Rename SSL_SIGN_RSA_PSS_SHA* constants.
This reflects the change to add the key type into the constant. The old constants are left around for now as legacy aliases and will be removed later. Change-Id: I67f1b50c01fbe0ebf4a2e9e89d3e7d5ed5f5a9d7 Reviewed-on: https://boringssl-review.googlesource.com/27486 Reviewed-by: Steven Valdez <svaldez@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
This commit is contained in:
parent
5ad94767ab
commit
6879e19362
@ -970,9 +970,9 @@ OPENSSL_EXPORT int SSL_set_ocsp_response(SSL *ssl,
|
|||||||
#define SSL_SIGN_ECDSA_SECP256R1_SHA256 0x0403
|
#define SSL_SIGN_ECDSA_SECP256R1_SHA256 0x0403
|
||||||
#define SSL_SIGN_ECDSA_SECP384R1_SHA384 0x0503
|
#define SSL_SIGN_ECDSA_SECP384R1_SHA384 0x0503
|
||||||
#define SSL_SIGN_ECDSA_SECP521R1_SHA512 0x0603
|
#define SSL_SIGN_ECDSA_SECP521R1_SHA512 0x0603
|
||||||
#define SSL_SIGN_RSA_PSS_SHA256 0x0804
|
#define SSL_SIGN_RSA_PSS_RSAE_SHA256 0x0804
|
||||||
#define SSL_SIGN_RSA_PSS_SHA384 0x0805
|
#define SSL_SIGN_RSA_PSS_RSAE_SHA384 0x0805
|
||||||
#define SSL_SIGN_RSA_PSS_SHA512 0x0806
|
#define SSL_SIGN_RSA_PSS_RSAE_SHA512 0x0806
|
||||||
#define SSL_SIGN_ED25519 0x0807
|
#define SSL_SIGN_ED25519 0x0807
|
||||||
|
|
||||||
// SSL_SIGN_RSA_PKCS1_MD5_SHA1 is an internal signature algorithm used to
|
// SSL_SIGN_RSA_PKCS1_MD5_SHA1 is an internal signature algorithm used to
|
||||||
@ -4116,6 +4116,12 @@ OPENSSL_EXPORT SSL_SESSION *SSL_get1_session(SSL *ssl);
|
|||||||
OPENSSL_EXPORT int OPENSSL_init_ssl(uint64_t opts,
|
OPENSSL_EXPORT int OPENSSL_init_ssl(uint64_t opts,
|
||||||
const OPENSSL_INIT_SETTINGS *settings);
|
const OPENSSL_INIT_SETTINGS *settings);
|
||||||
|
|
||||||
|
// The following constants are legacy aliases for RSA-PSS with rsaEncryption
|
||||||
|
// keys. Use the new names instead.
|
||||||
|
#define SSL_SIGN_RSA_PSS_SHA256 SSL_SIGN_RSA_PSS_RSAE_SHA256
|
||||||
|
#define SSL_SIGN_RSA_PSS_SHA384 SSL_SIGN_RSA_PSS_RSAE_SHA384
|
||||||
|
#define SSL_SIGN_RSA_PSS_SHA512 SSL_SIGN_RSA_PSS_RSAE_SHA512
|
||||||
|
|
||||||
|
|
||||||
// Private structures.
|
// Private structures.
|
||||||
//
|
//
|
||||||
|
@ -111,9 +111,9 @@ static const SSL_SIGNATURE_ALGORITHM kSignatureAlgorithms[] = {
|
|||||||
{SSL_SIGN_RSA_PKCS1_SHA384, EVP_PKEY_RSA, NID_undef, &EVP_sha384, 0},
|
{SSL_SIGN_RSA_PKCS1_SHA384, EVP_PKEY_RSA, NID_undef, &EVP_sha384, 0},
|
||||||
{SSL_SIGN_RSA_PKCS1_SHA512, EVP_PKEY_RSA, NID_undef, &EVP_sha512, 0},
|
{SSL_SIGN_RSA_PKCS1_SHA512, EVP_PKEY_RSA, NID_undef, &EVP_sha512, 0},
|
||||||
|
|
||||||
{SSL_SIGN_RSA_PSS_SHA256, EVP_PKEY_RSA, NID_undef, &EVP_sha256, 1},
|
{SSL_SIGN_RSA_PSS_RSAE_SHA256, EVP_PKEY_RSA, NID_undef, &EVP_sha256, 1},
|
||||||
{SSL_SIGN_RSA_PSS_SHA384, EVP_PKEY_RSA, NID_undef, &EVP_sha384, 1},
|
{SSL_SIGN_RSA_PSS_RSAE_SHA384, EVP_PKEY_RSA, NID_undef, &EVP_sha384, 1},
|
||||||
{SSL_SIGN_RSA_PSS_SHA512, EVP_PKEY_RSA, NID_undef, &EVP_sha512, 1},
|
{SSL_SIGN_RSA_PSS_RSAE_SHA512, EVP_PKEY_RSA, NID_undef, &EVP_sha512, 1},
|
||||||
|
|
||||||
{SSL_SIGN_ECDSA_SHA1, EVP_PKEY_EC, NID_undef, &EVP_sha1, 0},
|
{SSL_SIGN_ECDSA_SHA1, EVP_PKEY_EC, NID_undef, &EVP_sha1, 0},
|
||||||
{SSL_SIGN_ECDSA_SECP256R1_SHA256, EVP_PKEY_EC, NID_X9_62_prime256v1,
|
{SSL_SIGN_ECDSA_SECP256R1_SHA256, EVP_PKEY_EC, NID_X9_62_prime256v1,
|
||||||
@ -429,12 +429,12 @@ const char *SSL_get_signature_algorithm_name(uint16_t sigalg,
|
|||||||
return include_curve ? "ecdsa_secp384r1_sha384" : "ecdsa_sha384";
|
return include_curve ? "ecdsa_secp384r1_sha384" : "ecdsa_sha384";
|
||||||
case SSL_SIGN_ECDSA_SECP521R1_SHA512:
|
case SSL_SIGN_ECDSA_SECP521R1_SHA512:
|
||||||
return include_curve ? "ecdsa_secp521r1_sha512" : "ecdsa_sha512";
|
return include_curve ? "ecdsa_secp521r1_sha512" : "ecdsa_sha512";
|
||||||
case SSL_SIGN_RSA_PSS_SHA256:
|
case SSL_SIGN_RSA_PSS_RSAE_SHA256:
|
||||||
return "rsa_pss_sha256";
|
return "rsa_pss_rsae_sha256";
|
||||||
case SSL_SIGN_RSA_PSS_SHA384:
|
case SSL_SIGN_RSA_PSS_RSAE_SHA384:
|
||||||
return "rsa_pss_sha384";
|
return "rsa_pss_rsae_sha384";
|
||||||
case SSL_SIGN_RSA_PSS_SHA512:
|
case SSL_SIGN_RSA_PSS_RSAE_SHA512:
|
||||||
return "rsa_pss_sha512";
|
return "rsa_pss_rsae_sha512";
|
||||||
case SSL_SIGN_ED25519:
|
case SSL_SIGN_ED25519:
|
||||||
return "ed25519";
|
return "ed25519";
|
||||||
default:
|
default:
|
||||||
|
@ -3884,10 +3884,10 @@ TEST(SSLTest, SignatureAlgorithmProperties) {
|
|||||||
SSL_is_signature_algorithm_rsa_pss(SSL_SIGN_ECDSA_SECP256R1_SHA256));
|
SSL_is_signature_algorithm_rsa_pss(SSL_SIGN_ECDSA_SECP256R1_SHA256));
|
||||||
|
|
||||||
EXPECT_EQ(EVP_PKEY_RSA,
|
EXPECT_EQ(EVP_PKEY_RSA,
|
||||||
SSL_get_signature_algorithm_key_type(SSL_SIGN_RSA_PSS_SHA384));
|
SSL_get_signature_algorithm_key_type(SSL_SIGN_RSA_PSS_RSAE_SHA384));
|
||||||
EXPECT_EQ(EVP_sha384(),
|
EXPECT_EQ(EVP_sha384(),
|
||||||
SSL_get_signature_algorithm_digest(SSL_SIGN_RSA_PSS_SHA384));
|
SSL_get_signature_algorithm_digest(SSL_SIGN_RSA_PSS_RSAE_SHA384));
|
||||||
EXPECT_TRUE(SSL_is_signature_algorithm_rsa_pss(SSL_SIGN_RSA_PSS_SHA384));
|
EXPECT_TRUE(SSL_is_signature_algorithm_rsa_pss(SSL_SIGN_RSA_PSS_RSAE_SHA384));
|
||||||
}
|
}
|
||||||
|
|
||||||
void MoveBIOs(SSL *dest, SSL *src) {
|
void MoveBIOs(SSL *dest, SSL *src) {
|
||||||
|
@ -419,15 +419,15 @@ static const uint16_t kVerifySignatureAlgorithms[] = {
|
|||||||
// List our preferred algorithms first.
|
// List our preferred algorithms first.
|
||||||
SSL_SIGN_ED25519,
|
SSL_SIGN_ED25519,
|
||||||
SSL_SIGN_ECDSA_SECP256R1_SHA256,
|
SSL_SIGN_ECDSA_SECP256R1_SHA256,
|
||||||
SSL_SIGN_RSA_PSS_SHA256,
|
SSL_SIGN_RSA_PSS_RSAE_SHA256,
|
||||||
SSL_SIGN_RSA_PKCS1_SHA256,
|
SSL_SIGN_RSA_PKCS1_SHA256,
|
||||||
|
|
||||||
// Larger hashes are acceptable.
|
// Larger hashes are acceptable.
|
||||||
SSL_SIGN_ECDSA_SECP384R1_SHA384,
|
SSL_SIGN_ECDSA_SECP384R1_SHA384,
|
||||||
SSL_SIGN_RSA_PSS_SHA384,
|
SSL_SIGN_RSA_PSS_RSAE_SHA384,
|
||||||
SSL_SIGN_RSA_PKCS1_SHA384,
|
SSL_SIGN_RSA_PKCS1_SHA384,
|
||||||
|
|
||||||
SSL_SIGN_RSA_PSS_SHA512,
|
SSL_SIGN_RSA_PSS_RSAE_SHA512,
|
||||||
SSL_SIGN_RSA_PKCS1_SHA512,
|
SSL_SIGN_RSA_PKCS1_SHA512,
|
||||||
|
|
||||||
// For now, SHA-1 is still accepted but least preferable.
|
// For now, SHA-1 is still accepted but least preferable.
|
||||||
@ -445,18 +445,18 @@ static const uint16_t kSignSignatureAlgorithms[] = {
|
|||||||
// List our preferred algorithms first.
|
// List our preferred algorithms first.
|
||||||
SSL_SIGN_ED25519,
|
SSL_SIGN_ED25519,
|
||||||
SSL_SIGN_ECDSA_SECP256R1_SHA256,
|
SSL_SIGN_ECDSA_SECP256R1_SHA256,
|
||||||
SSL_SIGN_RSA_PSS_SHA256,
|
SSL_SIGN_RSA_PSS_RSAE_SHA256,
|
||||||
SSL_SIGN_RSA_PKCS1_SHA256,
|
SSL_SIGN_RSA_PKCS1_SHA256,
|
||||||
|
|
||||||
// If needed, sign larger hashes.
|
// If needed, sign larger hashes.
|
||||||
//
|
//
|
||||||
// TODO(davidben): Determine which of these may be pruned.
|
// TODO(davidben): Determine which of these may be pruned.
|
||||||
SSL_SIGN_ECDSA_SECP384R1_SHA384,
|
SSL_SIGN_ECDSA_SECP384R1_SHA384,
|
||||||
SSL_SIGN_RSA_PSS_SHA384,
|
SSL_SIGN_RSA_PSS_RSAE_SHA384,
|
||||||
SSL_SIGN_RSA_PKCS1_SHA384,
|
SSL_SIGN_RSA_PKCS1_SHA384,
|
||||||
|
|
||||||
SSL_SIGN_ECDSA_SECP521R1_SHA512,
|
SSL_SIGN_ECDSA_SECP521R1_SHA512,
|
||||||
SSL_SIGN_RSA_PSS_SHA512,
|
SSL_SIGN_RSA_PSS_RSAE_SHA512,
|
||||||
SSL_SIGN_RSA_PKCS1_SHA512,
|
SSL_SIGN_RSA_PKCS1_SHA512,
|
||||||
|
|
||||||
// If the peer supports nothing else, sign with SHA-1.
|
// If the peer supports nothing else, sign with SHA-1.
|
||||||
|
@ -333,40 +333,14 @@ static ssl_private_key_result_t AsyncPrivateKeySign(
|
|||||||
abort();
|
abort();
|
||||||
}
|
}
|
||||||
|
|
||||||
// Determine the hash.
|
if (EVP_PKEY_id(test_state->private_key.get()) !=
|
||||||
const EVP_MD *md;
|
SSL_get_signature_algorithm_key_type(signature_algorithm)) {
|
||||||
switch (signature_algorithm) {
|
fprintf(stderr, "Key type does not match signature algorithm.\n");
|
||||||
case SSL_SIGN_RSA_PKCS1_SHA1:
|
abort();
|
||||||
case SSL_SIGN_ECDSA_SHA1:
|
|
||||||
md = EVP_sha1();
|
|
||||||
break;
|
|
||||||
case SSL_SIGN_RSA_PKCS1_SHA256:
|
|
||||||
case SSL_SIGN_ECDSA_SECP256R1_SHA256:
|
|
||||||
case SSL_SIGN_RSA_PSS_SHA256:
|
|
||||||
md = EVP_sha256();
|
|
||||||
break;
|
|
||||||
case SSL_SIGN_RSA_PKCS1_SHA384:
|
|
||||||
case SSL_SIGN_ECDSA_SECP384R1_SHA384:
|
|
||||||
case SSL_SIGN_RSA_PSS_SHA384:
|
|
||||||
md = EVP_sha384();
|
|
||||||
break;
|
|
||||||
case SSL_SIGN_RSA_PKCS1_SHA512:
|
|
||||||
case SSL_SIGN_ECDSA_SECP521R1_SHA512:
|
|
||||||
case SSL_SIGN_RSA_PSS_SHA512:
|
|
||||||
md = EVP_sha512();
|
|
||||||
break;
|
|
||||||
case SSL_SIGN_RSA_PKCS1_MD5_SHA1:
|
|
||||||
md = EVP_md5_sha1();
|
|
||||||
break;
|
|
||||||
case SSL_SIGN_ED25519:
|
|
||||||
md = nullptr;
|
|
||||||
break;
|
|
||||||
default:
|
|
||||||
fprintf(stderr, "Unknown signature algorithm %04x.\n",
|
|
||||||
signature_algorithm);
|
|
||||||
return ssl_private_key_failure;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Determine the hash.
|
||||||
|
const EVP_MD *md = SSL_get_signature_algorithm_digest(signature_algorithm);
|
||||||
bssl::ScopedEVP_MD_CTX ctx;
|
bssl::ScopedEVP_MD_CTX ctx;
|
||||||
EVP_PKEY_CTX *pctx;
|
EVP_PKEY_CTX *pctx;
|
||||||
if (!EVP_DigestSignInit(ctx.get(), &pctx, md, nullptr,
|
if (!EVP_DigestSignInit(ctx.get(), &pctx, md, nullptr,
|
||||||
@ -375,15 +349,11 @@ static ssl_private_key_result_t AsyncPrivateKeySign(
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Configure additional signature parameters.
|
// Configure additional signature parameters.
|
||||||
switch (signature_algorithm) {
|
if (SSL_is_signature_algorithm_rsa_pss(signature_algorithm)) {
|
||||||
case SSL_SIGN_RSA_PSS_SHA256:
|
if (!EVP_PKEY_CTX_set_rsa_padding(pctx, RSA_PKCS1_PSS_PADDING) ||
|
||||||
case SSL_SIGN_RSA_PSS_SHA384:
|
!EVP_PKEY_CTX_set_rsa_pss_saltlen(pctx, -1 /* salt len = hash len */)) {
|
||||||
case SSL_SIGN_RSA_PSS_SHA512:
|
return ssl_private_key_failure;
|
||||||
if (!EVP_PKEY_CTX_set_rsa_padding(pctx, RSA_PKCS1_PSS_PADDING) ||
|
}
|
||||||
!EVP_PKEY_CTX_set_rsa_pss_saltlen(pctx,
|
|
||||||
-1 /* salt len = hash len */)) {
|
|
||||||
return ssl_private_key_failure;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Write the signature into |test_state|.
|
// Write the signature into |test_state|.
|
||||||
|
Loading…
Reference in New Issue
Block a user