[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] client-side TLS 1.2 support
From: |
Daiki Ueno |
Subject: |
Re: [PATCH] client-side TLS 1.2 support |
Date: |
Mon, 31 Aug 2009 21:45:19 +0900 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/23.1.50 (gnu/linux) |
> > Where does these "magic" values come from? It was these values that I
> > would prefer to use symbolic names for.
Ah, sorry. Perhaps the attached might be better (it uses separate
symbolic names for sign/hash algorithms).
diff --git a/lib/gnutls_algorithms.c b/lib/gnutls_algorithms.c
index 73179bb..577d272 100644
--- a/lib/gnutls_algorithms.c
+++ b/lib/gnutls_algorithms.c
@@ -1787,27 +1787,51 @@ struct gnutls_sign_entry
gnutls_sign_algorithm_t id;
gnutls_pk_algorithm_t pk;
gnutls_mac_algorithm_t mac;
- sign_algorithm_st aid;
+ sign_algorithm_st aid; /* SignatureAndHashAlgorithm */
};
typedef struct gnutls_sign_entry gnutls_sign_entry;
-#define TLS_SIGN_AID_UNKNOWN {255, 255}
+#define TLS_SIGN_AID_HASH_UNKNOWN 255
+#define TLS_SIGN_AID_HASH_MD5 1
+#define TLS_SIGN_AID_HASH_SHA1 2
+#define TLS_SIGN_AID_HASH_SHA256 4
+#define TLS_SIGN_AID_HASH_SHA384 5
+#define TLS_SIGN_AID_HASH_SHA512 6
+
+#define TLS_SIGN_AID_SIGN_UNKNOWN 255
+#define TLS_SIGN_AID_SIGN_RSA 1
+#define TLS_SIGN_AID_SIGN_DSA 2
+
+#define TLS_SIGN_AID_UNKNOWN {TLS_SIGN_AID_HASH_UNKNOWN,\
+ TLS_SIGN_AID_SIGN_UNKNOWN}
+#define TLS_SIGN_AID_RSA_SHA1 {TLS_SIGN_AID_HASH_SHA1,\
+ TLS_SIGN_AID_SIGN_RSA}
+#define TLS_SIGN_AID_RSA_SHA256 {TLS_SIGN_AID_HASH_SHA256,\
+ TLS_SIGN_AID_SIGN_RSA}
+#define TLS_SIGN_AID_RSA_SHA384 {TLS_SIGN_AID_HASH_SHA384,\
+ TLS_SIGN_AID_SIGN_RSA}
+#define TLS_SIGN_AID_RSA_SHA512 {TLS_SIGN_AID_HASH_SHA512,\
+ TLS_SIGN_AID_SIGN_RSA}
+#define TLS_SIGN_AID_DSA_SHA1 {TLS_SIGN_AID_HASH_SHA1,\
+ TLS_SIGN_AID_SIGN_DSA}
+#define TLS_SIGN_AID_RSA_MD5 {TLS_SIGN_AID_HASH_MD5,\
+ TLS_SIGN_AID_SIGN_RSA}
static const gnutls_sign_entry sign_algorithms[] = {
{"RSA-SHA", SIG_RSA_SHA1_OID, GNUTLS_SIGN_RSA_SHA1, GNUTLS_PK_RSA,
- GNUTLS_MAC_SHA1, {2, 1}},
+ GNUTLS_MAC_SHA1, TLS_SIGN_AID_RSA_SHA1},
{"RSA-SHA256", SIG_RSA_SHA256_OID, GNUTLS_SIGN_RSA_SHA256, GNUTLS_PK_RSA,
- GNUTLS_MAC_SHA256, {4, 1}},
+ GNUTLS_MAC_SHA256, TLS_SIGN_AID_RSA_SHA256},
{"RSA-SHA384", SIG_RSA_SHA384_OID, GNUTLS_SIGN_RSA_SHA384, GNUTLS_PK_RSA,
- GNUTLS_MAC_SHA384, {5, 1}},
+ GNUTLS_MAC_SHA384, TLS_SIGN_AID_RSA_SHA384},
{"RSA-SHA512", SIG_RSA_SHA512_OID, GNUTLS_SIGN_RSA_SHA512, GNUTLS_PK_RSA,
- GNUTLS_MAC_SHA512, {6, 1}},
+ GNUTLS_MAC_SHA512, TLS_SIGN_AID_RSA_SHA512},
{"RSA-RMD160", SIG_RSA_RMD160_OID, GNUTLS_SIGN_RSA_RMD160, GNUTLS_PK_RSA,
GNUTLS_MAC_RMD160, TLS_SIGN_AID_UNKNOWN},
{"DSA-SHA", SIG_DSA_SHA1_OID, GNUTLS_SIGN_DSA_SHA1, GNUTLS_PK_DSA,
- GNUTLS_MAC_SHA1, {2, 2}},
+ GNUTLS_MAC_SHA1, TLS_SIGN_AID_DSA_SHA1},
{"RSA-MD5", SIG_RSA_MD5_OID, GNUTLS_SIGN_RSA_MD5, GNUTLS_PK_RSA,
- GNUTLS_MAC_MD5, {1, 1}},
+ GNUTLS_MAC_MD5, TLS_SIGN_AID_RSA_MD5},
{"RSA-MD2", SIG_RSA_MD2_OID, GNUTLS_SIGN_RSA_MD2, GNUTLS_PK_RSA,
GNUTLS_MAC_MD2, TLS_SIGN_AID_UNKNOWN},
{"GOST R 34.10-2001", SIG_GOST_R3410_2001_OID, 0, 0, 0,
TLS_SIGN_AID_UNKNOWN},
Regards,
--
Daiki Ueno
- ECC cipher suites, Daiki Ueno, 2009/08/25
- Re: ECC cipher suites, Simon Josefsson, 2009/08/25
- Re: ECC cipher suites, Daiki Ueno, 2009/08/27
- Poll: What do you want to see implemented in GnuTLS next?, Simon Josefsson, 2009/08/27
- [PATCH] client-side TLS 1.2 support, Daiki Ueno, 2009/08/31
- Re: [PATCH] client-side TLS 1.2 support, Simon Josefsson, 2009/08/31
- Re: [PATCH] client-side TLS 1.2 support, Daiki Ueno, 2009/08/31
- Re: [PATCH] client-side TLS 1.2 support, Simon Josefsson, 2009/08/31
- Re: [PATCH] client-side TLS 1.2 support, Daiki Ueno, 2009/08/31
- Re: [PATCH] client-side TLS 1.2 support,
Daiki Ueno <=
- Re: [PATCH] client-side TLS 1.2 support, Simon Josefsson, 2009/08/31
- Re: [PATCH] client-side TLS 1.2 support, Simon Josefsson, 2009/08/31
- Re: [PATCH] client-side TLS 1.2 support, Simon Josefsson, 2009/08/31
- Re: [PATCH] client-side TLS 1.2 support, Simon Josefsson, 2009/08/31
- [PATCH] add SHA-2 ciphersuites, Daiki Ueno, 2009/08/31