| Bob Beck | bc97b7a | 2023-04-18 08:35:15 -0600 | [diff] [blame^] | 1 | // Copyright 2015 The Chromium Authors |
| 2 | // Use of this source code is governed by a BSD-style license that can be |
| 3 | // found in the LICENSE file. |
| 4 | |
| 5 | #ifndef BSSL_PKI_SIGNATURE_ALGORITHM_H_ |
| 6 | #define BSSL_PKI_SIGNATURE_ALGORITHM_H_ |
| 7 | |
| 8 | #include "fillins/openssl_util.h" |
| 9 | #include <stdint.h> |
| 10 | |
| 11 | |
| 12 | #include <optional> |
| 13 | #include <openssl/evp.h> |
| 14 | |
| 15 | namespace bssl { |
| 16 | |
| 17 | namespace der { |
| 18 | class Input; |
| 19 | } // namespace der |
| 20 | |
| 21 | // The digest algorithm used within a signature. |
| 22 | enum class DigestAlgorithm { |
| 23 | Md2, |
| 24 | Md4, |
| 25 | Md5, |
| 26 | Sha1, |
| 27 | Sha256, |
| 28 | Sha384, |
| 29 | Sha512, |
| 30 | }; |
| 31 | |
| 32 | // The signature algorithm used within a certificate. |
| 33 | enum class SignatureAlgorithm { |
| 34 | kRsaPkcs1Sha1, |
| 35 | kRsaPkcs1Sha256, |
| 36 | kRsaPkcs1Sha384, |
| 37 | kRsaPkcs1Sha512, |
| 38 | kEcdsaSha1, |
| 39 | kEcdsaSha256, |
| 40 | kEcdsaSha384, |
| 41 | kEcdsaSha512, |
| 42 | // These RSA-PSS constants match RFC 8446 and refer to RSASSA-PSS with MGF-1, |
| 43 | // using the specified hash as both the signature and MGF-1 hash, and the hash |
| 44 | // length as the salt length. |
| 45 | kRsaPssSha256, |
| 46 | kRsaPssSha384, |
| 47 | kRsaPssSha512, |
| 48 | }; |
| 49 | |
| 50 | // Parses AlgorithmIdentifier as defined by RFC 5280 section 4.1.1.2: |
| 51 | // |
| 52 | // AlgorithmIdentifier ::= SEQUENCE { |
| 53 | // algorithm OBJECT IDENTIFIER, |
| 54 | // parameters ANY DEFINED BY algorithm OPTIONAL } |
| 55 | [[nodiscard]] OPENSSL_EXPORT bool ParseAlgorithmIdentifier(const der::Input& input, |
| 56 | der::Input* algorithm, |
| 57 | der::Input* parameters); |
| 58 | |
| 59 | // Parses a HashAlgorithm as defined by RFC 5912: |
| 60 | // |
| 61 | // HashAlgorithm ::= AlgorithmIdentifier{DIGEST-ALGORITHM, |
| 62 | // {HashAlgorithms}} |
| 63 | // |
| 64 | // HashAlgorithms DIGEST-ALGORITHM ::= { |
| 65 | // { IDENTIFIER id-sha1 PARAMS TYPE NULL ARE preferredPresent } | |
| 66 | // { IDENTIFIER id-sha224 PARAMS TYPE NULL ARE preferredPresent } | |
| 67 | // { IDENTIFIER id-sha256 PARAMS TYPE NULL ARE preferredPresent } | |
| 68 | // { IDENTIFIER id-sha384 PARAMS TYPE NULL ARE preferredPresent } | |
| 69 | // { IDENTIFIER id-sha512 PARAMS TYPE NULL ARE preferredPresent } |
| 70 | // } |
| 71 | [[nodiscard]] bool ParseHashAlgorithm(const der::Input& input, |
| 72 | DigestAlgorithm* out); |
| 73 | |
| 74 | // Parses an AlgorithmIdentifier into a signature algorithm and returns it, or |
| 75 | // returns `std::nullopt` if `algorithm_identifer` either cannot be parsed or |
| 76 | // is not a recognized signature algorithm. |
| 77 | OPENSSL_EXPORT std::optional<SignatureAlgorithm> ParseSignatureAlgorithm( |
| 78 | const der::Input& algorithm_identifier); |
| 79 | |
| 80 | // Returns the hash to be used with the tls-server-end-point channel binding |
| 81 | // (RFC 5929) or `std::nullopt`, if not supported for this signature algorithm. |
| 82 | std::optional<DigestAlgorithm> GetTlsServerEndpointDigestAlgorithm( |
| 83 | SignatureAlgorithm alg); |
| 84 | |
| 85 | } // namespace net |
| 86 | |
| 87 | #endif // BSSL_PKI_SIGNATURE_ALGORITHM_H_ |
