xref: /freebsd/crypto/openssl/providers/common/der/der_rsa_sig.c (revision 7ef62cebc2f965b0f640263e179276928885e33d) 
1 /*
2  * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
3  *
4  * Licensed under the Apache License 2.0 (the "License").  You may not use
5  * this file except in compliance with the License.  You can obtain a copy
6  * in the file LICENSE in the source distribution or at
7  * https://www.openssl.org/source/license.html
8  */
9 
10 #include <openssl/obj_mac.h>
11 #include "internal/packet.h"
12 #include "prov/der_rsa.h"
13 #include "prov/der_digests.h"
14 
15 /* Aliases so we can have a uniform MD_with_RSA_CASE */
16 #define ossl_der_oid_sha3_224WithRSAEncryption \
17     ossl_der_oid_id_rsassa_pkcs1_v1_5_with_sha3_224
18 #define ossl_der_oid_sha3_256WithRSAEncryption \
19     ossl_der_oid_id_rsassa_pkcs1_v1_5_with_sha3_256
20 #define ossl_der_oid_sha3_384WithRSAEncryption \
21     ossl_der_oid_id_rsassa_pkcs1_v1_5_with_sha3_384
22 #define ossl_der_oid_sha3_512WithRSAEncryption \
23     ossl_der_oid_id_rsassa_pkcs1_v1_5_with_sha3_512
24 #define ossl_der_oid_mdc2WithRSAEncryption \
25     ossl_der_oid_mdc2WithRSASignature
26 
27 #define MD_with_RSA_CASE(name, var)                                     \
28     case NID_##name:                                                    \
29         var = ossl_der_oid_##name##WithRSAEncryption;                   \
30         var##_sz = sizeof(ossl_der_oid_##name##WithRSAEncryption);      \
31         break;
32 
33 int ossl_DER_w_algorithmIdentifier_MDWithRSAEncryption(WPACKET *pkt, int tag,
34                                                        int mdnid)
35 {
36     const unsigned char *precompiled = NULL;
37     size_t precompiled_sz = 0;
38 
39     switch (mdnid) {
40 #ifndef FIPS_MODULE
41         MD_with_RSA_CASE(md2, precompiled);
42         MD_with_RSA_CASE(md5, precompiled);
43         MD_with_RSA_CASE(md4, precompiled);
44         MD_with_RSA_CASE(ripemd160, precompiled);
45         MD_with_RSA_CASE(mdc2, precompiled);
46 #endif
47         MD_with_RSA_CASE(sha1, precompiled);
48         MD_with_RSA_CASE(sha224, precompiled);
49         MD_with_RSA_CASE(sha256, precompiled);
50         MD_with_RSA_CASE(sha384, precompiled);
51         MD_with_RSA_CASE(sha512, precompiled);
52         MD_with_RSA_CASE(sha512_224, precompiled);
53         MD_with_RSA_CASE(sha512_256, precompiled);
54         MD_with_RSA_CASE(sha3_224, precompiled);
55         MD_with_RSA_CASE(sha3_256, precompiled);
56         MD_with_RSA_CASE(sha3_384, precompiled);
57         MD_with_RSA_CASE(sha3_512, precompiled);
58     default:
59         /*
60          * Hash algorithms for which we do not have a valid OID
61          * such as md5sha1 will just fail to provide the der encoding.
62          * That does not prevent producing signatures if OID is not needed.
63          */
64         return -1;
65     }
66 
67     return ossl_DER_w_begin_sequence(pkt, tag)
68         /* PARAMETERS, always NULL according to current standards */
69         && ossl_DER_w_null(pkt, -1)
70         /* OID */
71         && ossl_DER_w_precompiled(pkt, -1, precompiled, precompiled_sz)
72         && ossl_DER_w_end_sequence(pkt, tag);
73 }
74