Author: mcalmer
Date: Thu Jan 15 13:30:31 2015
New Revision: 2773
URL: http://svn.opensuse.org/viewcvs/limal?rev=2773&view=rev
Log:
support digest sha224, sha256, sha384 and sha512
Modified:
limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/CRLData.cpp
limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/CRLDataImpl.hpp
limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/CRLData_Priv.cpp
limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/CertificateData.cpp
limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/CertificateDataImpl.hpp
limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/CertificateData_Priv.cpp
limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/CertificateIssueData.cpp
limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/RequestData_Priv.cpp
limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/RequestGenerationData.cpp
limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/limal/ca-mgm/CommonData.hpp
Modified: limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/CRLData.cpp
URL: http://svn.opensuse.org/viewcvs/limal/limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/CRLData.cpp?rev=2773&r1=2772&r2=2773&view=diff
==============================================================================
--- limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/CRLData.cpp (original)
+++ limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/CRLData.cpp Thu Jan 15 13:30:31 2015
@@ -178,19 +178,31 @@
blocxx::String
CRLData::getSignatureAlgorithmAsString() const
{
- switch(m_impl->signatureAlgorithm)
- {
- case E_SHA1RSA:
- return "SHA1RSA";
- break;
- case E_MD5RSA:
- return "MD5RSA";
- break;
- case E_SHA1DSA:
- return "SHA1DSA";
- break;
- }
- return String();
+ switch(m_impl->signatureAlgorithm)
+ {
+ case E_SHA1RSA:
+ return "SHA1RSA";
+ break;
+ case E_MD5RSA:
+ return "MD5RSA";
+ break;
+ case E_SHA1DSA:
+ return "SHA1DSA";
+ break;
+ case E_SHA224RSA:
+ return "SHA224RSA";
+ break;
+ case E_SHA256RSA:
+ return "SHA256RSA";
+ break;
+ case E_SHA384RSA:
+ return "SHA384RSA";
+ break;
+ case E_SHA512RSA:
+ return "SHA512RSA";
+ break;
+ }
+ return String();
}
ByteBuffer
Modified: limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/CRLDataImpl.hpp
URL: http://svn.opensuse.org/viewcvs/limal/limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/CRLDataImpl.hpp?rev=2773&r1=2772&r2=2773&view=diff
==============================================================================
--- limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/CRLDataImpl.hpp (original)
+++ limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/CRLDataImpl.hpp Thu Jan 15 13:30:31 2015
@@ -70,7 +70,7 @@
, lastUpdate(0)
, nextUpdate(0)
, issuer(DNObject())
- , signatureAlgorithm(E_SHA1RSA)
+ , signatureAlgorithm(E_SHA256RSA)
, signature(ByteBuffer())
, extensions(X509v3CRLExts_Priv())
, revocationData(blocxx::Map())
Modified: limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/CRLData_Priv.cpp
URL: http://svn.opensuse.org/viewcvs/limal/limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/CRLData_Priv.cpp?rev=2773&r1=2772&r2=2773&view=diff
==============================================================================
--- limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/CRLData_Priv.cpp (original)
+++ limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/CRLData_Priv.cpp Thu Jan 15 13:30:31 2015
@@ -417,6 +417,22 @@
{
setSignatureAlgorithm(E_SHA1DSA);
}
+ else if(sbuf.equalsIgnoreCase("sha224WithRSAEncryption") == 0 )
+ {
+ setSignatureAlgorithm(E_SHA224RSA);
+ }
+ else if(sbuf.equalsIgnoreCase("sha256WithRSAEncryption") == 0 )
+ {
+ setSignatureAlgorithm(E_SHA256RSA);
+ }
+ else if(sbuf.equalsIgnoreCase("sha384WithRSAEncryption") == 0 )
+ {
+ setSignatureAlgorithm(E_SHA384RSA);
+ }
+ else if(sbuf.equalsIgnoreCase("sha512WithRSAEncryption") == 0 )
+ {
+ setSignatureAlgorithm(E_SHA512RSA);
+ }
else
{
LOGIT_ERROR("Unsupported signature algorithm: '" << sbuf << "'");
Modified: limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/CertificateData.cpp
URL: http://svn.opensuse.org/viewcvs/limal/limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/CertificateData.cpp?rev=2773&r1=2772&r2=2773&view=diff
==============================================================================
--- limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/CertificateData.cpp (original)
+++ limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/CertificateData.cpp Thu Jan 15 13:30:31 2015
@@ -137,19 +137,31 @@
blocxx::String
CertificateData::getSignatureAlgorithmAsString() const
{
- switch(m_impl->signatureAlgorithm)
- {
- case E_SHA1RSA:
- return "SHA1RSA";
- break;
- case E_MD5RSA:
- return "MD5RSA";
- break;
- case E_SHA1DSA:
- return "SHA1DSA";
- break;
- }
- return String();
+ switch(m_impl->signatureAlgorithm)
+ {
+ case E_SHA1RSA:
+ return "SHA1RSA";
+ break;
+ case E_MD5RSA:
+ return "MD5RSA";
+ break;
+ case E_SHA1DSA:
+ return "SHA1DSA";
+ break;
+ case E_SHA224RSA:
+ return "SHA224RSA";
+ break;
+ case E_SHA256RSA:
+ return "SHA256RSA";
+ break;
+ case E_SHA384RSA:
+ return "SHA384RSA";
+ break;
+ case E_SHA512RSA:
+ return "SHA512RSA";
+ break;
+ }
+ return String();
}
ByteBuffer
Modified: limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/CertificateDataImpl.hpp
URL: http://svn.opensuse.org/viewcvs/limal/limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/CertificateDataImpl.hpp?rev=2773&r1=2772&r2=2773&view=diff
==============================================================================
--- limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/CertificateDataImpl.hpp (original)
+++ limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/CertificateDataImpl.hpp Thu Jan 15 13:30:31 2015
@@ -46,7 +46,7 @@
, keysize(2048)
, pubkeyAlgorithm(E_RSA)
, publicKey(ByteBuffer())
- , signatureAlgorithm(E_SHA1RSA)
+ , signatureAlgorithm(E_SHA256RSA)
, signature(ByteBuffer())
, extensions(X509v3CertificateExts_Priv())
, x509(NULL)
Modified: limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/CertificateData_Priv.cpp
URL: http://svn.opensuse.org/viewcvs/limal/limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/CertificateData_Priv.cpp?rev=2773&r1=2772&r2=2773&view=diff
==============================================================================
--- limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/CertificateData_Priv.cpp (original)
+++ limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/CertificateData_Priv.cpp Thu Jan 15 13:30:31 2015
@@ -466,27 +466,43 @@
sbuf = String(cbuf, n);
BIO_free(bio);
- if(sbuf.equalsIgnoreCase("sha1WithRSAEncryption") )
- {
- setSignatureAlgorithm( E_SHA1RSA );
- }
- else if(sbuf.equalsIgnoreCase("md5WithRSAEncryption") )
- {
- setSignatureAlgorithm( E_MD5RSA );
- }
- else if(sbuf.equalsIgnoreCase("dsaWithSHA1") )
- {
- setSignatureAlgorithm( E_SHA1DSA );
- }
- else
- {
- EVP_PKEY_free(pkey);
-
- LOGIT_ERROR("Unsupported signature algorithm: '" << sbuf << "'");
- BLOCXX_THROW(limal::RuntimeException,
+ if(sbuf.equalsIgnoreCase("sha1WithRSAEncryption") == 0)
+ {
+ setSignatureAlgorithm( E_SHA1RSA );
+ }
+ else if(sbuf.equalsIgnoreCase("md5WithRSAEncryption") == 0)
+ {
+ setSignatureAlgorithm( E_MD5RSA );
+ }
+ else if(sbuf.equalsIgnoreCase("dsaWithSHA1") == 0)
+ {
+ setSignatureAlgorithm( E_SHA1DSA );
+ }
+ else if(sbuf.equalsIgnoreCase("sha224WithRSAEncryption") == 0 )
+ {
+ setSignatureAlgorithm(E_SHA224RSA);
+ }
+ else if(sbuf.equalsIgnoreCase("sha256WithRSAEncryption") == 0 )
+ {
+ setSignatureAlgorithm(E_SHA256RSA);
+ }
+ else if(sbuf.equalsIgnoreCase("sha384WithRSAEncryption") == 0 )
+ {
+ setSignatureAlgorithm(E_SHA384RSA);
+ }
+ else if(sbuf.equalsIgnoreCase("sha512WithRSAEncryption") == 0 )
+ {
+ setSignatureAlgorithm(E_SHA512RSA);
+ }
+ else
+ {
+ EVP_PKEY_free(pkey);
+
+ LOGIT_ERROR("Unsupported signature algorithm: '" << sbuf << "'");
+ BLOCXX_THROW(limal::RuntimeException,
// %1 is the unsupported signature algorithm string
Format(__("Unsupported signature algorithm %1."), sbuf).c_str());
- }
+ }
// get signature
Modified: limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/CertificateIssueData.cpp
URL: http://svn.opensuse.org/viewcvs/limal/limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/CertificateIssueData.cpp?rev=2773&r1=2772&r2=2773&view=diff
==============================================================================
--- limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/CertificateIssueData.cpp (original)
+++ limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/CertificateIssueData.cpp Thu Jan 15 13:30:31 2015
@@ -43,7 +43,7 @@
CertificateIssueDataImpl()
: notBefore(0)
, notAfter(0)
- , messageDigest(E_SHA1)
+ , messageDigest(E_SHA256)
, extensions(X509v3CertificateIssueExts())
{}
@@ -101,11 +101,27 @@
{
setMessageDigest( E_MDC2 );
}
+ else if(0 == md.equalsIgnoreCase("sha224"))
+ {
+ setMessageDigest( E_SHA224 );
+ }
+ else if(0 == md.equalsIgnoreCase("sha256"))
+ {
+ setMessageDigest( E_SHA256 );
+ }
+ else if(0 == md.equalsIgnoreCase("sha384"))
+ {
+ setMessageDigest( E_SHA384 );
+ }
+ else if(0 == md.equalsIgnoreCase("sha512"))
+ {
+ setMessageDigest( E_SHA512 );
+ }
else
{
LOGIT_INFO("unsupported message digest: " << md);
- LOGIT_INFO("select default sha1.");
- setMessageDigest( E_SHA1 );
+ LOGIT_INFO("select default sha256.");
+ setMessageDigest( E_SHA256 );
}
setExtensions( X509v3CertificateIssueExts(caConfig, type));
@@ -222,7 +238,7 @@
ca.getConfig()->setValue(type2Section(type, false), "default_days", String(t));
- String md("sha1");
+ String md("sha256");
switch(getMessageDigest())
{
case E_SHA1:
@@ -234,6 +250,18 @@
case E_MDC2:
md = "mdc2";
break;
+ case E_SHA224:
+ md = "sha224";
+ break;
+ case E_SHA256:
+ md = "sha256";
+ break;
+ case E_SHA384:
+ md = "sha384";
+ break;
+ case E_SHA512:
+ md = "sha512";
+ break;
}
ca.getConfig()->setValue(type2Section(type, false), "default_md", md);
Modified: limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/RequestData_Priv.cpp
URL: http://svn.opensuse.org/viewcvs/limal/limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/RequestData_Priv.cpp?rev=2773&r1=2772&r2=2773&view=diff
==============================================================================
--- limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/RequestData_Priv.cpp (original)
+++ limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/RequestData_Priv.cpp Thu Jan 15 13:30:31 2015
@@ -267,6 +267,22 @@
{
m_impl->signatureAlgorithm = E_SHA1DSA;
}
+ else if(sbuf.equalsIgnoreCase("sha224WithRSAEncryption") )
+ {
+ m_impl->signatureAlgorithm = E_SHA224RSA;
+ }
+ else if(sbuf.equalsIgnoreCase("sha256WithRSAEncryption") )
+ {
+ m_impl->signatureAlgorithm = E_SHA256RSA;
+ }
+ else if(sbuf.equalsIgnoreCase("sha384WithRSAEncryption") )
+ {
+ m_impl->signatureAlgorithm = E_SHA384RSA;
+ }
+ else if(sbuf.equalsIgnoreCase("sha512WithRSAEncryption") )
+ {
+ m_impl->signatureAlgorithm = E_SHA512RSA;
+ }
else
{
EVP_PKEY_free(pkey);
Modified: limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/RequestGenerationData.cpp
URL: http://svn.opensuse.org/viewcvs/limal/limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/RequestGenerationData.cpp?rev=2773&r1=2772&r2=2773&view=diff
==============================================================================
--- limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/RequestGenerationData.cpp (original)
+++ limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/RequestGenerationData.cpp Thu Jan 15 13:30:31 2015
@@ -43,7 +43,7 @@
RequestGenerationDataImpl()
: subject(DNObject())
, keysize(0)
- , messageDigest(E_SHA1)
+ , messageDigest(E_SHA256)
, challengePassword("")
, unstructuredName("")
, extensions(X509v3RequestExts())
@@ -107,11 +107,27 @@
{
m_impl->messageDigest = E_MDC2;
}
+ else if(md.equalsIgnoreCase("sha224"))
+ {
+ m_impl->messageDigest = E_SHA224;
+ }
+ else if(md.equalsIgnoreCase("sha256"))
+ {
+ m_impl->messageDigest = E_SHA256;
+ }
+ else if(md.equalsIgnoreCase("sha384"))
+ {
+ m_impl->messageDigest = E_SHA384;
+ }
+ else if(md.equalsIgnoreCase("sha512"))
+ {
+ m_impl->messageDigest = E_SHA512;
+ }
else
{
LOGIT_INFO("unsupported message digest: " << md);
- LOGIT_INFO("select default sha1.");
- m_impl->messageDigest = E_SHA1;
+ LOGIT_INFO("select default sha256.");
+ m_impl->messageDigest = E_SHA256;
}
}
@@ -250,7 +266,7 @@
ca.getConfig()->setValue(type2Section(type, false), "default_bits", String(m_impl->keysize));
- String md("sha1");
+ String md("sha256");
switch(m_impl->messageDigest)
{
case E_SHA1:
@@ -262,7 +278,19 @@
case E_MDC2:
md = "mdc2";
break;
- }
+ case E_SHA224:
+ md = "sha224";
+ break;
+ case E_SHA256:
+ md = "sha256";
+ break;
+ case E_SHA384:
+ md = "sha384";
+ break;
+ case E_SHA512:
+ md = "sha512";
+ break;
+}
ca.getConfig()->setValue(type2Section(type, false), "default_md", md);
m_impl->extensions.commit2Config(ca, type);
Modified: limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/limal/ca-mgm/CommonData.hpp
URL: http://svn.opensuse.org/viewcvs/limal/limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/limal/ca-mgm/CommonData.hpp?rev=2773&r1=2772&r2=2773&view=diff
==============================================================================
--- limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/limal/ca-mgm/CommonData.hpp (original)
+++ limal-branches/SLE-11-SP-Working-Branch/limal-ca-mgm/src/limal/ca-mgm/CommonData.hpp Thu Jan 15 13:30:31 2015
@@ -63,12 +63,20 @@
E_SHA1RSA,
E_MD5RSA,
E_SHA1DSA,
+ E_SHA224RSA,
+ E_SHA256RSA,
+ E_SHA384RSA,
+ E_SHA512RSA,
};
enum MD {
E_SHA1,
E_MD5,
E_MDC2,
+ E_SHA224,
+ E_SHA256,
+ E_SHA384,
+ E_SHA512,
};
enum EErrorCodes
--
To unsubscribe, e-mail: limal-commit+unsubscribe@opensuse.org
For additional commands, e-mail: limal-commit+help@opensuse.org