diff options
author | Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> | 2016-10-21 04:02:30 +0300 |
---|---|---|
committer | Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> | 2018-06-23 12:20:15 +0300 |
commit | d2d448d5e072eb14c7e4f5c9bd634c5ab138d7c9 (patch) | |
tree | 5dcac4a18b74a4d4e745cae7929b5edad07081d0 | |
parent | 549e29dfca54afadd5983861bd6806dcc65fcfbc (diff) | |
download | gnutls-d2d448d5e072eb14c7e4f5c9bd634c5ab138d7c9.tar.gz |
Add declarations for GOST R 34.10 signatures
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
-rw-r--r-- | lib/algorithms/sign.c | 26 | ||||
-rw-r--r-- | lib/includes/gnutls/gnutls.h.in | 9 | ||||
-rw-r--r-- | lib/x509/common.h | 2 | ||||
-rw-r--r-- | tests/cert-tests/data/gost-cert.pem | 2 |
4 files changed, 32 insertions, 7 deletions
diff --git a/lib/algorithms/sign.c b/lib/algorithms/sign.c index 5a45e9fa10..f870ecc545 100644 --- a/lib/algorithms/sign.c +++ b/lib/algorithms/sign.c @@ -345,13 +345,29 @@ static const gnutls_sign_entry_st sign_algorithms[] = { .pk = GNUTLS_PK_EC, .hash = GNUTLS_DIG_SHA224, .aid = TLS_SIGN_AID_UNKNOWN}, - {.name = "GOST R 34.10-2001", + /* GOST R 34.10-2012-512 */ + {.name = "GOSTR341012-512", + .oid = SIG_GOST_R3410_2012_512_OID, + .id = GNUTLS_SIGN_GOST_512, + .pk = GNUTLS_PK_GOST_12_512, + .hash = GNUTLS_DIG_STREEBOG_512, + .aid = TLS_SIGN_AID_UNKNOWN}, + /* GOST R 34.10-2012-256 */ + {.name = "GOSTR341012-256", + .oid = SIG_GOST_R3410_2012_256_OID, + .id = GNUTLS_SIGN_GOST_256, + .pk = GNUTLS_PK_GOST_12_256, + .hash = GNUTLS_DIG_STREEBOG_256, + .aid = TLS_SIGN_AID_UNKNOWN}, + /* GOST R 34.10-2001 */ + {.name = "GOSTR341001", .oid = SIG_GOST_R3410_2001_OID, - .id = 0, - .pk = 0, - .hash = 0, + .id = GNUTLS_SIGN_GOST_94, + .pk = GNUTLS_PK_GOST_01, + .hash = GNUTLS_DIG_GOSTR_94, .aid = TLS_SIGN_AID_UNKNOWN}, - {.name = "GOST R 34.10-94", + /* GOST R 34.10-94 */ + {.name = "GOSTR341094", .oid = SIG_GOST_R3410_94_OID, .id = 0, .pk = 0, diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in index a1e3aaf0cc..66043925e1 100644 --- a/lib/includes/gnutls/gnutls.h.in +++ b/lib/includes/gnutls/gnutls.h.in @@ -847,6 +847,9 @@ const char *gnutls_pk_algorithm_get_name(gnutls_pk_algorithm_t algorithm); * @GNUTLS_SIGN_RSA_PSS_SHA384: Digital signature algorithm RSA with SHA-384, with PSS padding (RSA-PSS certificate). * @GNUTLS_SIGN_RSA_PSS_SHA512: Digital signature algorithm RSA with SHA-512, with PSS padding (RSA-PSS certificate). * @GNUTLS_SIGN_EDDSA_ED25519: Digital signature algorithm EdDSA with Ed25519 curve. + * @GNUTLS_SIGN_GOST_94: Digital signature algorithm GOST R 34.10-2001 with GOST R 34.11-94 + * @GNUTLS_SIGN_GOST_256: Digital signature algorithm GOST R 34.10-2001 with GOST R 34.11-2012 256 bit + * @GNUTLS_SIGN_GOST_512: Digital signature algorithm GOST R 34.10-2001 with GOST R 34.11-2012 512 bit * * Enumeration of different digital signature algorithms. */ @@ -899,7 +902,11 @@ typedef enum { GNUTLS_SIGN_RSA_PSS_RSAE_SHA256 = 40, GNUTLS_SIGN_RSA_PSS_RSAE_SHA384 = 41, GNUTLS_SIGN_RSA_PSS_RSAE_SHA512 = 42, - GNUTLS_SIGN_MAX = GNUTLS_SIGN_RSA_PSS_RSAE_SHA512 + + GNUTLS_SIGN_GOST_94 = 43, + GNUTLS_SIGN_GOST_256 = 44, + GNUTLS_SIGN_GOST_512 = 45, + GNUTLS_SIGN_MAX = GNUTLS_SIGN_GOST_512 } gnutls_sign_algorithm_t; /** diff --git a/lib/x509/common.h b/lib/x509/common.h index b7ce879e10..d5c368a7b9 100644 --- a/lib/x509/common.h +++ b/lib/x509/common.h @@ -78,6 +78,8 @@ #define SIG_RSA_RMD160_OID "1.3.36.3.3.1.2" #define SIG_GOST_R3410_94_OID "1.2.643.2.2.4" #define SIG_GOST_R3410_2001_OID "1.2.643.2.2.3" +#define SIG_GOST_R3410_2012_256_OID "1.2.643.7.1.1.3.2" +#define SIG_GOST_R3410_2012_512_OID "1.2.643.7.1.1.3.3" #define ISO_SIG_RSA_SHA1_OID "1.3.14.3.2.29" #define SIG_DSA_SHA3_224_OID "2.16.840.1.101.3.4.3.5" diff --git a/tests/cert-tests/data/gost-cert.pem b/tests/cert-tests/data/gost-cert.pem index 8e6a5203e4..bf280349fd 100644 --- a/tests/cert-tests/data/gost-cert.pem +++ b/tests/cert-tests/data/gost-cert.pem @@ -17,7 +17,7 @@ X.509 Certificate Information: 43fe227895724f4e3a74f264e4fd0b800c082e03 Authority Key Identifier (not critical): 9875a3b785c1641b23344d9bfbae0c2a256b44eb - Signature Algorithm: 1.2.643.2.2.3 + Signature Algorithm: GOSTR341001 Signature: 8f:37:24:fd:be:f0:37:d9:f3:1a:5c:31:5e:33:ef:35 61:93:07:03:3d:4d:e8:2c:1b:39:a2:6c:d4:2f:85:35 |