diff options
Diffstat (limited to 'lib/algorithms/sign.c')
-rw-r--r-- | lib/algorithms/sign.c | 60 |
1 files changed, 43 insertions, 17 deletions
diff --git a/lib/algorithms/sign.c b/lib/algorithms/sign.c index 33fd881892..5a45e9fa10 100644 --- a/lib/algorithms/sign.c +++ b/lib/algorithms/sign.c @@ -36,9 +36,6 @@ # define SHA1_SECURE_VAL _INSECURE_FOR_CERTS #endif -/* Signature algorithms may be listed twice with a different PK algorithm, - * e.g., RSA-PSS-SHA256 can be generated by GNUTLS_PK_RSA or GNUTLS_PK_RSA_PSS. - */ static const gnutls_sign_entry_st sign_algorithms[] = { /* RSA-PKCS#1 1.5: must be before PSS, * so that gnutls_pk_to_sign() will return @@ -67,37 +64,52 @@ static const gnutls_sign_entry_st sign_algorithms[] = { .oid = PK_PKIX1_RSA_PSS_OID, .id = GNUTLS_SIGN_RSA_PSS_SHA256, .pk = GNUTLS_PK_RSA_PSS, + .priv_pk = GNUTLS_PK_RSA, /* PKCS#11 doesn't separate RSA from RSA-PSS privkeys */ .hash = GNUTLS_DIG_SHA256, - .aid = {{8, 4}, SIG_SEM_DEFAULT}}, - {.name = "RSA-PSS-SHA256", + .tls13_ok = 1, + .aid = {{8, 9}, SIG_SEM_DEFAULT}}, + {.name = "RSA-PSS-RSAE-SHA256", .oid = PK_PKIX1_RSA_PSS_OID, - .id = GNUTLS_SIGN_RSA_PSS_SHA256, - .pk = GNUTLS_PK_RSA, + .id = GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, + .pk = GNUTLS_PK_RSA_PSS, + .cert_pk = GNUTLS_PK_RSA, + .priv_pk = GNUTLS_PK_RSA, .hash = GNUTLS_DIG_SHA256, + .tls13_ok = 1, .aid = {{8, 4}, SIG_SEM_DEFAULT}}, {.name = "RSA-PSS-SHA384", .oid = PK_PKIX1_RSA_PSS_OID, .id = GNUTLS_SIGN_RSA_PSS_SHA384, .pk = GNUTLS_PK_RSA_PSS, + .priv_pk = GNUTLS_PK_RSA, .hash = GNUTLS_DIG_SHA384, - .aid = {{8, 5}, SIG_SEM_DEFAULT}}, - {.name = "RSA-PSS-SHA384", + .tls13_ok = 1, + .aid = {{8, 0x0A}, SIG_SEM_DEFAULT}}, + {.name = "RSA-PSS-RSAE-SHA384", .oid = PK_PKIX1_RSA_PSS_OID, - .id = GNUTLS_SIGN_RSA_PSS_SHA384, - .pk = GNUTLS_PK_RSA, + .id = GNUTLS_SIGN_RSA_PSS_RSAE_SHA384, + .pk = GNUTLS_PK_RSA_PSS, + .cert_pk = GNUTLS_PK_RSA, + .priv_pk = GNUTLS_PK_RSA, .hash = GNUTLS_DIG_SHA384, + .tls13_ok = 1, .aid = {{8, 5}, SIG_SEM_DEFAULT}}, {.name = "RSA-PSS-SHA512", .oid = PK_PKIX1_RSA_PSS_OID, .id = GNUTLS_SIGN_RSA_PSS_SHA512, .pk = GNUTLS_PK_RSA_PSS, + .priv_pk = GNUTLS_PK_RSA, .hash = GNUTLS_DIG_SHA512, - .aid = {{8, 6}, SIG_SEM_DEFAULT}}, - {.name = "RSA-PSS-SHA512", + .tls13_ok = 1, + .aid = {{8, 0x0B}, SIG_SEM_DEFAULT}}, + {.name = "RSA-PSS-RSAE-SHA512", .oid = PK_PKIX1_RSA_PSS_OID, - .id = GNUTLS_SIGN_RSA_PSS_SHA512, - .pk = GNUTLS_PK_RSA, + .id = GNUTLS_SIGN_RSA_PSS_RSAE_SHA512, + .pk = GNUTLS_PK_RSA_PSS, + .cert_pk = GNUTLS_PK_RSA, + .priv_pk = GNUTLS_PK_RSA, .hash = GNUTLS_DIG_SHA512, + .tls13_ok = 1, .aid = {{8, 6}, SIG_SEM_DEFAULT}}, /* Ed25519: The hash algorithm here is set to be SHA512, although that is @@ -108,6 +120,7 @@ static const gnutls_sign_entry_st sign_algorithms[] = { .id = GNUTLS_SIGN_EDDSA_ED25519, .pk = GNUTLS_PK_EDDSA_ED25519, .hash = GNUTLS_DIG_SHA512, + .tls13_ok = 1, .aid = {{8, 7}, SIG_SEM_DEFAULT}}, /* ECDSA */ @@ -144,18 +157,21 @@ static const gnutls_sign_entry_st sign_algorithms[] = { .pk = GNUTLS_PK_ECDSA, .curve = GNUTLS_ECC_CURVE_SECP256R1, .hash = GNUTLS_DIG_SHA256, + .tls13_ok = 1, .aid = {{4, 3}, SIG_SEM_TLS13}}, {.name = "ECDSA-SECP384R1-SHA384", .id = GNUTLS_SIGN_ECDSA_SECP384R1_SHA384, .pk = GNUTLS_PK_ECDSA, .curve = GNUTLS_ECC_CURVE_SECP384R1, .hash = GNUTLS_DIG_SHA384, + .tls13_ok = 1, .aid = {{5, 3}, SIG_SEM_TLS13}}, {.name = "ECDSA-SECP521R1-SHA512", .id = GNUTLS_SIGN_ECDSA_SECP521R1_SHA512, .pk = GNUTLS_PK_ECDSA, .curve = GNUTLS_ECC_CURVE_SECP521R1, .hash = GNUTLS_DIG_SHA512, + .tls13_ok = 1, .aid = {{6, 3}, SIG_SEM_TLS13}}, /* ECDSA-SHA3 */ @@ -616,7 +632,8 @@ gnutls_sign_get_pk_algorithm(gnutls_sign_algorithm_t sign) * @pk: is a public key algorithm * * This function returns non-zero if the public key algorithm corresponds to - * the given signature algorithm. + * the given signature algorithm. That is, if that signature can be generated + * from the given private key algorithm. * * Since: 3.6.0 * @@ -625,7 +642,16 @@ gnutls_sign_get_pk_algorithm(gnutls_sign_algorithm_t sign) unsigned gnutls_sign_supports_pk_algorithm(gnutls_sign_algorithm_t sign, gnutls_pk_algorithm_t pk) { - GNUTLS_SIGN_LOOP( if(p->id && p->id == sign && pk == p->pk) { return 1; } ); + const gnutls_sign_entry_st *p; + unsigned r; + + for(p = sign_algorithms; p->name != NULL; p++) { + if (p->id && p->id == sign) { + r = sign_supports_priv_pk_algorithm(p, pk); + if (r != 0) + return r; + } + } return 0; } |