Skip to content

Initialize certificate: default to SHA-1 when necessary #10173

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
SparkiDev wants to merge 1 commit into
base: master
Choose a base branch
from
+63 −9
Open

Initialize certificate: default to SHA-1 when necessary #10173

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 9 additions & 1 deletion tests/api/test_ossl_x509_crypto.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -698,8 +698,16 @@ int test_wolfSSL_make_cert(void)
cert.isCA = 1;
#ifndef NO_SHA256
cert.sigType = CTC_SHA256wRSA;
#else
#elif defined(WOLFSSL_SHA384)
cert.sigType = CTC_SHA384wRSA;
#elif defined(WOLFSSL_SHA512)
cert.sigType = CTC_SHA512wRSA;
#elif defined(WOLFSSL_SHA224)
cert.sigType = CTC_SHA224wRSA;
#elif !defined(NO_SHA)
cert.sigType = CTC_SHAwRSA;
#else
#error "No signature type available"
#endif

/* add SKID from the Public Key */
Expand Down
12 changes: 9 additions & 3 deletions wolfcrypt/src/asn.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24985,10 +24985,16 @@ int wc_InitCert_ex(Cert* cert, void* heap, int devId)
XMEMSET(cert, 0, sizeof(Cert));

cert->version = 2; /* version 3 is hex 2 */
#ifndef NO_SHA
cert->sigType = CTC_SHAwRSA;
#elif !defined(NO_SHA256)
#if !defined(NO_SHA256)
cert->sigType = CTC_SHA256wRSA;
#elif defined(WOLFSSL_SHA384)
cert->sigType = CTC_SHA384wRSA;
#elif defined(WOLFSSL_SHA512)
cert->sigType = CTC_SHA512wRSA;
#elif defined(WOLFSSL_SHA224)
cert->sigType = CTC_SHA224wRSA;
#elif !defined(NO_SHA)
cert->sigType = CTC_SHAwRSA;
#else
cert->sigType = 0;
#endif
Expand Down
50 changes: 45 additions & 5 deletions wolfcrypt/test/test.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24505,8 +24505,16 @@ static wc_test_ret_t rsa_certgen_test(RsaKey* key, RsaKey* keypub, WC_RNG* rng,
myCert->isCA = 1;
#ifndef NO_SHA256
myCert->sigType = CTC_SHA256wRSA;
#else
#elif defined(WOLFSSL_SHA384)
myCert->sigType = CTC_SHA384wRSA;
#elif defined(WOLFSSL_SHA512)
myCert->sigType = CTC_SHA512wRSA;
#elif defined(WOLFSSL_SHA224)
myCert->sigType = CTC_SHA224wRSA;
#elif !defined(NO_SHA)
myCert->sigType = CTC_SHAwRSA;
#else
#error "No signature type available"
#endif

#ifdef WOLFSSL_CERT_EXT
Expand Down Expand Up @@ -24652,8 +24660,16 @@ static wc_test_ret_t rsa_certgen_test(RsaKey* key, RsaKey* keypub, WC_RNG* rng,

#ifndef NO_SHA256
myCert->sigType = CTC_SHA256wRSA;
#else
#elif defined(WOLFSSL_SHA384)
myCert->sigType = CTC_SHA384wRSA;
#elif defined(WOLFSSL_SHA512)
myCert->sigType = CTC_SHA512wRSA;
#elif defined(WOLFSSL_SHA224)
myCert->sigType = CTC_SHA224wRSA;
#elif !defined(NO_SHA)
myCert->sigType = CTC_SHAwRSA;
#else
#error "No signature type available"
#endif

XMEMCPY(&myCert->subject, &certDefaultName, sizeof(CertName));
Expand Down Expand Up @@ -24878,8 +24894,16 @@ static wc_test_ret_t rsa_ecc_certgen_test(WC_RNG* rng, byte* tmp)

#ifndef NO_SHA256
myCert->sigType = CTC_SHA256wRSA;
#else
#elif defined(WOLFSSL_SHA384)
myCert->sigType = CTC_SHA384wRSA;
#elif defined(WOLFSSL_SHA512)
myCert->sigType = CTC_SHA512wRSA;
#elif defined(WOLFSSL_SHA224)
myCert->sigType = CTC_SHA224wRSA;
#elif !defined(NO_SHA)
myCert->sigType = CTC_SHAwRSA;
#else
#error "No signature type available"
#endif

XMEMCPY(&myCert->subject, &certDefaultName, sizeof(CertName));
Expand Down Expand Up @@ -25981,8 +26005,16 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rsa_test(void)

#ifndef NO_SHA256
req->sigType = CTC_SHA256wRSA;
#else
#elif defined(WOLFSSL_SHA384)
req->sigType = CTC_SHA384wRSA;
#elif defined(WOLFSSL_SHA512)
req->sigType = CTC_SHA512wRSA;
#elif defined(WOLFSSL_SHA224)
req->sigType = CTC_SHA224wRSA;
#elif !defined(NO_SHA)
req->sigType = CTC_SHAwRSA;
#else
#error "No signature type available"
#endif

#ifdef WOLFSSL_CERT_EXT
Expand Down Expand Up @@ -37094,8 +37126,16 @@ static wc_test_ret_t ecc_test_cert_gen(WC_RNG* rng)

#ifndef NO_SHA256
myCert->sigType = CTC_SHA256wECDSA;
#else
#elif defined(WOLFSSL_SHA384)
myCert->sigType = CTC_SHA384wECDSA;
#elif defined(WOLFSSL_SHA512)
myCert->sigType = CTC_SHA512wECDSA;
#elif defined(WOLFSSL_SHA224)
myCert->sigType = CTC_SHA224wECDSA;
#elif !defined(NO_SHA)
myCert->sigType = CTC_SHAwECDSA;
#else
#error "No signature type available"
#endif
XMEMCPY(&myCert->subject, &certDefaultName, sizeof(CertName));

Expand Down
Loading