1 // Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 //     https://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 
15 #include <openssl/obj.h>
16 
17 #include "../internal.h"
18 
19 
20 typedef struct {
21   int sign_nid;
22   int digest_nid;
23   int pkey_nid;
24 } nid_triple;
25 
26 static const nid_triple kTriples[] = {
27     // RSA PKCS#1.
28     {NID_md4WithRSAEncryption, NID_md4, NID_rsaEncryption},
29     {NID_md5WithRSAEncryption, NID_md5, NID_rsaEncryption},
30     {NID_sha1WithRSAEncryption, NID_sha1, NID_rsaEncryption},
31     {NID_sha224WithRSAEncryption, NID_sha224, NID_rsaEncryption},
32     {NID_sha256WithRSAEncryption, NID_sha256, NID_rsaEncryption},
33     {NID_sha384WithRSAEncryption, NID_sha384, NID_rsaEncryption},
34     {NID_sha512WithRSAEncryption, NID_sha512, NID_rsaEncryption},
35     // DSA.
36     {NID_dsaWithSHA1, NID_sha1, NID_dsa},
37     {NID_dsaWithSHA1_2, NID_sha1, NID_dsa_2},
38     {NID_dsa_with_SHA224, NID_sha224, NID_dsa},
39     {NID_dsa_with_SHA256, NID_sha256, NID_dsa},
40     // ECDSA.
41     {NID_ecdsa_with_SHA1, NID_sha1, NID_X9_62_id_ecPublicKey},
42     {NID_ecdsa_with_SHA224, NID_sha224, NID_X9_62_id_ecPublicKey},
43     {NID_ecdsa_with_SHA256, NID_sha256, NID_X9_62_id_ecPublicKey},
44     {NID_ecdsa_with_SHA384, NID_sha384, NID_X9_62_id_ecPublicKey},
45     {NID_ecdsa_with_SHA512, NID_sha512, NID_X9_62_id_ecPublicKey},
46     // The following algorithms use more complex (or simpler) parameters. The
47     // digest "undef" indicates the caller should handle this explicitly.
48     {NID_rsassaPss, NID_undef, NID_rsaEncryption},
49     {NID_ED25519, NID_undef, NID_ED25519},
50 };
51 
OBJ_find_sigid_algs(int sign_nid,int * out_digest_nid,int * out_pkey_nid)52 int OBJ_find_sigid_algs(int sign_nid, int *out_digest_nid, int *out_pkey_nid) {
53   for (size_t i = 0; i < OPENSSL_ARRAY_SIZE(kTriples); i++) {
54     if (kTriples[i].sign_nid == sign_nid) {
55       if (out_digest_nid != NULL) {
56         *out_digest_nid = kTriples[i].digest_nid;
57       }
58       if (out_pkey_nid != NULL) {
59         *out_pkey_nid = kTriples[i].pkey_nid;
60       }
61       return 1;
62     }
63   }
64 
65   return 0;
66 }
67 
OBJ_find_sigid_by_algs(int * out_sign_nid,int digest_nid,int pkey_nid)68 int OBJ_find_sigid_by_algs(int *out_sign_nid, int digest_nid, int pkey_nid) {
69   for (size_t i = 0; i < OPENSSL_ARRAY_SIZE(kTriples); i++) {
70     if (kTriples[i].digest_nid == digest_nid &&
71         kTriples[i].pkey_nid == pkey_nid) {
72       if (out_sign_nid != NULL) {
73         *out_sign_nid = kTriples[i].sign_nid;
74       }
75       return 1;
76     }
77   }
78 
79   return 0;
80 }
81