6}}}, + {.name = "RSA-PSS-SHA512", + .oid = PK_PKIX1_RSA_PSS_OID, + .id = GNUTLS_SIGN_RSA_PSS_SHA512, + .pk = GNUTLS_PK_RSA, + .hash = GNUTLS_DIG_SHA512, + .aid = {{8, 6}}}, /* The hash algorithm here is set to be SHA512, although that is * an internal detail of Ed25519; we set it, because CMS/PKCS#7 requires * that mapping. */ - {"EdDSA-Ed25519", SIG_EDDSA_SHA512_OID, GNUTLS_SIGN_EDDSA_ED25519, - GNUTLS_PK_EDDSA_ED25519, GNUTLS_DIG_SHA512, {{8, 7}}}, - + {.name = "EdDSA-Ed25519", + .oid = SIG_EDDSA_SHA512_OID, + .id = GNUTLS_SIGN_EDDSA_ED25519, + .pk = GNUTLS_PK_EDDSA_ED25519, + .hash = GNUTLS_DIG_SHA512, + .aid = {{8, 7}}}, {0, 0, 0, 0, 0, TLS_SIGN_AID_UNKNOWN} }; |