tls-crypto: Add missing signature scheme constants

Some peers, e.g. Firefox, send a wide range of signature algorithms. To prevent numeric identifiers in the log these algorithms are added here.
2020-10-10 17:10:37 +02:00 · 2020-10-10 17:10:37 +02:00 · 91c9e4d576
parent 0dfe1590b6
commit 91c9e4d576
2 changed files with 19 additions and 11 deletions
--- a/src/libtls/tls_crypto.c
+++ b/src/libtls/tls_crypto.c
@ -277,22 +277,24 @@ ENUM_NEXT(tls_signature_scheme_names,
 		  TLS_SIG_ECDSA_SHA1, TLS_SIG_ECDSA_SHA1, TLS_SIG_RSA_PKCS1_SHA1,
 	"ECDSA_SHA1");
 ENUM_NEXT(tls_signature_scheme_names,
-		  TLS_SIG_RSA_PKCS1_SHA256, TLS_SIG_RSA_PKCS1_SHA256, TLS_SIG_ECDSA_SHA1,
-	"RSA_PKCS1_SHA256");
+		  TLS_SIG_RSA_PKCS1_SHA224, TLS_SIG_ECDSA_SHA224, TLS_SIG_ECDSA_SHA1,
+	"RSA_PKCS1_SHA224",
+	"DSA_SHA224",
+	"ECDSA_SHA224");
 ENUM_NEXT(tls_signature_scheme_names,
-		  TLS_SIG_ECDSA_SHA256, TLS_SIG_ECDSA_SHA256, TLS_SIG_RSA_PKCS1_SHA256,
+		  TLS_SIG_RSA_PKCS1_SHA256, TLS_SIG_ECDSA_SHA256, TLS_SIG_ECDSA_SHA224,
+	"RSA_PKCS1_SHA256",
+	"DSA_SHA256",
 	"ECDSA_SHA256");
 ENUM_NEXT(tls_signature_scheme_names,
-		  TLS_SIG_RSA_PKCS1_SHA384, TLS_SIG_RSA_PKCS1_SHA384, TLS_SIG_ECDSA_SHA256,
-	"RSA_PKCS1_SHA384");
-ENUM_NEXT(tls_signature_scheme_names,
-		  TLS_SIG_ECDSA_SHA384, TLS_SIG_ECDSA_SHA384, TLS_SIG_RSA_PKCS1_SHA384,
+		  TLS_SIG_RSA_PKCS1_SHA384, TLS_SIG_ECDSA_SHA384, TLS_SIG_ECDSA_SHA256,
+	"RSA_PKCS1_SHA384",
+	"DSA_SHA384",
 	"ECDSA_SHA384");
 ENUM_NEXT(tls_signature_scheme_names,
-		  TLS_SIG_RSA_PKCS1_SHA512, TLS_SIG_RSA_PKCS1_SHA512, TLS_SIG_ECDSA_SHA384,
-	"RSA_PKCS1_SHA512");
-ENUM_NEXT(tls_signature_scheme_names,
-		  TLS_SIG_ECDSA_SHA512, TLS_SIG_ECDSA_SHA512, TLS_SIG_RSA_PKCS1_SHA512,
+		  TLS_SIG_RSA_PKCS1_SHA512, TLS_SIG_ECDSA_SHA512, TLS_SIG_ECDSA_SHA384,
+	"RSA_PKCS1_SHA512",
+	"DSA_SHA512",
 	"ECDSA_SHA512");
 ENUM_NEXT(tls_signature_scheme_names,
 		  TLS_SIG_RSA_PSS_RSAE_SHA256, TLS_SIG_RSA_PSS_PSS_SHA512, TLS_SIG_ECDSA_SHA512,
--- a/src/libtls/tls_crypto.h
+++ b/src/libtls/tls_crypto.h
@ -297,11 +297,17 @@ enum tls_signature_scheme_t {
 	 * second the key type) */
 	TLS_SIG_RSA_PKCS1_SHA1 =		0x0201,
 	TLS_SIG_ECDSA_SHA1 =			0x0203,
+	TLS_SIG_RSA_PKCS1_SHA224 =		0x0301,
+	TLS_SIG_DSA_SHA224 =			0x0302,
+	TLS_SIG_ECDSA_SHA224 =			0x0303,
 	TLS_SIG_RSA_PKCS1_SHA256 =		0x0401,
+	TLS_SIG_DSA_SHA256 =			0x0402,
 	TLS_SIG_ECDSA_SHA256 =			0x0403,
 	TLS_SIG_RSA_PKCS1_SHA384 =		0x0501,
+	TLS_SIG_DSA_SHA384 =			0x0502,
 	TLS_SIG_ECDSA_SHA384 =			0x0503,
 	TLS_SIG_RSA_PKCS1_SHA512 =		0x0601,
+	TLS_SIG_DSA_SHA512 =			0x0602,
 	TLS_SIG_ECDSA_SHA512 =			0x0603,
 	/* RSASSA-PSS for public keys with OID rsaEncryption */
 	TLS_SIG_RSA_PSS_RSAE_SHA256 =	0x0804,