diff --git a/src/ssl.c b/src/ssl.c index 4362f95f1..90626cac4 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -13310,9 +13310,16 @@ int wolfSSL_RSA_sign(int type, const unsigned char* m, return 0; } - if (type != NID_md5 && type != NID_sha1) { - WOLFSSL_MSG("Bad md type"); - return 0; + switch (type) { + case NID_md2: break; + case NID_md5: break; + case NID_sha1: break; + case NID_sha256: break; + case NID_sha384: break; + case NID_sha512: break; + default: + WOLFSSL_MSG("This NID_ is not yet implemented"); + return 0; } if (rsa->inSet == 0) @@ -13356,7 +13363,16 @@ int wolfSSL_RSA_sign(int type, const unsigned char* m, } if (rng) { - type = (type == NID_md5) ? MD5h : SHAh; + + switch (type) { + case NID_md2: type = MD2h; break; + case NID_md5: type = MD5h; break; + case NID_sha1: type = SHAh; break; + case NID_sha256: type = SHA256h; break; + case NID_sha384: type = SHA384h; break; + case NID_sha512: type = SHA512h; break; + /* no default, already checked if NID is supported */ + } signSz = wc_EncodeSignature(encodedSig, m, mLen, type); if (signSz == 0) { diff --git a/wolfssl/openssl/evp.h b/wolfssl/openssl/evp.h index 6d3449f07..6ea1443e5 100644 --- a/wolfssl/openssl/evp.h +++ b/wolfssl/openssl/evp.h @@ -132,6 +132,7 @@ enum { EVP_PKEY_EC = 13, IDEA_CBC_TYPE = 14, NID_sha1 = 64, + NID_md2 = 3, NID_md5 = 4 }; diff --git a/wolfssl/openssl/rsa.h b/wolfssl/openssl/rsa.h index 2db993b65..210a24e4c 100644 --- a/wolfssl/openssl/rsa.h +++ b/wolfssl/openssl/rsa.h @@ -17,6 +17,13 @@ enum { RSA_PKCS1_PADDING = 1 }; +/* rsaTypes */ +enum { + NID_sha256 = 672, + NID_sha384 = 673, + NID_sha512 = 674 +}; + struct WOLFSSL_RSA { WOLFSSL_BIGNUM* n; WOLFSSL_BIGNUM* e;