mirror of
https://github.com/openssl/openssl.git
synced 2025-01-18 13:44:20 +08:00
add support for ecdsa-with-sha256 etc.
This commit is contained in:
parent
34f0a19309
commit
06e2dd037e
3
CHANGES
3
CHANGES
@ -4,6 +4,9 @@
|
||||
|
||||
Changes between 0.9.8e and 0.9.9 [xx XXX xxxx]
|
||||
|
||||
*) Add support for the ecdsa-with-SHA224/256/384/512 signature types.
|
||||
[Nils Larsch]
|
||||
|
||||
*) Initial incomplete changes to avoid need for function casts in OpenSSL
|
||||
when OPENSSL_NO_FCAST is set: some compilers (gcc 4.2 and later) reject
|
||||
their use. Safestack is reimplemented using inline functions: tests show
|
||||
|
@ -577,12 +577,17 @@ static int ec_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
|
||||
case ASN1_PKEY_CTRL_PKCS7_SIGN:
|
||||
if (arg1 == 0)
|
||||
{
|
||||
int snid, hnid;
|
||||
X509_ALGOR *alg1, *alg2;
|
||||
PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2);
|
||||
X509_ALGOR_set0(alg1, OBJ_nid2obj(NID_sha1),
|
||||
V_ASN1_NULL, 0);
|
||||
X509_ALGOR_set0(alg2, OBJ_nid2obj(NID_ecdsa_with_SHA1),
|
||||
V_ASN1_NULL, 0);
|
||||
if (alg1 == NULL || alg1->algorithm == NULL)
|
||||
return -1;
|
||||
hnid = OBJ_obj2nid(alg1->algorithm);
|
||||
if (hnid == NID_undef)
|
||||
return -1;
|
||||
if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
|
||||
return -1;
|
||||
X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
|
||||
}
|
||||
return 1;
|
||||
|
||||
|
@ -220,7 +220,11 @@ static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
|
||||
return 1;
|
||||
|
||||
case EVP_PKEY_CTRL_MD:
|
||||
if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1)
|
||||
if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1 &&
|
||||
EVP_MD_type((const EVP_MD *)p2) != NID_sha224 &&
|
||||
EVP_MD_type((const EVP_MD *)p2) != NID_sha256 &&
|
||||
EVP_MD_type((const EVP_MD *)p2) != NID_sha384 &&
|
||||
EVP_MD_type((const EVP_MD *)p2) != NID_sha512)
|
||||
{
|
||||
ECerr(EC_F_PKEY_EC_CTRL, EC_R_INVALID_DIGEST_TYPE);
|
||||
return 0;
|
||||
|
@ -119,7 +119,7 @@ static const EVP_MD sha224_md=
|
||||
NID_sha224,
|
||||
NID_sha224WithRSAEncryption,
|
||||
SHA224_DIGEST_LENGTH,
|
||||
0,
|
||||
EVP_MD_FLAG_PKEY_METHOD_SIGNATURE,
|
||||
init224,
|
||||
update256,
|
||||
final256,
|
||||
@ -138,7 +138,7 @@ static const EVP_MD sha256_md=
|
||||
NID_sha256,
|
||||
NID_sha256WithRSAEncryption,
|
||||
SHA256_DIGEST_LENGTH,
|
||||
0,
|
||||
EVP_MD_FLAG_PKEY_METHOD_SIGNATURE,
|
||||
init256,
|
||||
update256,
|
||||
final256,
|
||||
@ -169,7 +169,7 @@ static const EVP_MD sha384_md=
|
||||
NID_sha384,
|
||||
NID_sha384WithRSAEncryption,
|
||||
SHA384_DIGEST_LENGTH,
|
||||
0,
|
||||
EVP_MD_FLAG_PKEY_METHOD_SIGNATURE,
|
||||
init384,
|
||||
update512,
|
||||
final512,
|
||||
@ -188,7 +188,7 @@ static const EVP_MD sha512_md=
|
||||
NID_sha512,
|
||||
NID_sha512WithRSAEncryption,
|
||||
SHA512_DIGEST_LENGTH,
|
||||
0,
|
||||
EVP_MD_FLAG_PKEY_METHOD_SIGNATURE,
|
||||
init512,
|
||||
update512,
|
||||
final512,
|
||||
|
@ -62,12 +62,12 @@
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
|
||||
#define NUM_NID 827
|
||||
#define NUM_SN 823
|
||||
#define NUM_LN 823
|
||||
#define NUM_OBJ 779
|
||||
#define NUM_NID 833
|
||||
#define NUM_SN 829
|
||||
#define NUM_LN 829
|
||||
#define NUM_OBJ 785
|
||||
|
||||
static unsigned char lvalues[5496]={
|
||||
static unsigned char lvalues[5542]={
|
||||
0x00, /* [ 0] OBJ_undef */
|
||||
0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */
|
||||
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */
|
||||
@ -847,6 +847,12 @@ static unsigned char lvalues[5496]={
|
||||
0x2A,0x85,0x03,0x02,0x09,0x01,0x03,0x03, /* [5471] OBJ_id_GostR3411_94_with_GostR3410_94_cc */
|
||||
0x2A,0x85,0x03,0x02,0x09,0x01,0x03,0x04, /* [5479] OBJ_id_GostR3411_94_with_GostR3410_2001_cc */
|
||||
0x2A,0x85,0x03,0x02,0x09,0x01,0x08,0x01, /* [5487] OBJ_id_GostR3410_2001_ParamSet_cc */
|
||||
0x2A,0x86,0x48,0xCE,0x3D,0x04,0x02, /* [5495] OBJ_ecdsa_with_Recommended */
|
||||
0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03, /* [5502] OBJ_ecdsa_with_Specified */
|
||||
0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x01, /* [5509] OBJ_ecdsa_with_SHA224 */
|
||||
0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x02, /* [5517] OBJ_ecdsa_with_SHA256 */
|
||||
0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x03, /* [5525] OBJ_ecdsa_with_SHA384 */
|
||||
0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x04, /* [5533] OBJ_ecdsa_with_SHA512 */
|
||||
};
|
||||
|
||||
static ASN1_OBJECT nid_objs[NUM_NID]={
|
||||
@ -2184,6 +2190,18 @@ static ASN1_OBJECT nid_objs[NUM_NID]={
|
||||
{"id-GostR3410-2001-ParamSet-cc",
|
||||
"GOST R 3410-2001 Parameter Set Cryptocom",
|
||||
NID_id_GostR3410_2001_ParamSet_cc,8,&(lvalues[5487]),0},
|
||||
{"ecdsa-with-Recommended","ecdsa-with-Recommended",
|
||||
NID_ecdsa_with_Recommended,7,&(lvalues[5495]),0},
|
||||
{"ecdsa-with-Specified","ecdsa-with-Specified",
|
||||
NID_ecdsa_with_Specified,7,&(lvalues[5502]),0},
|
||||
{"ecdsa-with-SHA224","ecdsa-with-SHA224",NID_ecdsa_with_SHA224,8,
|
||||
&(lvalues[5509]),0},
|
||||
{"ecdsa-with-SHA256","ecdsa-with-SHA256",NID_ecdsa_with_SHA256,8,
|
||||
&(lvalues[5517]),0},
|
||||
{"ecdsa-with-SHA384","ecdsa-with-SHA384",NID_ecdsa_with_SHA384,8,
|
||||
&(lvalues[5525]),0},
|
||||
{"ecdsa-with-SHA512","ecdsa-with-SHA512",NID_ecdsa_with_SHA512,8,
|
||||
&(lvalues[5533]),0},
|
||||
};
|
||||
|
||||
static ASN1_OBJECT *sn_objs[NUM_SN]={
|
||||
@ -2434,7 +2452,13 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
|
||||
&(nid_objs[470]),/* "documentVersion" */
|
||||
&(nid_objs[392]),/* "domain" */
|
||||
&(nid_objs[452]),/* "domainRelatedObject" */
|
||||
&(nid_objs[827]),/* "ecdsa-with-Recommended" */
|
||||
&(nid_objs[416]),/* "ecdsa-with-SHA1" */
|
||||
&(nid_objs[829]),/* "ecdsa-with-SHA224" */
|
||||
&(nid_objs[830]),/* "ecdsa-with-SHA256" */
|
||||
&(nid_objs[831]),/* "ecdsa-with-SHA384" */
|
||||
&(nid_objs[832]),/* "ecdsa-with-SHA512" */
|
||||
&(nid_objs[828]),/* "ecdsa-with-Specified" */
|
||||
&(nid_objs[48]),/* "emailAddress" */
|
||||
&(nid_objs[132]),/* "emailProtection" */
|
||||
&(nid_objs[389]),/* "enterprises" */
|
||||
@ -3281,7 +3305,13 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
|
||||
&(nid_objs[113]),/* "dsaWithSHA1" */
|
||||
&(nid_objs[70]),/* "dsaWithSHA1-old" */
|
||||
&(nid_objs[297]),/* "dvcs" */
|
||||
&(nid_objs[827]),/* "ecdsa-with-Recommended" */
|
||||
&(nid_objs[416]),/* "ecdsa-with-SHA1" */
|
||||
&(nid_objs[829]),/* "ecdsa-with-SHA224" */
|
||||
&(nid_objs[830]),/* "ecdsa-with-SHA256" */
|
||||
&(nid_objs[831]),/* "ecdsa-with-SHA384" */
|
||||
&(nid_objs[832]),/* "ecdsa-with-SHA512" */
|
||||
&(nid_objs[828]),/* "ecdsa-with-Specified" */
|
||||
&(nid_objs[48]),/* "emailAddress" */
|
||||
&(nid_objs[632]),/* "encrypted track 2" */
|
||||
&(nid_objs[56]),/* "extendedCertificateAttributes" */
|
||||
@ -4175,6 +4205,8 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
|
||||
&(nid_objs[407]),/* OBJ_X9_62_characteristic_two_field 1 2 840 10045 1 2 */
|
||||
&(nid_objs[408]),/* OBJ_X9_62_id_ecPublicKey 1 2 840 10045 2 1 */
|
||||
&(nid_objs[416]),/* OBJ_ecdsa_with_SHA1 1 2 840 10045 4 1 */
|
||||
&(nid_objs[827]),/* OBJ_ecdsa_with_Recommended 1 2 840 10045 4 2 */
|
||||
&(nid_objs[828]),/* OBJ_ecdsa_with_Specified 1 2 840 10045 4 3 */
|
||||
&(nid_objs[258]),/* OBJ_id_pkix_mod 1 3 6 1 5 5 7 0 */
|
||||
&(nid_objs[175]),/* OBJ_id_pe 1 3 6 1 5 5 7 1 */
|
||||
&(nid_objs[259]),/* OBJ_id_qt 1 3 6 1 5 5 7 2 */
|
||||
@ -4256,6 +4288,10 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
|
||||
&(nid_objs[413]),/* OBJ_X9_62_prime239v2 1 2 840 10045 3 1 5 */
|
||||
&(nid_objs[414]),/* OBJ_X9_62_prime239v3 1 2 840 10045 3 1 6 */
|
||||
&(nid_objs[415]),/* OBJ_X9_62_prime256v1 1 2 840 10045 3 1 7 */
|
||||
&(nid_objs[829]),/* OBJ_ecdsa_with_SHA224 1 2 840 10045 4 3 1 */
|
||||
&(nid_objs[830]),/* OBJ_ecdsa_with_SHA256 1 2 840 10045 4 3 2 */
|
||||
&(nid_objs[831]),/* OBJ_ecdsa_with_SHA384 1 2 840 10045 4 3 3 */
|
||||
&(nid_objs[832]),/* OBJ_ecdsa_with_SHA512 1 2 840 10045 4 3 4 */
|
||||
&(nid_objs[269]),/* OBJ_id_pkix1_explicit_88 1 3 6 1 5 5 7 0 1 */
|
||||
&(nid_objs[270]),/* OBJ_id_pkix1_implicit_88 1 3 6 1 5 5 7 0 2 */
|
||||
&(nid_objs[271]),/* OBJ_id_pkix1_explicit_93 1 3 6 1 5 5 7 0 3 */
|
||||
|
@ -305,6 +305,30 @@
|
||||
#define NID_ecdsa_with_SHA1 416
|
||||
#define OBJ_ecdsa_with_SHA1 OBJ_X9_62_id_ecSigType,1L
|
||||
|
||||
#define SN_ecdsa_with_Recommended "ecdsa-with-Recommended"
|
||||
#define NID_ecdsa_with_Recommended 827
|
||||
#define OBJ_ecdsa_with_Recommended OBJ_X9_62_id_ecSigType,2L
|
||||
|
||||
#define SN_ecdsa_with_Specified "ecdsa-with-Specified"
|
||||
#define NID_ecdsa_with_Specified 828
|
||||
#define OBJ_ecdsa_with_Specified OBJ_X9_62_id_ecSigType,3L
|
||||
|
||||
#define SN_ecdsa_with_SHA224 "ecdsa-with-SHA224"
|
||||
#define NID_ecdsa_with_SHA224 829
|
||||
#define OBJ_ecdsa_with_SHA224 OBJ_ecdsa_with_Specified,1L
|
||||
|
||||
#define SN_ecdsa_with_SHA256 "ecdsa-with-SHA256"
|
||||
#define NID_ecdsa_with_SHA256 830
|
||||
#define OBJ_ecdsa_with_SHA256 OBJ_ecdsa_with_Specified,2L
|
||||
|
||||
#define SN_ecdsa_with_SHA384 "ecdsa-with-SHA384"
|
||||
#define NID_ecdsa_with_SHA384 831
|
||||
#define OBJ_ecdsa_with_SHA384 OBJ_ecdsa_with_Specified,3L
|
||||
|
||||
#define SN_ecdsa_with_SHA512 "ecdsa-with-SHA512"
|
||||
#define NID_ecdsa_with_SHA512 832
|
||||
#define OBJ_ecdsa_with_SHA512 OBJ_ecdsa_with_Specified,4L
|
||||
|
||||
#define OBJ_secg_ellipticCurve OBJ_certicom_arc,0L
|
||||
|
||||
#define SN_secp112r1 "secp112r1"
|
||||
|
@ -824,3 +824,9 @@ id_GostR3410_2001_cc 823
|
||||
id_GostR3411_94_with_GostR3410_94_cc 824
|
||||
id_GostR3411_94_with_GostR3410_2001_cc 825
|
||||
id_GostR3410_2001_ParamSet_cc 826
|
||||
ecdsa_with_Recommended 827
|
||||
ecdsa_with_Specified 828
|
||||
ecdsa_with_SHA224 829
|
||||
ecdsa_with_SHA256 830
|
||||
ecdsa_with_SHA384 831
|
||||
ecdsa_with_SHA512 832
|
||||
|
@ -26,6 +26,12 @@ dsaWithSHA1 sha1 dsa
|
||||
dsaWithSHA1_2 sha1 dsa_2
|
||||
|
||||
ecdsa_with_SHA1 sha1 X9_62_id_ecPublicKey
|
||||
ecdsa_with_SHA224 sha224 X9_62_id_ecPublicKey
|
||||
ecdsa_with_SHA256 sha256 X9_62_id_ecPublicKey
|
||||
ecdsa_with_SHA384 sha384 X9_62_id_ecPublicKey
|
||||
ecdsa_with_SHA512 sha512 X9_62_id_ecPublicKey
|
||||
ecdsa_with_Recommended undef X9_62_id_ecPublicKey
|
||||
ecdsa_with_Specified undef X9_62_id_ecPublicKey
|
||||
|
||||
id_GostR3411_94_with_GostR3410_2001 id_GostR3411_94 id_GostR3410_2001
|
||||
id_GostR3411_94_with_GostR3410_94 id_GostR3411_94 id_GostR3410_94
|
||||
|
@ -75,6 +75,12 @@ X9-62_primeCurve 7 : prime256v1
|
||||
!Alias id-ecSigType ansi-X9-62 4
|
||||
!global
|
||||
X9-62_id-ecSigType 1 : ecdsa-with-SHA1
|
||||
X9-62_id-ecSigType 2 : ecdsa-with-Recommended
|
||||
X9-62_id-ecSigType 3 : ecdsa-with-Specified
|
||||
ecdsa-with-Specified 1 : ecdsa-with-SHA224
|
||||
ecdsa-with-Specified 2 : ecdsa-with-SHA256
|
||||
ecdsa-with-Specified 3 : ecdsa-with-SHA384
|
||||
ecdsa-with-Specified 4 : ecdsa-with-SHA512
|
||||
|
||||
# SECG curve OIDs from "SEC 2: Recommended Elliptic Curve Domain Parameters"
|
||||
# (http://www.secg.org/)
|
||||
|
Loading…
Reference in New Issue
Block a user