Merge pull request #209 from kaleb-himes/master

OpenSSH added support for additional NID types. Update our compatibil…
2015-12-28 11:52:38 -08:00 · 2015-12-28 11:52:38 -08:00 · 3a1909dab9
parent 92cb8eee61 cbf3213c4f
commit 3a1909dab9
3 changed files with 30 additions and 4 deletions
--- a/src/ssl.c
+++ b/src/ssl.c
@ -13310,9 +13310,28 @@ int wolfSSL_RSA_sign(int type, const unsigned char* m,
        return 0;
    }

-    if (type != NID_md5 && type != NID_sha1) {
-        WOLFSSL_MSG("Bad md type");
-        return 0;
+    switch (type) {
+    #ifdef WOLFSSL_MD2
+        case NID_md2:       type = MD2h;    break;
+    #endif
+    #ifndef NO_MD5
+        case NID_md5:       type = MD5h;    break;
+    #endif
+    #ifndef NO_SHA
+        case NID_sha1:      type = SHAh;    break;
+    #endif
+    #ifndef NO_SHA256
+        case NID_sha256:    type = SHA256h; break;
+    #endif
+    #ifdef WOLFSSL_SHA384
+        case NID_sha384:    type = SHA384h; break;
+    #endif
+    #ifdef WOLFSSL_SHA512
+        case NID_sha512:    type = SHA512h; break;
+    #endif
+        default:
+            WOLFSSL_MSG("This NID (md type) not configured or not implemented");
+            return 0;
    }

    if (rsa->inSet == 0)
@ -13356,7 +13375,6 @@ int wolfSSL_RSA_sign(int type, const unsigned char* m,
    }

    if (rng) {
-        type = (type == NID_md5) ? MD5h : SHAh;

        signSz = wc_EncodeSignature(encodedSig, m, mLen, type);
        if (signSz == 0) {
--- a/wolfssl/openssl/evp.h
+++ b/wolfssl/openssl/evp.h
@ -132,6 +132,7 @@ enum {
 	EVP_PKEY_EC		  = 13,
    IDEA_CBC_TYPE     = 14,
    NID_sha1          = 64,
+    NID_md2           = 3,
    NID_md5           =  4
 };

--- a/wolfssl/openssl/rsa.h
+++ b/wolfssl/openssl/rsa.h
@ -17,6 +17,13 @@ enum  {
 	RSA_PKCS1_PADDING = 1
 };

+/* rsaTypes */
+enum {
+    NID_sha256 = 672,
+    NID_sha384 = 673,
+    NID_sha512 = 674
+};
+
 struct WOLFSSL_RSA {
 	WOLFSSL_BIGNUM* n;
 	WOLFSSL_BIGNUM* e;