diff options
| author | Daiki Ueno <ueno@unixuser.org> | 2009-08-31 14:34:01 +0900 |
|---|---|---|
| committer | Simon Josefsson <simon@josefsson.org> | 2009-08-31 14:59:08 +0200 |
| commit | cfb62003ad5e4900d222261674fdd2c770f6db25 (patch) | |
| tree | 0113288ddf34d340b7d56c2d7a5a2428a017de79 | |
| parent | ee25df5febdac9258fefb5c35a66f047379803fe (diff) | |
| download | gnutls-cfb62003ad5e4900d222261674fdd2c770f6db25.tar.gz | |
Add functions for TLS signature algorithm.
Add functions to convert TLS signature algorithm from/to constants
defined by GnuTLS.
Signed-off-by: Simon Josefsson <simon@josefsson.org>
| -rw-r--r-- | lib/gnutls_algorithms.c | 71 | ||||
| -rw-r--r-- | lib/gnutls_algorithms.h | 4 | ||||
| -rw-r--r-- | lib/gnutls_int.h | 6 |
3 files changed, 70 insertions, 11 deletions
diff --git a/lib/gnutls_algorithms.c b/lib/gnutls_algorithms.c index 08054c4617..73179bbc25 100644 --- a/lib/gnutls_algorithms.c +++ b/lib/gnutls_algorithms.c @@ -1787,29 +1787,32 @@ struct gnutls_sign_entry gnutls_sign_algorithm_t id; gnutls_pk_algorithm_t pk; gnutls_mac_algorithm_t mac; + sign_algorithm_st aid; }; typedef struct gnutls_sign_entry gnutls_sign_entry; +#define TLS_SIGN_AID_UNKNOWN {255, 255} + static const gnutls_sign_entry sign_algorithms[] = { {"RSA-SHA", SIG_RSA_SHA1_OID, GNUTLS_SIGN_RSA_SHA1, GNUTLS_PK_RSA, - GNUTLS_MAC_SHA1}, + GNUTLS_MAC_SHA1, {2, 1}}, {"RSA-SHA256", SIG_RSA_SHA256_OID, GNUTLS_SIGN_RSA_SHA256, GNUTLS_PK_RSA, - GNUTLS_MAC_SHA256}, + GNUTLS_MAC_SHA256, {4, 1}}, {"RSA-SHA384", SIG_RSA_SHA384_OID, GNUTLS_SIGN_RSA_SHA384, GNUTLS_PK_RSA, - GNUTLS_MAC_SHA384}, + GNUTLS_MAC_SHA384, {5, 1}}, {"RSA-SHA512", SIG_RSA_SHA512_OID, GNUTLS_SIGN_RSA_SHA512, GNUTLS_PK_RSA, - GNUTLS_MAC_SHA512}, + GNUTLS_MAC_SHA512, {6, 1}}, {"RSA-RMD160", SIG_RSA_RMD160_OID, GNUTLS_SIGN_RSA_RMD160, GNUTLS_PK_RSA, - GNUTLS_MAC_RMD160}, + GNUTLS_MAC_RMD160, TLS_SIGN_AID_UNKNOWN}, {"DSA-SHA", SIG_DSA_SHA1_OID, GNUTLS_SIGN_DSA_SHA1, GNUTLS_PK_DSA, - GNUTLS_MAC_SHA1}, + GNUTLS_MAC_SHA1, {2, 2}}, {"RSA-MD5", SIG_RSA_MD5_OID, GNUTLS_SIGN_RSA_MD5, GNUTLS_PK_RSA, - GNUTLS_MAC_MD5}, + GNUTLS_MAC_MD5, {1, 1}}, {"RSA-MD2", SIG_RSA_MD2_OID, GNUTLS_SIGN_RSA_MD2, GNUTLS_PK_RSA, - GNUTLS_MAC_MD2}, - {"GOST R 34.10-2001", SIG_GOST_R3410_2001_OID, 0, 0, 0}, - {"GOST R 34.10-94", SIG_GOST_R3410_94_OID, 0, 0, 0}, - {0, 0, 0, 0, 0} + GNUTLS_MAC_MD2, TLS_SIGN_AID_UNKNOWN}, + {"GOST R 34.10-2001", SIG_GOST_R3410_2001_OID, 0, 0, 0, TLS_SIGN_AID_UNKNOWN}, + {"GOST R 34.10-94", SIG_GOST_R3410_94_OID, 0, 0, 0, TLS_SIGN_AID_UNKNOWN}, + {0, 0, 0, 0, 0, TLS_SIGN_AID_UNKNOWN} }; /* Keep the contents of this struct the same as the previous one. */ @@ -1958,6 +1961,52 @@ _gnutls_x509_sign_to_oid (gnutls_pk_algorithm_t pk, return ret; } +gnutls_mac_algorithm_t +_gnutls_sign_get_mac_algorithm (gnutls_sign_algorithm_t sign) +{ + gnutls_mac_algorithm_t ret = GNUTLS_MAC_UNKNOWN; + + GNUTLS_SIGN_ALG_LOOP (ret = p->mac); + + return ret; +} + +gnutls_pk_algorithm_t +_gnutls_sign_get_pk_algorithm (gnutls_sign_algorithm_t sign) +{ + gnutls_pk_algorithm_t ret = GNUTLS_PK_UNKNOWN; + + GNUTLS_SIGN_ALG_LOOP (ret = p->pk); + + return ret; +} + +gnutls_sign_algorithm_t +_gnutls_tls_aid_to_sign (sign_algorithm_st aid) +{ + gnutls_sign_algorithm_t ret = GNUTLS_SIGN_UNKNOWN; + + GNUTLS_SIGN_LOOP ( if (p->aid.hash_algorithm == aid.hash_algorithm + && p->aid.sign_algorithm == aid.sign_algorithm) + { + ret = p->id; + break; + } ); + + return ret; +} + +sign_algorithm_st +_gnutls_sign_to_tls_aid (gnutls_sign_algorithm_t sign) +{ + sign_algorithm_st ret = TLS_SIGN_AID_UNKNOWN; + + GNUTLS_SIGN_ALG_LOOP (ret = p->aid); + + return ret; +} + + /* pk algorithms; */ diff --git a/lib/gnutls_algorithms.h b/lib/gnutls_algorithms.h index 0e2f2b7fcd..0a2faac52f 100644 --- a/lib/gnutls_algorithms.h +++ b/lib/gnutls_algorithms.h @@ -105,6 +105,10 @@ gnutls_sign_algorithm_t _gnutls_x509_pk_to_sign (gnutls_pk_algorithm_t pk, gnutls_mac_algorithm_t mac); const char *_gnutls_x509_sign_to_oid (gnutls_pk_algorithm_t, gnutls_mac_algorithm_t mac); +gnutls_sign_algorithm_t _gnutls_tls_aid_to_sign (sign_algorithm_st aid); +sign_algorithm_st _gnutls_sign_to_tls_aid (gnutls_sign_algorithm_t sign); +gnutls_mac_algorithm_t _gnutls_sign_get_mac_algorithm (gnutls_sign_algorithm_t); +gnutls_pk_algorithm_t _gnutls_sign_get_pk_algorithm (gnutls_sign_algorithm_t); int _gnutls_mac_priority (gnutls_session_t session, gnutls_mac_algorithm_t algorithm); diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index 9af17b03ba..100ad37487 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -273,6 +273,12 @@ typedef struct uint8_t suite[2]; } cipher_suite_st; +typedef struct +{ + uint8_t hash_algorithm; + uint8_t sign_algorithm; +} sign_algorithm_st; + /* This structure holds parameters got from TLS extension * mechanism. (some extensions may hold parameters in auth_info_t * structures also - see SRP). |