Helper functions for signature generation and verification. More...
#include "tls.h"Go to the source code of this file.
Macros | |
| #define | TLS_SIGN_ALGO(signScheme) ((TlsSignatureAlgo) LSB(signScheme)) |
| #define | TLS_HASH_ALGO(signScheme) ((TlsHashAlgo) MSB(signScheme)) |
Functions | |
| error_t | tlsSelectSignAlgo (TlsContext *context, const TlsCertDesc *cert, const TlsSignSchemeList *signAlgoList) |
| Select the algorithm to be used when generating digital signatures. More... | |
| error_t | tlsFormatSignAlgosExtension (TlsContext *context, uint8_t *p, size_t *written) |
| Format SignatureAlgorithms extension. More... | |
| error_t | tlsFormatSignAlgosCertExtension (TlsContext *context, uint8_t *p, size_t *written) |
| Format SignatureAlgorithmsCert extension. More... | |
| error_t | tlsFormatSupportedSignAlgos (TlsContext *context, uint8_t *p, size_t *written) |
| Format the list of supported signature algorithms. More... | |
| bool_t | tlsIsSignAlgoOffered (uint16_t signScheme, const TlsSignSchemeList *signSchemeList) |
| Check whether a signature algorithm is offered in the SignatureAlgorithms extension. More... | |
| bool_t | tlsIsSignAlgoAcceptable (TlsContext *context, uint16_t signScheme, const TlsCertDesc *cert) |
| Check whether a signature algorithm is compatible with the specified end-entity certificate. More... | |
| bool_t | tlsIsSignAlgoSupported (TlsContext *context, uint16_t signScheme) |
| Check whether a signature algorithm can be used for digital signatures. More... | |
| bool_t | tlsIsCertSignAlgoSupported (uint16_t signScheme) |
| Check whether a signature algorithm can be used for X.509 certificate validation. More... | |
Detailed Description
Helper functions for signature generation and verification.
License
SPDX-License-Identifier: GPL-2.0-or-later
Copyright (C) 2022-2024 Oryx Embedded SARL. All rights reserved.
This file is part of CycloneIPSEC Open.
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- Version
- 2.4.0
Definition in file tls_sign_misc.h.
Macro Definition Documentation
◆ TLS_HASH_ALGO
| #define TLS_HASH_ALGO | ( | signScheme | ) | ((TlsHashAlgo) MSB(signScheme)) |
Definition at line 41 of file tls_sign_misc.h.
◆ TLS_SIGN_ALGO
| #define TLS_SIGN_ALGO | ( | signScheme | ) | ((TlsSignatureAlgo) LSB(signScheme)) |
Definition at line 38 of file tls_sign_misc.h.
Function Documentation
◆ tlsFormatSignAlgosCertExtension()
| error_t tlsFormatSignAlgosCertExtension | ( | TlsContext * | context, |
| uint8_t * | p, | ||
| size_t * | written | ||
| ) |
Format SignatureAlgorithmsCert extension.
- Parameters
-
[in] context Pointer to the TLS context [in] p Output stream where to write the SignatureAlgorithmsCert extension [out] written Total number of bytes that have been written
- Returns
- Error code
Definition at line 292 of file tls_sign_misc.c.
◆ tlsFormatSignAlgosExtension()
| error_t tlsFormatSignAlgosExtension | ( | TlsContext * | context, |
| uint8_t * | p, | ||
| size_t * | written | ||
| ) |
Format SignatureAlgorithms extension.
- Parameters
-
[in] context Pointer to the TLS context [in] p Output stream where to write the SignatureAlgorithms extension [out] written Total number of bytes that have been written
- Returns
- Error code
Definition at line 229 of file tls_sign_misc.c.
◆ tlsFormatSupportedSignAlgos()
| error_t tlsFormatSupportedSignAlgos | ( | TlsContext * | context, |
| uint8_t * | p, | ||
| size_t * | written | ||
| ) |
Format the list of supported signature algorithms.
- Parameters
-
[in] context Pointer to the TLS context [in] p Output stream where to write the list of signature algorithms [out] written Total number of bytes that have been written
- Returns
- Error code
Definition at line 362 of file tls_sign_misc.c.
◆ tlsIsCertSignAlgoSupported()
| bool_t tlsIsCertSignAlgoSupported | ( | uint16_t | signScheme | ) |
Check whether a signature algorithm can be used for X.509 certificate validation.
- Parameters
-
[in] signScheme Signature scheme
- Returns
- TRUE if the signature algorithm is supported, else FALSE
Definition at line 1007 of file tls_sign_misc.c.
◆ tlsIsSignAlgoAcceptable()
| bool_t tlsIsSignAlgoAcceptable | ( | TlsContext * | context, |
| uint16_t | signScheme, | ||
| const TlsCertDesc * | cert | ||
| ) |
Check whether a signature algorithm is compatible with the specified end-entity certificate.
- Parameters
-
[in] context Pointer to the TLS context [in] signScheme Signature scheme
- Returns
- TRUE if the signature algorithm is compatible, else FALSE
Definition at line 473 of file tls_sign_misc.c.
◆ tlsIsSignAlgoOffered()
| bool_t tlsIsSignAlgoOffered | ( | uint16_t | signScheme, |
| const TlsSignSchemeList * | signSchemeList | ||
| ) |
Check whether a signature algorithm is offered in the SignatureAlgorithms extension.
- Parameters
-
[in] signScheme Signature scheme [in] signSchemeList List of signature schemes
- Returns
- TRUE if the signature algorithm is offered in the SignatureAlgorithms extension, else FALSE
Definition at line 431 of file tls_sign_misc.c.
◆ tlsIsSignAlgoSupported()
| bool_t tlsIsSignAlgoSupported | ( | TlsContext * | context, |
| uint16_t | signScheme | ||
| ) |
Check whether a signature algorithm can be used for digital signatures.
- Parameters
-
[in] context Pointer to the TLS context [in] signScheme Signature scheme
- Returns
- TRUE if the signature algorithm is supported, else FALSE
Definition at line 666 of file tls_sign_misc.c.
◆ tlsSelectSignAlgo()
| error_t tlsSelectSignAlgo | ( | TlsContext * | context, |
| const TlsCertDesc * | cert, | ||
| const TlsSignSchemeList * | signAlgoList | ||
| ) |
Select the algorithm to be used when generating digital signatures.
- Parameters
-
[in] context Pointer to the TLS context [in] cert End entity certificate [in] signAlgoList List of signature/hash algorithm pairs offered by the peer
- Returns
- Error code
Definition at line 85 of file tls_sign_misc.c.