diff options
| author | Michael Brown <mcb30@ipxe.org> | 2015-08-02 16:54:24 +0100 |
|---|---|---|
| committer | Michael Brown <mcb30@ipxe.org> | 2015-08-02 16:54:24 +0100 |
| commit | b1caa48e4bb3f15e7eb749e0c3470436ebff3435 (patch) | |
| tree | 8ce3bbef596e98c102585672186f3e586dd1c27e /src/config/config_crypto.c | |
| parent | 93370488acb9fedc06527bb0baf89cc2ce82a0a8 (diff) | |
| download | ipxe-b1caa48e4bb3f15e7eb749e0c3470436ebff3435.tar.gz | |
[crypto] Support SHA-{224,384,512} in X.509 certificates
Add support for SHA-224, SHA-384, and SHA-512 as digest algorithms in
X.509 certificates, and allow the choice of public-key, cipher, and
digest algorithms to be configured at build time via config/crypto.h.
Originally-implemented-by: Tufan Karadere <tufank@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Diffstat (limited to 'src/config/config_crypto.c')
| -rw-r--r-- | src/config/config_crypto.c | 76 |
1 files changed, 76 insertions, 0 deletions
diff --git a/src/config/config_crypto.c b/src/config/config_crypto.c new file mode 100644 index 000000000..1e125d8ab --- /dev/null +++ b/src/config/config_crypto.c @@ -0,0 +1,76 @@ +/* + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License as + * published by the Free Software Foundation; either version 2 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + * 02110-1301, USA. + * + * You can also choose to distribute this program under the terms of + * the Unmodified Binary Distribution Licence (as given in the file + * COPYING.UBDL), provided that you have satisfied its requirements. + */ + +FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); + +#include <config/crypto.h> + +/** @file + * + * Cryptographic configuration + * + * Cryptographic configuration is slightly messy since we need to drag + * in objects based on combinations of build options. + */ + +PROVIDE_REQUIRING_SYMBOL(); + +/* RSA and MD5 */ +#if defined ( CRYPTO_PUBKEY_RSA ) && defined ( CRYPTO_DIGEST_MD5 ) +REQUIRE_OBJECT ( rsa_md5 ); +#endif + +/* RSA and SHA-1 */ +#if defined ( CRYPTO_PUBKEY_RSA ) && defined ( CRYPTO_DIGEST_SHA1 ) +REQUIRE_OBJECT ( rsa_sha1 ); +#endif + +/* RSA and SHA-224 */ +#if defined ( CRYPTO_PUBKEY_RSA ) && defined ( CRYPTO_DIGEST_SHA224 ) +REQUIRE_OBJECT ( rsa_sha224 ); +#endif + +/* RSA and SHA-256 */ +#if defined ( CRYPTO_PUBKEY_RSA ) && defined ( CRYPTO_DIGEST_SHA256 ) +REQUIRE_OBJECT ( rsa_sha256 ); +#endif + +/* RSA and SHA-384 */ +#if defined ( CRYPTO_PUBKEY_RSA ) && defined ( CRYPTO_DIGEST_SHA384 ) +REQUIRE_OBJECT ( rsa_sha384 ); +#endif + +/* RSA and SHA-512 */ +#if defined ( CRYPTO_PUBKEY_RSA ) && defined ( CRYPTO_DIGEST_SHA512 ) +REQUIRE_OBJECT ( rsa_sha512 ); +#endif + +/* RSA, AES-CBC, and SHA-1 */ +#if defined ( CRYPTO_PUBKEY_RSA ) && defined ( CRYPTO_CIPHER_AES_CBC ) && \ + defined ( CRYPTO_DIGEST_SHA1 ) +REQUIRE_OBJECT ( rsa_aes_cbc_sha1 ); +#endif + +/* RSA, AES-CBC, and SHA-256 */ +#if defined ( CRYPTO_PUBKEY_RSA ) && defined ( CRYPTO_CIPHER_AES_CBC ) && \ + defined ( CRYPTO_DIGEST_SHA256 ) +REQUIRE_OBJECT ( rsa_aes_cbc_sha256 ); +#endif |