Add tls13 sig alg parameters
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 97b786a..6e6cd47 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -1534,7 +1534,19 @@
if( *p == ',' )
*p++ = '\0';
- if( strcmp( q, "ecdsa_secp256r1_sha256" ) == 0 )
+ if( strcmp( q, "rsa_pkcs1_sha256" ) == 0 )
+ {
+ sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA256;
+ }
+ else if( strcmp( q, "rsa_pkcs1_sha384" ) == 0 )
+ {
+ sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA384;
+ }
+ else if( strcmp( q, "rsa_pkcs1_sha512" ) == 0 )
+ {
+ sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA512;
+ }
+ else if( strcmp( q, "ecdsa_secp256r1_sha256" ) == 0 )
{
sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_ECDSA_SECP256R1_SHA256;
}
@@ -1558,21 +1570,55 @@
{
sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA512;
}
- else if( strcmp( q, "rsa_pkcs1_sha256" ) == 0 )
+ else if( strcmp( q, "ed25519" ) == 0 )
{
- sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA256;
+ sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_ED25519;
+ }
+ else if( strcmp( q, "ed448" ) == 0 )
+ {
+ sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_ED448;
+ }
+ else if( strcmp( q, "rsa_pss_pss_sha256" ) == 0 )
+ {
+ sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_RSA_PSS_PSS_SHA256;
+ }
+ else if( strcmp( q, "rsa_pss_pss_sha384" ) == 0 )
+ {
+ sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_RSA_PSS_PSS_SHA384;
+ }
+ else if( strcmp( q, "rsa_pss_pss_sha512" ) == 0 )
+ {
+ sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_RSA_PSS_PSS_SHA512;
+ }
+ else if( strcmp( q, "rsa_pkcs1_sha1" ) == 0 )
+ {
+ sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA1;
+ }
+ else if( strcmp( q, "ecdsa_sha1" ) == 0 )
+ {
+ sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_ECDSA_SHA1;
}
else
{
- mbedtls_printf( "unknown signature algorithm %s\n", q );
- mbedtls_printf( "supported signature algorithms: " );
- mbedtls_printf( "ecdsa_secp256r1_sha256 " );
- mbedtls_printf( "ecdsa_secp384r1_sha384 " );
- mbedtls_printf( "ecdsa_secp521r1_sha512 " );
- mbedtls_printf( "rsa_pss_rsae_sha256 " );
- mbedtls_printf( "rsa_pss_rsae_sha384 " );
- mbedtls_printf( "rsa_pss_rsae_sha512 " );
- mbedtls_printf( "rsa_pkcs1_sha256 " );
+ ret = -1;
+ mbedtls_printf( "unknown signature algorithm \"%s\"\n", q );
+ mbedtls_printf( "supported signature algorithms:\n" );
+ mbedtls_printf("\trsa_pkcs1_sha256 ");
+ mbedtls_printf("rsa_pkcs1_sha384 ");
+ mbedtls_printf("rsa_pkcs1_sha512\n");
+ mbedtls_printf("\tecdsa_secp256r1_sha256 ");
+ mbedtls_printf("ecdsa_secp384r1_sha384 ");
+ mbedtls_printf("ecdsa_secp521r1_sha512\n");
+ mbedtls_printf("\trsa_pss_rsae_sha256 ");
+ mbedtls_printf("rsa_pss_rsae_sha384 ");
+ mbedtls_printf("rsa_pss_rsae_sha512\n");
+ mbedtls_printf("\trsa_pss_pss_sha256 ");
+ mbedtls_printf("rsa_pss_pss_sha384 ");
+ mbedtls_printf("rsa_pss_pss_sha512\n");
+ mbedtls_printf("\ted25519 ");
+ mbedtls_printf("ed448 ");
+ mbedtls_printf("rsa_pkcs1_sha1 ");
+ mbedtls_printf("ecdsa_sha1\n");
mbedtls_printf( "\n" );
goto exit;
}
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index 4251817..769f8c6 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -2370,7 +2370,19 @@
if( *p == ',' )
*p++ = '\0';
- if( strcmp( q, "ecdsa_secp256r1_sha256" ) == 0 )
+ if( strcmp( q, "rsa_pkcs1_sha256" ) == 0 )
+ {
+ sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA256;
+ }
+ else if( strcmp( q, "rsa_pkcs1_sha384" ) == 0 )
+ {
+ sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA384;
+ }
+ else if( strcmp( q, "rsa_pkcs1_sha512" ) == 0 )
+ {
+ sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA512;
+ }
+ else if( strcmp( q, "ecdsa_secp256r1_sha256" ) == 0 )
{
sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_ECDSA_SECP256R1_SHA256;
}
@@ -2394,21 +2406,55 @@
{
sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA512;
}
- else if( strcmp( q, "rsa_pkcs1_sha256" ) == 0 )
+ else if( strcmp( q, "ed25519" ) == 0 )
{
- sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA256;
+ sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_ED25519;
+ }
+ else if( strcmp( q, "ed448" ) == 0 )
+ {
+ sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_ED448;
+ }
+ else if( strcmp( q, "rsa_pss_pss_sha256" ) == 0 )
+ {
+ sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_RSA_PSS_PSS_SHA256;
+ }
+ else if( strcmp( q, "rsa_pss_pss_sha384" ) == 0 )
+ {
+ sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_RSA_PSS_PSS_SHA384;
+ }
+ else if( strcmp( q, "rsa_pss_pss_sha512" ) == 0 )
+ {
+ sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_RSA_PSS_PSS_SHA512;
+ }
+ else if( strcmp( q, "rsa_pkcs1_sha1" ) == 0 )
+ {
+ sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA1;
+ }
+ else if( strcmp( q, "ecdsa_sha1" ) == 0 )
+ {
+ sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_ECDSA_SHA1;
}
else
{
- mbedtls_printf( "unknown signature algorithm %s\n", q );
- mbedtls_printf( "supported signature algorithms: " );
- mbedtls_printf( "ecdsa_secp256r1_sha256 " );
- mbedtls_printf( "ecdsa_secp384r1_sha384 " );
- mbedtls_printf( "ecdsa_secp521r1_sha512 " );
- mbedtls_printf( "rsa_pss_rsae_sha256 " );
- mbedtls_printf( "rsa_pss_rsae_sha384 " );
- mbedtls_printf( "rsa_pss_rsae_sha512 " );
- mbedtls_printf( "rsa_pkcs1_sha256 " );
+ ret = -1;
+ mbedtls_printf( "unknown signature algorithm \"%s\"\n", q );
+ mbedtls_printf( "supported signature algorithms:\n" );
+ mbedtls_printf("\trsa_pkcs1_sha256 ");
+ mbedtls_printf("rsa_pkcs1_sha384 ");
+ mbedtls_printf("rsa_pkcs1_sha512\n");
+ mbedtls_printf("\tecdsa_secp256r1_sha256 ");
+ mbedtls_printf("ecdsa_secp384r1_sha384 ");
+ mbedtls_printf("ecdsa_secp521r1_sha512\n");
+ mbedtls_printf("\trsa_pss_rsae_sha256 ");
+ mbedtls_printf("rsa_pss_rsae_sha384 ");
+ mbedtls_printf("rsa_pss_rsae_sha512\n");
+ mbedtls_printf("\trsa_pss_pss_sha256 ");
+ mbedtls_printf("rsa_pss_pss_sha384 ");
+ mbedtls_printf("rsa_pss_pss_sha512\n");
+ mbedtls_printf("\ted25519 ");
+ mbedtls_printf("ed448 ");
+ mbedtls_printf("rsa_pkcs1_sha1 ");
+ mbedtls_printf("ecdsa_sha1\n");
mbedtls_printf( "\n" );
goto exit;
}