Merge pull request #10173 from SparkiDev/init_cert_sha1

Initialize certificate: default to SHA-1 when necessary
This commit is contained in:
David Garske
2026-04-12 14:46:53 -07:00
committed by GitHub
3 changed files with 63 additions and 9 deletions
+9 -1
View File
@@ -698,8 +698,16 @@ int test_wolfSSL_make_cert(void)
cert.isCA = 1;
#ifndef NO_SHA256
cert.sigType = CTC_SHA256wRSA;
#else
#elif defined(WOLFSSL_SHA384)
cert.sigType = CTC_SHA384wRSA;
#elif defined(WOLFSSL_SHA512)
cert.sigType = CTC_SHA512wRSA;
#elif defined(WOLFSSL_SHA224)
cert.sigType = CTC_SHA224wRSA;
#elif !defined(NO_SHA)
cert.sigType = CTC_SHAwRSA;
#else
#error "No signature type available"
#endif
/* add SKID from the Public Key */
+9 -3
View File
@@ -24985,10 +24985,16 @@ int wc_InitCert_ex(Cert* cert, void* heap, int devId)
XMEMSET(cert, 0, sizeof(Cert));
cert->version = 2; /* version 3 is hex 2 */
#ifndef NO_SHA
cert->sigType = CTC_SHAwRSA;
#elif !defined(NO_SHA256)
#if !defined(NO_SHA256)
cert->sigType = CTC_SHA256wRSA;
#elif defined(WOLFSSL_SHA384)
cert->sigType = CTC_SHA384wRSA;
#elif defined(WOLFSSL_SHA512)
cert->sigType = CTC_SHA512wRSA;
#elif defined(WOLFSSL_SHA224)
cert->sigType = CTC_SHA224wRSA;
#elif !defined(NO_SHA)
cert->sigType = CTC_SHAwRSA;
#else
cert->sigType = 0;
#endif
+45 -5
View File
@@ -24505,8 +24505,16 @@ static wc_test_ret_t rsa_certgen_test(RsaKey* key, RsaKey* keypub, WC_RNG* rng,
myCert->isCA = 1;
#ifndef NO_SHA256
myCert->sigType = CTC_SHA256wRSA;
#else
#elif defined(WOLFSSL_SHA384)
myCert->sigType = CTC_SHA384wRSA;
#elif defined(WOLFSSL_SHA512)
myCert->sigType = CTC_SHA512wRSA;
#elif defined(WOLFSSL_SHA224)
myCert->sigType = CTC_SHA224wRSA;
#elif !defined(NO_SHA)
myCert->sigType = CTC_SHAwRSA;
#else
#error "No signature type available"
#endif
#ifdef WOLFSSL_CERT_EXT
@@ -24652,8 +24660,16 @@ static wc_test_ret_t rsa_certgen_test(RsaKey* key, RsaKey* keypub, WC_RNG* rng,
#ifndef NO_SHA256
myCert->sigType = CTC_SHA256wRSA;
#else
#elif defined(WOLFSSL_SHA384)
myCert->sigType = CTC_SHA384wRSA;
#elif defined(WOLFSSL_SHA512)
myCert->sigType = CTC_SHA512wRSA;
#elif defined(WOLFSSL_SHA224)
myCert->sigType = CTC_SHA224wRSA;
#elif !defined(NO_SHA)
myCert->sigType = CTC_SHAwRSA;
#else
#error "No signature type available"
#endif
XMEMCPY(&myCert->subject, &certDefaultName, sizeof(CertName));
@@ -24878,8 +24894,16 @@ static wc_test_ret_t rsa_ecc_certgen_test(WC_RNG* rng, byte* tmp)
#ifndef NO_SHA256
myCert->sigType = CTC_SHA256wRSA;
#else
#elif defined(WOLFSSL_SHA384)
myCert->sigType = CTC_SHA384wRSA;
#elif defined(WOLFSSL_SHA512)
myCert->sigType = CTC_SHA512wRSA;
#elif defined(WOLFSSL_SHA224)
myCert->sigType = CTC_SHA224wRSA;
#elif !defined(NO_SHA)
myCert->sigType = CTC_SHAwRSA;
#else
#error "No signature type available"
#endif
XMEMCPY(&myCert->subject, &certDefaultName, sizeof(CertName));
@@ -25981,8 +26005,16 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rsa_test(void)
#ifndef NO_SHA256
req->sigType = CTC_SHA256wRSA;
#else
#elif defined(WOLFSSL_SHA384)
req->sigType = CTC_SHA384wRSA;
#elif defined(WOLFSSL_SHA512)
req->sigType = CTC_SHA512wRSA;
#elif defined(WOLFSSL_SHA224)
req->sigType = CTC_SHA224wRSA;
#elif !defined(NO_SHA)
req->sigType = CTC_SHAwRSA;
#else
#error "No signature type available"
#endif
#ifdef WOLFSSL_CERT_EXT
@@ -37094,8 +37126,16 @@ static wc_test_ret_t ecc_test_cert_gen(WC_RNG* rng)
#ifndef NO_SHA256
myCert->sigType = CTC_SHA256wECDSA;
#else
#elif defined(WOLFSSL_SHA384)
myCert->sigType = CTC_SHA384wECDSA;
#elif defined(WOLFSSL_SHA512)
myCert->sigType = CTC_SHA512wECDSA;
#elif defined(WOLFSSL_SHA224)
myCert->sigType = CTC_SHA224wECDSA;
#elif !defined(NO_SHA)
myCert->sigType = CTC_SHAwECDSA;
#else
#error "No signature type available"
#endif
XMEMCPY(&myCert->subject, &certDefaultName, sizeof(CertName));