mirror of
https://github.com/strongswan/strongswan.git
synced 2025-12-07 00:00:13 -05:00
Explicitly mention SHA2 algorithm in BLISS OIDs and signature schemes
This commit is contained in:
Andreas Steffen
parent
6590298dad
commit
a88d958933
@ -346,9 +346,9 @@ static void parse_pubkey_constraints(char *auth, auth_cfg_t *cfg)
|
||||
{ "sha256", SIGN_ECDSA_256, KEY_ECDSA, },
|
||||
{ "sha384", SIGN_ECDSA_384, KEY_ECDSA, },
|
||||
{ "sha512", SIGN_ECDSA_521, KEY_ECDSA, },
|
||||
{ "sha256", SIGN_BLISS_WITH_SHA256, KEY_BLISS, },
|
||||
{ "sha384", SIGN_BLISS_WITH_SHA384, KEY_BLISS, },
|
||||
{ "sha512", SIGN_BLISS_WITH_SHA512, KEY_BLISS, },
|
||||
{ "sha256", SIGN_BLISS_WITH_SHA2_256, KEY_BLISS, },
|
||||
{ "sha384", SIGN_BLISS_WITH_SHA2_384, KEY_BLISS, },
|
||||
{ "sha512", SIGN_BLISS_WITH_SHA2_512, KEY_BLISS, },
|
||||
};
|
||||
|
||||
if (rsa_len || ecdsa_len || bliss_strength)
|
||||
|
||||
@ -223,9 +223,9 @@
|
||||
0x07 "BLISS-B-III" OID_BLISS_B_III
|
||||
0x08 "BLISS-B-IV" OID_BLISS_B_IV
|
||||
0x03 "blissSigType"
|
||||
0x01 "BLISS-with-SHA512" OID_BLISS_WITH_SHA512
|
||||
0x02 "BLISS-with-SHA384" OID_BLISS_WITH_SHA384
|
||||
0x03 "BLISS-with-SHA256" OID_BLISS_WITH_SHA256
|
||||
0x01 "BLISS-with-SHA2-512" OID_BLISS_WITH_SHA2_512
|
||||
0x02 "BLISS-with-SHA2-384" OID_BLISS_WITH_SHA2_384
|
||||
0x03 "BLISS-with-SHA2-256" OID_BLISS_WITH_SHA2_256
|
||||
0x04 "BLISS-with-SHA3-512" OID_BLISS_WITH_SHA3_512
|
||||
0x05 "BLISS-with-SHA3-384" OID_BLISS_WITH_SHA3_384
|
||||
0x06 "BLISS-with-SHA3-256" OID_BLISS_WITH_SHA3_256
|
||||
|
||||
@ -27,7 +27,7 @@ ENUM(key_type_names, KEY_ANY, KEY_BLISS,
|
||||
"BLISS"
|
||||
);
|
||||
|
||||
ENUM(signature_scheme_names, SIGN_UNKNOWN, SIGN_BLISS_WITH_SHA512,
|
||||
ENUM(signature_scheme_names, SIGN_UNKNOWN, SIGN_BLISS_WITH_SHA3_512,
|
||||
"UNKNOWN",
|
||||
"RSA_EMSA_PKCS1_NULL",
|
||||
"RSA_EMSA_PKCS1_MD5",
|
||||
@ -44,9 +44,9 @@ ENUM(signature_scheme_names, SIGN_UNKNOWN, SIGN_BLISS_WITH_SHA512,
|
||||
"ECDSA-256",
|
||||
"ECDSA-384",
|
||||
"ECDSA-521",
|
||||
"BLISS_WITH_SHA256",
|
||||
"BLISS_WITH_SHA384",
|
||||
"BLISS_WITH_SHA512",
|
||||
"BLISS_WITH_SHA2_256",
|
||||
"BLISS_WITH_SHA2_384",
|
||||
"BLISS_WITH_SHA2_512",
|
||||
"BLISS_WITH_SHA3_256",
|
||||
"BLISS_WITH_SHA3_384",
|
||||
"BLISS_WITH_SHA3_512",
|
||||
@ -140,12 +140,12 @@ signature_scheme_t signature_scheme_from_oid(int oid)
|
||||
case OID_ECDSA_WITH_SHA512:
|
||||
return SIGN_ECDSA_WITH_SHA512_DER;
|
||||
case OID_BLISS_PUBLICKEY:
|
||||
case OID_BLISS_WITH_SHA512:
|
||||
return SIGN_BLISS_WITH_SHA512;
|
||||
case OID_BLISS_WITH_SHA384:
|
||||
return SIGN_BLISS_WITH_SHA384;
|
||||
case OID_BLISS_WITH_SHA256:
|
||||
return SIGN_BLISS_WITH_SHA256;
|
||||
case OID_BLISS_WITH_SHA2_512:
|
||||
return SIGN_BLISS_WITH_SHA2_512;
|
||||
case OID_BLISS_WITH_SHA2_384:
|
||||
return SIGN_BLISS_WITH_SHA2_384;
|
||||
case OID_BLISS_WITH_SHA2_256:
|
||||
return SIGN_BLISS_WITH_SHA2_256;
|
||||
case OID_BLISS_WITH_SHA3_512:
|
||||
return SIGN_BLISS_WITH_SHA3_512;
|
||||
case OID_BLISS_WITH_SHA3_384:
|
||||
@ -190,12 +190,12 @@ int signature_scheme_to_oid(signature_scheme_t scheme)
|
||||
return OID_ECDSA_WITH_SHA384;
|
||||
case SIGN_ECDSA_WITH_SHA512_DER:
|
||||
return OID_ECDSA_WITH_SHA512;
|
||||
case SIGN_BLISS_WITH_SHA256:
|
||||
return OID_BLISS_WITH_SHA256;
|
||||
case SIGN_BLISS_WITH_SHA384:
|
||||
return OID_BLISS_WITH_SHA384;
|
||||
case SIGN_BLISS_WITH_SHA512:
|
||||
return OID_BLISS_WITH_SHA512;
|
||||
case SIGN_BLISS_WITH_SHA2_256:
|
||||
return OID_BLISS_WITH_SHA2_256;
|
||||
case SIGN_BLISS_WITH_SHA2_384:
|
||||
return OID_BLISS_WITH_SHA2_384;
|
||||
case SIGN_BLISS_WITH_SHA2_512:
|
||||
return OID_BLISS_WITH_SHA2_512;
|
||||
case SIGN_BLISS_WITH_SHA3_256:
|
||||
return OID_BLISS_WITH_SHA3_256;
|
||||
case SIGN_BLISS_WITH_SHA3_384:
|
||||
@ -222,9 +222,9 @@ static struct {
|
||||
{ SIGN_ECDSA_WITH_SHA256_DER, KEY_ECDSA, 256 },
|
||||
{ SIGN_ECDSA_WITH_SHA384_DER, KEY_ECDSA, 384 },
|
||||
{ SIGN_ECDSA_WITH_SHA512_DER, KEY_ECDSA, 0 },
|
||||
{ SIGN_BLISS_WITH_SHA256, KEY_BLISS, 128 },
|
||||
{ SIGN_BLISS_WITH_SHA384, KEY_BLISS, 192 },
|
||||
{ SIGN_BLISS_WITH_SHA512, KEY_BLISS, 0 },
|
||||
{ SIGN_BLISS_WITH_SHA2_256, KEY_BLISS, 128 },
|
||||
{ SIGN_BLISS_WITH_SHA2_384, KEY_BLISS, 192 },
|
||||
{ SIGN_BLISS_WITH_SHA2_512, KEY_BLISS, 0 }
|
||||
};
|
||||
|
||||
/**
|
||||
@ -299,9 +299,9 @@ key_type_t key_type_from_signature_scheme(signature_scheme_t scheme)
|
||||
case SIGN_ECDSA_384:
|
||||
case SIGN_ECDSA_521:
|
||||
return KEY_ECDSA;
|
||||
case SIGN_BLISS_WITH_SHA256:
|
||||
case SIGN_BLISS_WITH_SHA384:
|
||||
case SIGN_BLISS_WITH_SHA512:
|
||||
case SIGN_BLISS_WITH_SHA2_256:
|
||||
case SIGN_BLISS_WITH_SHA2_384:
|
||||
case SIGN_BLISS_WITH_SHA2_512:
|
||||
case SIGN_BLISS_WITH_SHA3_256:
|
||||
case SIGN_BLISS_WITH_SHA3_384:
|
||||
case SIGN_BLISS_WITH_SHA3_512:
|
||||
|
||||
@ -94,12 +94,12 @@ enum signature_scheme_t {
|
||||
SIGN_ECDSA_384,
|
||||
/** ECDSA on the P-521 curve with SHA-512 as in RFC 4754 */
|
||||
SIGN_ECDSA_521,
|
||||
/** BLISS with SHA-256 */
|
||||
SIGN_BLISS_WITH_SHA256,
|
||||
/** BLISS with SHA-384 */
|
||||
SIGN_BLISS_WITH_SHA384,
|
||||
/** BLISS with SHA-512 */
|
||||
SIGN_BLISS_WITH_SHA512,
|
||||
/** BLISS with SHA-2_256 */
|
||||
SIGN_BLISS_WITH_SHA2_256,
|
||||
/** BLISS with SHA-2_384 */
|
||||
SIGN_BLISS_WITH_SHA2_384,
|
||||
/** BLISS with SHA-2_512 */
|
||||
SIGN_BLISS_WITH_SHA2_512,
|
||||
/** BLISS with SHA-3_256 */
|
||||
SIGN_BLISS_WITH_SHA3_256,
|
||||
/** BLISS with SHA-3_384 */
|
||||
|
||||
@ -387,11 +387,11 @@ int hasher_signature_algorithm_to_oid(hash_algorithm_t alg, key_type_t key)
|
||||
switch (alg)
|
||||
{
|
||||
case HASH_SHA256:
|
||||
return OID_BLISS_WITH_SHA256;
|
||||
return OID_BLISS_WITH_SHA2_256;
|
||||
case HASH_SHA384:
|
||||
return OID_BLISS_WITH_SHA384;
|
||||
return OID_BLISS_WITH_SHA2_384;
|
||||
case HASH_SHA512:
|
||||
return OID_BLISS_WITH_SHA512;
|
||||
return OID_BLISS_WITH_SHA2_512;
|
||||
case HASH_SHA3_256:
|
||||
return OID_BLISS_WITH_SHA3_256;
|
||||
case HASH_SHA3_384:
|
||||
@ -427,19 +427,19 @@ hash_algorithm_t hasher_from_signature_scheme(signature_scheme_t scheme)
|
||||
case SIGN_RSA_EMSA_PKCS1_SHA256:
|
||||
case SIGN_ECDSA_WITH_SHA256_DER:
|
||||
case SIGN_ECDSA_256:
|
||||
case SIGN_BLISS_WITH_SHA256:
|
||||
case SIGN_BLISS_WITH_SHA2_256:
|
||||
case SIGN_BLISS_WITH_SHA3_256:
|
||||
return HASH_SHA256;
|
||||
case SIGN_RSA_EMSA_PKCS1_SHA384:
|
||||
case SIGN_ECDSA_WITH_SHA384_DER:
|
||||
case SIGN_ECDSA_384:
|
||||
case SIGN_BLISS_WITH_SHA384:
|
||||
case SIGN_BLISS_WITH_SHA2_384:
|
||||
case SIGN_BLISS_WITH_SHA3_384:
|
||||
return HASH_SHA384;
|
||||
case SIGN_RSA_EMSA_PKCS1_SHA512:
|
||||
case SIGN_ECDSA_WITH_SHA512_DER:
|
||||
case SIGN_ECDSA_521:
|
||||
case SIGN_BLISS_WITH_SHA512:
|
||||
case SIGN_BLISS_WITH_SHA2_512:
|
||||
case SIGN_BLISS_WITH_SHA3_512:
|
||||
return HASH_SHA512;
|
||||
}
|
||||
|
||||
@ -55,19 +55,31 @@ METHOD(plugin_t, get_features, int,
|
||||
PLUGIN_REGISTER(PUBKEY, bliss_public_key_load, TRUE),
|
||||
PLUGIN_PROVIDE(PUBKEY, KEY_ANY),
|
||||
/* signature schemes, private */
|
||||
PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_BLISS_WITH_SHA256),
|
||||
PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_BLISS_WITH_SHA2_256),
|
||||
PLUGIN_DEPENDS(HASHER, HASH_SHA256),
|
||||
PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_BLISS_WITH_SHA384),
|
||||
PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_BLISS_WITH_SHA2_384),
|
||||
PLUGIN_DEPENDS(HASHER, HASH_SHA384),
|
||||
PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_BLISS_WITH_SHA512),
|
||||
PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_BLISS_WITH_SHA2_512),
|
||||
PLUGIN_DEPENDS(HASHER, HASH_SHA512),
|
||||
PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_BLISS_WITH_SHA3_256),
|
||||
PLUGIN_DEPENDS(HASHER, HASH_SHA3_256),
|
||||
PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_BLISS_WITH_SHA3_384),
|
||||
PLUGIN_DEPENDS(HASHER, HASH_SHA3_384),
|
||||
PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_BLISS_WITH_SHA3_512),
|
||||
PLUGIN_DEPENDS(HASHER, HASH_SHA3_512),
|
||||
/* signature verification schemes */
|
||||
PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_BLISS_WITH_SHA256),
|
||||
PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_BLISS_WITH_SHA2_256),
|
||||
PLUGIN_DEPENDS(HASHER, HASH_SHA256),
|
||||
PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_BLISS_WITH_SHA384),
|
||||
PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_BLISS_WITH_SHA2_384),
|
||||
PLUGIN_DEPENDS(HASHER, HASH_SHA384),
|
||||
PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_BLISS_WITH_SHA512),
|
||||
PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_BLISS_WITH_SHA2_512),
|
||||
PLUGIN_DEPENDS(HASHER, HASH_SHA512),
|
||||
PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_BLISS_WITH_SHA3_256),
|
||||
PLUGIN_DEPENDS(HASHER, HASH_SHA3_256),
|
||||
PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_BLISS_WITH_SHA3_384),
|
||||
PLUGIN_DEPENDS(HASHER, HASH_SHA3_384),
|
||||
PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_BLISS_WITH_SHA3_512),
|
||||
PLUGIN_DEPENDS(HASHER, HASH_SHA3_512),
|
||||
};
|
||||
*features = f;
|
||||
|
||||
|
||||
@ -511,11 +511,11 @@ METHOD(private_key_t, sign, bool,
|
||||
{
|
||||
switch (scheme)
|
||||
{
|
||||
case SIGN_BLISS_WITH_SHA256:
|
||||
case SIGN_BLISS_WITH_SHA2_256:
|
||||
return sign_bliss(this, HASH_SHA256, data, signature);
|
||||
case SIGN_BLISS_WITH_SHA384:
|
||||
case SIGN_BLISS_WITH_SHA2_384:
|
||||
return sign_bliss(this, HASH_SHA384, data, signature);
|
||||
case SIGN_BLISS_WITH_SHA512:
|
||||
case SIGN_BLISS_WITH_SHA2_512:
|
||||
return sign_bliss(this, HASH_SHA512, data, signature);
|
||||
case SIGN_BLISS_WITH_SHA3_256:
|
||||
return sign_bliss(this, HASH_SHA3_256, data, signature);
|
||||
|
||||
@ -193,11 +193,11 @@ METHOD(public_key_t, verify, bool,
|
||||
{
|
||||
switch (scheme)
|
||||
{
|
||||
case SIGN_BLISS_WITH_SHA256:
|
||||
case SIGN_BLISS_WITH_SHA2_256:
|
||||
return verify_bliss(this, HASH_SHA256, data, signature);
|
||||
case SIGN_BLISS_WITH_SHA384:
|
||||
case SIGN_BLISS_WITH_SHA2_384:
|
||||
return verify_bliss(this, HASH_SHA384, data, signature);
|
||||
case SIGN_BLISS_WITH_SHA512:
|
||||
case SIGN_BLISS_WITH_SHA2_512:
|
||||
return verify_bliss(this, HASH_SHA512, data, signature);
|
||||
case SIGN_BLISS_WITH_SHA3_256:
|
||||
return verify_bliss(this, HASH_SHA3_256, data, signature);
|
||||
|
||||
@ -36,13 +36,13 @@ START_TEST(test_bliss_sign_all)
|
||||
switch (k)
|
||||
{
|
||||
case 1:
|
||||
signature_scheme = SIGN_BLISS_WITH_SHA256;
|
||||
signature_scheme = SIGN_BLISS_WITH_SHA2_256;
|
||||
break;
|
||||
case 2:
|
||||
signature_scheme = SIGN_BLISS_WITH_SHA384;
|
||||
signature_scheme = SIGN_BLISS_WITH_SHA2_384;
|
||||
break;
|
||||
default:
|
||||
signature_scheme = SIGN_BLISS_WITH_SHA512;
|
||||
signature_scheme = SIGN_BLISS_WITH_SHA2_512;
|
||||
}
|
||||
|
||||
/* enforce BLISS-B key for k = 2, 3 */
|
||||
@ -176,14 +176,14 @@ START_TEST(test_bliss_sign_fail)
|
||||
|
||||
/* generate valid signature */
|
||||
msg = chunk_from_str("Hello Dolly!");
|
||||
ck_assert(privkey->sign(privkey, SIGN_BLISS_WITH_SHA512, msg, &signature));
|
||||
ck_assert(privkey->sign(privkey, SIGN_BLISS_WITH_SHA2_512, msg, &signature));
|
||||
|
||||
/* verify with invalid signature scheme */
|
||||
ck_assert(!pubkey->verify(pubkey, SIGN_UNKNOWN, msg, signature));
|
||||
|
||||
/* corrupt signature */
|
||||
signature.ptr[signature.len - 1] ^= 0x80;
|
||||
ck_assert(!pubkey->verify(pubkey, SIGN_BLISS_WITH_SHA512, msg, signature));
|
||||
ck_assert(!pubkey->verify(pubkey, SIGN_BLISS_WITH_SHA2_512, msg, signature));
|
||||
|
||||
free(signature.ptr);
|
||||
privkey->destroy(privkey);
|
||||
|
||||
@ -266,8 +266,8 @@ static chunk_t build_optionalSignature(private_x509_ocsp_request_t *this,
|
||||
scheme = SIGN_ECDSA_WITH_SHA1_DER;
|
||||
break;
|
||||
case KEY_BLISS:
|
||||
oid = OID_BLISS_WITH_SHA512;
|
||||
scheme = SIGN_BLISS_WITH_SHA512;
|
||||
oid = OID_BLISS_WITH_SHA2_512;
|
||||
scheme = SIGN_BLISS_WITH_SHA2_512;
|
||||
break;
|
||||
default:
|
||||
DBG1(DBG_LIB, "unable to sign OCSP request, %N signature not "
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright (C) 2013 Andreas Steffen
|
||||
* Copyright (C) 2013-2015 Andreas Steffen
|
||||
* HSR Hochschule fuer Technik Rapperswil
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify it
|
||||
@ -28,30 +28,38 @@ typedef struct {
|
||||
}hasher_oid_t;
|
||||
|
||||
static hasher_oid_t oids[] = {
|
||||
{ OID_MD2, HASH_MD2, KEY_ANY },
|
||||
{ OID_MD5, HASH_MD5, KEY_ANY },
|
||||
{ OID_SHA1, HASH_SHA1, KEY_ANY },
|
||||
{ OID_SHA224, HASH_SHA224, KEY_ANY },
|
||||
{ OID_SHA256, HASH_SHA256, KEY_ANY },
|
||||
{ OID_SHA384, HASH_SHA384, KEY_ANY },
|
||||
{ OID_SHA512, HASH_SHA512, KEY_ANY },
|
||||
{ OID_UNKNOWN, HASH_UNKNOWN, KEY_ANY },
|
||||
{ OID_MD2_WITH_RSA, HASH_MD2, KEY_RSA },
|
||||
{ OID_MD5_WITH_RSA, HASH_MD5, KEY_RSA },
|
||||
{ OID_SHA1_WITH_RSA, HASH_SHA1, KEY_RSA },
|
||||
{ OID_SHA224_WITH_RSA, HASH_SHA224, KEY_RSA },
|
||||
{ OID_SHA256_WITH_RSA, HASH_SHA256, KEY_RSA },
|
||||
{ OID_SHA384_WITH_RSA, HASH_SHA384, KEY_RSA },
|
||||
{ OID_SHA512_WITH_RSA, HASH_SHA512, KEY_RSA },
|
||||
{ OID_UNKNOWN, HASH_UNKNOWN, KEY_RSA },
|
||||
{ OID_ECDSA_WITH_SHA1, HASH_SHA1, KEY_ECDSA },
|
||||
{ OID_ECDSA_WITH_SHA256, HASH_SHA256, KEY_ECDSA },
|
||||
{ OID_ECDSA_WITH_SHA384, HASH_SHA384, KEY_ECDSA },
|
||||
{ OID_ECDSA_WITH_SHA512, HASH_SHA512, KEY_ECDSA },
|
||||
{ OID_BLISS_WITH_SHA256, HASH_SHA256, KEY_BLISS },
|
||||
{ OID_BLISS_WITH_SHA384, HASH_SHA384, KEY_BLISS },
|
||||
{ OID_BLISS_WITH_SHA512, HASH_SHA512, KEY_BLISS },
|
||||
{ OID_UNKNOWN, HASH_UNKNOWN, KEY_ECDSA }
|
||||
{ OID_MD2, HASH_MD2, KEY_ANY }, /* 0 */
|
||||
{ OID_MD5, HASH_MD5, KEY_ANY }, /* 1 */
|
||||
{ OID_SHA1, HASH_SHA1, KEY_ANY }, /* 2 */
|
||||
{ OID_SHA224, HASH_SHA224, KEY_ANY }, /* 3 */
|
||||
{ OID_SHA256, HASH_SHA256, KEY_ANY }, /* 4 */
|
||||
{ OID_SHA384, HASH_SHA384, KEY_ANY }, /* 5 */
|
||||
{ OID_SHA512, HASH_SHA512, KEY_ANY }, /* 6 */
|
||||
{ OID_SHA3_224, HASH_SHA3_224, KEY_ANY }, /* 7 */
|
||||
{ OID_SHA3_256, HASH_SHA3_256, KEY_ANY }, /* 8 */
|
||||
{ OID_SHA3_384, HASH_SHA3_384, KEY_ANY }, /* 9 */
|
||||
{ OID_SHA3_512, HASH_SHA3_512, KEY_ANY }, /* 10 */
|
||||
{ OID_UNKNOWN, HASH_UNKNOWN, KEY_ANY }, /* 11 */
|
||||
{ OID_MD2_WITH_RSA, HASH_MD2, KEY_RSA }, /* 12 */
|
||||
{ OID_MD5_WITH_RSA, HASH_MD5, KEY_RSA }, /* 13 */
|
||||
{ OID_SHA1_WITH_RSA, HASH_SHA1, KEY_RSA }, /* 14 */
|
||||
{ OID_SHA224_WITH_RSA, HASH_SHA224, KEY_RSA }, /* 15 */
|
||||
{ OID_SHA256_WITH_RSA, HASH_SHA256, KEY_RSA }, /* 16 */
|
||||
{ OID_SHA384_WITH_RSA, HASH_SHA384, KEY_RSA }, /* 17 */
|
||||
{ OID_SHA512_WITH_RSA, HASH_SHA512, KEY_RSA }, /* 18 */
|
||||
{ OID_UNKNOWN, HASH_UNKNOWN, KEY_RSA }, /* 19 */
|
||||
{ OID_ECDSA_WITH_SHA1, HASH_SHA1, KEY_ECDSA }, /* 20 */
|
||||
{ OID_ECDSA_WITH_SHA256, HASH_SHA256, KEY_ECDSA }, /* 21 */
|
||||
{ OID_ECDSA_WITH_SHA384, HASH_SHA384, KEY_ECDSA }, /* 22 */
|
||||
{ OID_ECDSA_WITH_SHA512, HASH_SHA512, KEY_ECDSA }, /* 23 */
|
||||
{ OID_UNKNOWN, HASH_UNKNOWN, KEY_ECDSA }, /* 24 */
|
||||
{ OID_BLISS_WITH_SHA2_256, HASH_SHA256, KEY_BLISS }, /* 25 */
|
||||
{ OID_BLISS_WITH_SHA2_384, HASH_SHA384, KEY_BLISS }, /* 26 */
|
||||
{ OID_BLISS_WITH_SHA2_512, HASH_SHA512, KEY_BLISS }, /* 27 */
|
||||
{ OID_BLISS_WITH_SHA3_256, HASH_SHA3_256, KEY_BLISS }, /* 28 */
|
||||
{ OID_BLISS_WITH_SHA3_384, HASH_SHA3_384, KEY_BLISS }, /* 29 */
|
||||
{ OID_BLISS_WITH_SHA3_512, HASH_SHA3_512, KEY_BLISS }, /* 30 */
|
||||
{ OID_UNKNOWN, HASH_UNKNOWN, KEY_BLISS } /* 31 */
|
||||
};
|
||||
|
||||
START_TEST(test_hasher_from_oid)
|
||||
@ -169,11 +177,11 @@ Suite *hasher_suite_create()
|
||||
suite_add_tcase(s, tc);
|
||||
|
||||
tc = tcase_create("to_oid");
|
||||
tcase_add_loop_test(tc, test_hasher_to_oid, 0, 8);
|
||||
tcase_add_loop_test(tc, test_hasher_to_oid, 0, 12);
|
||||
suite_add_tcase(s, tc);
|
||||
|
||||
tc = tcase_create("sig_to_oid");
|
||||
tcase_add_loop_test(tc, test_hasher_sig_to_oid, 7, countof(oids));
|
||||
tcase_add_loop_test(tc, test_hasher_sig_to_oid, 11, countof(oids));
|
||||
suite_add_tcase(s, tc);
|
||||
|
||||
tc = tcase_create("from_prf");
|
||||
|
||||
@ -789,9 +789,9 @@ static struct {
|
||||
{KEY_ECDSA, 256, { SIGN_ECDSA_WITH_SHA256_DER, SIGN_ECDSA_WITH_SHA384_DER, SIGN_ECDSA_WITH_SHA512_DER, SIGN_UNKNOWN }},
|
||||
{KEY_ECDSA, 384, { SIGN_ECDSA_WITH_SHA384_DER, SIGN_ECDSA_WITH_SHA512_DER, SIGN_UNKNOWN }},
|
||||
{KEY_ECDSA, 512, { SIGN_ECDSA_WITH_SHA512_DER, SIGN_UNKNOWN }},
|
||||
{KEY_BLISS, 128, { SIGN_BLISS_WITH_SHA256, SIGN_BLISS_WITH_SHA384, SIGN_BLISS_WITH_SHA512, SIGN_UNKNOWN }},
|
||||
{KEY_BLISS, 192, { SIGN_BLISS_WITH_SHA384, SIGN_BLISS_WITH_SHA512, SIGN_UNKNOWN }},
|
||||
{KEY_BLISS, 256, { SIGN_BLISS_WITH_SHA512, SIGN_UNKNOWN }},
|
||||
{KEY_BLISS, 128, { SIGN_BLISS_WITH_SHA2_256, SIGN_BLISS_WITH_SHA2_384, SIGN_BLISS_WITH_SHA2_512, SIGN_UNKNOWN }},
|
||||
{KEY_BLISS, 192, { SIGN_BLISS_WITH_SHA2_384, SIGN_BLISS_WITH_SHA2_512, SIGN_UNKNOWN }},
|
||||
{KEY_BLISS, 256, { SIGN_BLISS_WITH_SHA2_512, SIGN_UNKNOWN }},
|
||||
};
|
||||
|
||||
START_TEST(test_signature_schemes_for_key)
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user