xref: /openbsd/lib/libcrypto/objects/obj_xref.c (revision 9c6dcd48) 
1 /*	$OpenBSD: obj_xref.c,v 1.15 2024/08/28 06:53:24 tb Exp $ */
2 
3 /*
4  * Copyright (c) 2023 Theo Buehler <tb@openbsd.org>
5  *
6  * Permission to use, copy, modify, and distribute this software for any
7  * purpose with or without fee is hereby granted, provided that the above
8  * copyright notice and this permission notice appear in all copies.
9  *
10  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17  */
18 
19 #include <openssl/objects.h>
20 
21 /*
22  * Map between signature nids and pairs of (hash, pkey) nids. If the hash nid
23  * is NID_undef, this indicates to ASN1_item_{sign,verify}() that the pkey's
24  * ASN.1 method needs to handle algorithm identifiers and part of the message
25  * digest.
26  */
27 
28 static const struct {
29 	int sign_nid;
30 	int hash_nid;
31 	int pkey_nid;
32 } nid_triple[] = {
33 	{
34 		.sign_nid = NID_md2WithRSAEncryption,
35 		.hash_nid = NID_md2,
36 		.pkey_nid = NID_rsaEncryption,
37 	},
38 	{
39 		.sign_nid = NID_md5WithRSAEncryption,
40 		.hash_nid = NID_md5,
41 		.pkey_nid = NID_rsaEncryption,
42 	},
43 	{
44 		.sign_nid = NID_shaWithRSAEncryption,
45 		.hash_nid = NID_sha,
46 		.pkey_nid = NID_rsaEncryption,
47 	},
48 	{
49 		.sign_nid = NID_sha1WithRSAEncryption,
50 		.hash_nid = NID_sha1,
51 		.pkey_nid = NID_rsaEncryption,
52 	},
53 	{
54 		.sign_nid = NID_dsaWithSHA,
55 		.hash_nid = NID_sha,
56 		.pkey_nid = NID_dsa,
57 	},
58 	{
59 		.sign_nid = NID_dsaWithSHA1_2,
60 		.hash_nid = NID_sha1,
61 		.pkey_nid = NID_dsa_2,
62 	},
63 	{
64 		.sign_nid = NID_mdc2WithRSA,
65 		.hash_nid = NID_mdc2,
66 		.pkey_nid = NID_rsaEncryption,
67 	},
68 	{
69 		.sign_nid = NID_md5WithRSA,
70 		.hash_nid = NID_md5,
71 		.pkey_nid = NID_rsa,
72 	},
73 	{
74 		.sign_nid = NID_dsaWithSHA1,
75 		.hash_nid = NID_sha1,
76 		.pkey_nid = NID_dsa,
77 	},
78 	{
79 		.sign_nid = NID_sha1WithRSA,
80 		.hash_nid = NID_sha1,
81 		.pkey_nid = NID_rsa,
82 	},
83 	{
84 		.sign_nid = NID_ripemd160WithRSA,
85 		.hash_nid = NID_ripemd160,
86 		.pkey_nid = NID_rsaEncryption,
87 	},
88 	{
89 		.sign_nid = NID_md4WithRSAEncryption,
90 		.hash_nid = NID_md4,
91 		.pkey_nid = NID_rsaEncryption,
92 	},
93 	{
94 		.sign_nid = NID_ecdsa_with_SHA1,
95 		.hash_nid = NID_sha1,
96 		.pkey_nid = NID_X9_62_id_ecPublicKey,
97 	},
98 	{
99 		.sign_nid = NID_sha256WithRSAEncryption,
100 		.hash_nid = NID_sha256,
101 		.pkey_nid = NID_rsaEncryption,
102 	},
103 	{
104 		.sign_nid = NID_sha384WithRSAEncryption,
105 		.hash_nid = NID_sha384,
106 		.pkey_nid = NID_rsaEncryption,
107 	},
108 	{
109 		.sign_nid = NID_sha512WithRSAEncryption,
110 		.hash_nid = NID_sha512,
111 		.pkey_nid = NID_rsaEncryption,
112 	},
113 	{
114 		.sign_nid = NID_sha224WithRSAEncryption,
115 		.hash_nid = NID_sha224,
116 		.pkey_nid = NID_rsaEncryption,
117 	},
118 	{
119 		.sign_nid = NID_ecdsa_with_Recommended,
120 		.hash_nid = NID_undef,
121 		.pkey_nid = NID_X9_62_id_ecPublicKey,
122 	},
123 	{
124 		.sign_nid = NID_ecdsa_with_Specified,
125 		.hash_nid = NID_undef,
126 		.pkey_nid = NID_X9_62_id_ecPublicKey,
127 	},
128 	{
129 		.sign_nid = NID_ecdsa_with_SHA224,
130 		.hash_nid = NID_sha224,
131 		.pkey_nid = NID_X9_62_id_ecPublicKey,
132 	},
133 	{
134 		.sign_nid = NID_ecdsa_with_SHA256,
135 		.hash_nid = NID_sha256,
136 		.pkey_nid = NID_X9_62_id_ecPublicKey,
137 	},
138 	{
139 		.sign_nid = NID_ecdsa_with_SHA384,
140 		.hash_nid = NID_sha384,
141 		.pkey_nid = NID_X9_62_id_ecPublicKey,
142 	},
143 	{
144 		.sign_nid = NID_ecdsa_with_SHA512,
145 		.hash_nid = NID_sha512,
146 		.pkey_nid = NID_X9_62_id_ecPublicKey,
147 	},
148 	{
149 		.sign_nid = NID_dsa_with_SHA224,
150 		.hash_nid = NID_sha224,
151 		.pkey_nid = NID_dsa,
152 	},
153 	{
154 		.sign_nid = NID_dsa_with_SHA256,
155 		.hash_nid = NID_sha256,
156 		.pkey_nid = NID_dsa,
157 	},
158 	{
159 		.sign_nid = NID_id_GostR3411_94_with_GostR3410_2001,
160 		.hash_nid = NID_id_GostR3411_94,
161 		.pkey_nid = NID_id_GostR3410_2001,
162 	},
163 	{
164 		.sign_nid = NID_id_GostR3411_94_with_GostR3410_94,
165 		.hash_nid = NID_id_GostR3411_94,
166 		.pkey_nid = NID_id_GostR3410_94,
167 	},
168 	{
169 		.sign_nid = NID_id_GostR3411_94_with_GostR3410_94_cc,
170 		.hash_nid = NID_id_GostR3411_94,
171 		.pkey_nid = NID_id_GostR3410_94_cc,
172 	},
173 	{
174 		.sign_nid = NID_id_GostR3411_94_with_GostR3410_2001_cc,
175 		.hash_nid = NID_id_GostR3411_94,
176 		.pkey_nid = NID_id_GostR3410_2001_cc,
177 	},
178 	{
179 		.sign_nid = NID_rsassaPss,
180 		.hash_nid = NID_undef,
181 		.pkey_nid = NID_rsassaPss,
182 	},
183 	{
184 		.sign_nid = NID_id_tc26_signwithdigest_gost3410_2012_256,
185 		.hash_nid = NID_id_tc26_gost3411_2012_256,
186 		.pkey_nid = NID_id_GostR3410_2001,
187 	},
188 	{
189 		.sign_nid = NID_id_tc26_signwithdigest_gost3410_2012_512,
190 		.hash_nid = NID_id_tc26_gost3411_2012_512,
191 		.pkey_nid = NID_id_GostR3410_2001,
192 	},
193 	{
194 		.sign_nid = NID_Ed25519,
195 		.hash_nid = NID_undef,
196 		.pkey_nid = NID_Ed25519,
197 	},
198 	{
199 		.sign_nid = NID_dhSinglePass_stdDH_sha1kdf_scheme,
200 		.hash_nid = NID_sha1,
201 		.pkey_nid = NID_dh_std_kdf,
202 	},
203 	{
204 		.sign_nid = NID_dhSinglePass_stdDH_sha224kdf_scheme,
205 		.hash_nid = NID_sha224,
206 		.pkey_nid = NID_dh_std_kdf,
207 	},
208 	{
209 		.sign_nid = NID_dhSinglePass_stdDH_sha256kdf_scheme,
210 		.hash_nid = NID_sha256,
211 		.pkey_nid = NID_dh_std_kdf,
212 	},
213 	{
214 		.sign_nid = NID_dhSinglePass_stdDH_sha384kdf_scheme,
215 		.hash_nid = NID_sha384,
216 		.pkey_nid = NID_dh_std_kdf,
217 	},
218 	{
219 		.sign_nid = NID_dhSinglePass_stdDH_sha512kdf_scheme,
220 		.hash_nid = NID_sha512,
221 		.pkey_nid = NID_dh_std_kdf,
222 	},
223 	{
224 		.sign_nid = NID_dhSinglePass_cofactorDH_sha1kdf_scheme,
225 		.hash_nid = NID_sha1,
226 		.pkey_nid = NID_dh_cofactor_kdf,
227 	},
228 	{
229 		.sign_nid = NID_dhSinglePass_cofactorDH_sha224kdf_scheme,
230 		.hash_nid = NID_sha224,
231 		.pkey_nid = NID_dh_cofactor_kdf,
232 	},
233 	{
234 		.sign_nid = NID_dhSinglePass_cofactorDH_sha256kdf_scheme,
235 		.hash_nid = NID_sha256,
236 		.pkey_nid = NID_dh_cofactor_kdf,
237 	},
238 	{
239 		.sign_nid = NID_dhSinglePass_cofactorDH_sha384kdf_scheme,
240 		.hash_nid = NID_sha384,
241 		.pkey_nid = NID_dh_cofactor_kdf,
242 	},
243 	{
244 		.sign_nid = NID_dhSinglePass_cofactorDH_sha512kdf_scheme,
245 		.hash_nid = NID_sha512,
246 		.pkey_nid = NID_dh_cofactor_kdf,
247 	},
248 	{
249 		.sign_nid = NID_RSA_SHA3_224,
250 		.hash_nid = NID_sha3_224,
251 		.pkey_nid = NID_rsaEncryption,
252 	},
253 	{
254 		.sign_nid = NID_RSA_SHA3_256,
255 		.hash_nid = NID_sha3_256,
256 		.pkey_nid = NID_rsaEncryption,
257 	},
258 	{
259 		.sign_nid = NID_RSA_SHA3_384,
260 		.hash_nid = NID_sha3_384,
261 		.pkey_nid = NID_rsaEncryption,
262 	},
263 	{
264 		.sign_nid = NID_RSA_SHA3_512,
265 		.hash_nid = NID_sha3_512,
266 		.pkey_nid = NID_rsaEncryption,
267 	},
268 	{
269 		.sign_nid = NID_ecdsa_with_SHA3_224,
270 		.hash_nid = NID_sha3_224,
271 		.pkey_nid = NID_X9_62_id_ecPublicKey,
272 	},
273 	{
274 		.sign_nid = NID_ecdsa_with_SHA3_256,
275 		.hash_nid = NID_sha3_256,
276 		.pkey_nid = NID_X9_62_id_ecPublicKey,
277 	},
278 	{
279 		.sign_nid = NID_ecdsa_with_SHA3_384,
280 		.hash_nid = NID_sha3_384,
281 		.pkey_nid = NID_X9_62_id_ecPublicKey,
282 	},
283 	{
284 		.sign_nid = NID_ecdsa_with_SHA3_512,
285 		.hash_nid = NID_sha3_512,
286 		.pkey_nid = NID_X9_62_id_ecPublicKey,
287 	},
288 };
289 
290 #define N_NID_TRIPLES (sizeof(nid_triple) / sizeof(nid_triple[0]))
291 
292 int
OBJ_find_sigid_algs(int sign_nid,int * hash_nid,int * pkey_nid)293 OBJ_find_sigid_algs(int sign_nid, int *hash_nid, int *pkey_nid)
294 {
295 	size_t i;
296 
297 	for (i = 0; i < N_NID_TRIPLES; i++) {
298 		if (sign_nid != nid_triple[i].sign_nid)
299 			continue;
300 
301 		if (hash_nid != NULL)
302 			*hash_nid = nid_triple[i].hash_nid;
303 		if (pkey_nid != NULL)
304 			*pkey_nid = nid_triple[i].pkey_nid;
305 
306 		return 1;
307 	}
308 
309 	return 0;
310 }
311 LCRYPTO_ALIAS(OBJ_find_sigid_algs);
312 
313 int
OBJ_find_sigid_by_algs(int * sign_nid,int hash_nid,int pkey_nid)314 OBJ_find_sigid_by_algs(int *sign_nid, int hash_nid, int pkey_nid)
315 {
316 	size_t i;
317 
318 	for (i = 0; i < N_NID_TRIPLES; i++) {
319 		if (hash_nid != nid_triple[i].hash_nid)
320 			continue;
321 		if (pkey_nid != nid_triple[i].pkey_nid)
322 			continue;
323 
324 		if (sign_nid != NULL)
325 			*sign_nid = nid_triple[i].sign_nid;
326 
327 		return 1;
328 	}
329 
330 	return 0;
331 }
332 LCRYPTO_ALIAS(OBJ_find_sigid_by_algs);
333