diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2017-01-25 23:28:57 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2017-01-30 13:00:16 +0000 |
commit | 42ef7aead2b310a183e53a4d336a6706395b5c17 (patch) | |
tree | ced5f5016b35fb04c2ef84277efb73b3646e8de5 /apps/s_cb.c | |
parent | 5554facbe7f1ef4945fc03ae0a447c2396a80ef7 (diff) |
Add SSL_get_peer_signature_type_nid() function.
Add function to retrieve signature type: in the case of RSA
keys the signature type can be EVP_PKEY_RSA or EVP_PKEY_RSA_PSS.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2301)
Diffstat (limited to 'apps/s_cb.c')
-rw-r--r-- | apps/s_cb.c | 39 |
1 files changed, 28 insertions, 11 deletions
diff --git a/apps/s_cb.c b/apps/s_cb.c index 5026d904c7..2c7fce5272 100644 --- a/apps/s_cb.c +++ b/apps/s_cb.c @@ -213,6 +213,26 @@ static void ssl_print_client_cert_types(BIO *bio, SSL *s) BIO_puts(bio, "\n"); } +static const char *get_sigtype(int nid) +{ + switch (nid) { + case EVP_PKEY_RSA: + return "RSA"; + + case EVP_PKEY_RSA_PSS: + return "RSA-PSS"; + + case EVP_PKEY_DSA: + return "DSA"; + + case EVP_PKEY_EC: + return "ECDSA"; + + default: + return NULL; + } +} + static int do_print_sigalgs(BIO *out, SSL *s, int shared) { int i, nsig, client; @@ -241,14 +261,7 @@ static int do_print_sigalgs(BIO *out, SSL *s, int shared) SSL_get_sigalgs(s, i, &sign_nid, &hash_nid, NULL, &rsign, &rhash); if (i) BIO_puts(out, ":"); - if (sign_nid == EVP_PKEY_RSA) - sstr = "RSA"; - else if (sign_nid == EVP_PKEY_RSA_PSS) - sstr = "RSA-PSS"; - else if (sign_nid == EVP_PKEY_DSA) - sstr = "DSA"; - else if (sign_nid == EVP_PKEY_EC) - sstr = "ECDSA"; + sstr= get_sigtype(sign_nid); if (sstr) BIO_printf(out, "%s+", sstr); else @@ -264,13 +277,15 @@ static int do_print_sigalgs(BIO *out, SSL *s, int shared) int ssl_print_sigalgs(BIO *out, SSL *s) { - int mdnid; + int nid; if (!SSL_is_server(s)) ssl_print_client_cert_types(out, s); do_print_sigalgs(out, s, 0); do_print_sigalgs(out, s, 1); - if (SSL_get_peer_signature_nid(s, &mdnid)) - BIO_printf(out, "Peer signing digest: %s\n", OBJ_nid2sn(mdnid)); + if (SSL_get_peer_signature_nid(s, &nid)) + BIO_printf(out, "Peer signing digest: %s\n", OBJ_nid2sn(nid)); + if (SSL_get_peer_signature_type_nid(s, &nid)) + BIO_printf(bio_err, "Peer signature type: %s\n", get_sigtype(nid)); return 1; } @@ -1090,6 +1105,8 @@ void print_ssl_summary(SSL *s) BIO_puts(bio_err, "\n"); if (SSL_get_peer_signature_nid(s, &nid)) BIO_printf(bio_err, "Hash used: %s\n", OBJ_nid2sn(nid)); + if (SSL_get_peer_signature_type_nid(s, &nid)) + BIO_printf(bio_err, "Signature type: %s\n", get_sigtype(nid)); print_verify_detail(s, bio_err); } else BIO_puts(bio_err, "No peer certificate\n"); |