From: Tobias Brunner <tobias@strongswan.org>
Date: Mon, 23 Feb 2015 16:38:05 +0000 (+0100)
Subject: public-key: Add helper to map signature schemes to ASN.1 OIDs
X-Git-Tag: 5.3.0dr1~39^2~26
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=353294ea5c0783ac6a338fd0a863d7cd377ead6a;p=thirdparty%2Fstrongswan.git

public-key: Add helper to map signature schemes to ASN.1 OIDs

There is a similar function to map key_type_t and hasher_t to an OID,
but this maps schemes directly (and to use the other function we'd
have to have a function to map schemes to hash algorithms first).
---

diff --git a/src/libstrongswan/credentials/keys/public_key.c b/src/libstrongswan/credentials/keys/public_key.c
index 54ab15baea..b6e521692a 100644
--- a/src/libstrongswan/credentials/keys/public_key.c
+++ b/src/libstrongswan/credentials/keys/public_key.c
@@ -143,9 +143,52 @@ signature_scheme_t signature_scheme_from_oid(int oid)
 			return SIGN_BLISS_WITH_SHA256;
 		case OID_BLISS_WITH_SHA384:
 			return SIGN_BLISS_WITH_SHA384;
-		default:
-			return SIGN_UNKNOWN;
 	}
+	return SIGN_UNKNOWN;
+}
+
+/*
+ * Defined in header.
+ */
+int signature_scheme_to_oid(signature_scheme_t scheme)
+{
+	switch (scheme)
+	{
+		case SIGN_UNKNOWN:
+		case SIGN_RSA_EMSA_PKCS1_NULL:
+		case SIGN_ECDSA_WITH_NULL:
+		case SIGN_ECDSA_256:
+		case SIGN_ECDSA_384:
+		case SIGN_ECDSA_521:
+			break;
+		case SIGN_RSA_EMSA_PKCS1_MD5:
+			return OID_MD5_WITH_RSA;
+		case SIGN_RSA_EMSA_PKCS1_SHA1:
+			return OID_SHA1_WITH_RSA;
+		case SIGN_RSA_EMSA_PKCS1_SHA224:
+			return OID_SHA224_WITH_RSA;
+		case SIGN_RSA_EMSA_PKCS1_SHA256:
+			return OID_SHA256_WITH_RSA;
+		case SIGN_RSA_EMSA_PKCS1_SHA384:
+			return OID_SHA384_WITH_RSA;
+		case SIGN_RSA_EMSA_PKCS1_SHA512:
+			return OID_SHA512_WITH_RSA;
+		case SIGN_ECDSA_WITH_SHA1_DER:
+			return OID_ECDSA_WITH_SHA1;
+		case SIGN_ECDSA_WITH_SHA256_DER:
+			return OID_ECDSA_WITH_SHA256;
+		case SIGN_ECDSA_WITH_SHA384_DER:
+			return OID_ECDSA_WITH_SHA384;
+		case SIGN_ECDSA_WITH_SHA512_DER:
+			return OID_ECDSA_WITH_SHA512;
+		case SIGN_BLISS_WITH_SHA256:
+			return OID_BLISS_WITH_SHA256;
+		case SIGN_BLISS_WITH_SHA384:
+			return OID_BLISS_WITH_SHA384;
+		case SIGN_BLISS_WITH_SHA512:
+			return OID_BLISS_WITH_SHA512;
+	}
+	return OID_UNKNOWN;
 }
 
 /*
diff --git a/src/libstrongswan/credentials/keys/public_key.h b/src/libstrongswan/credentials/keys/public_key.h
index f4ec09b7ef..a106663703 100644
--- a/src/libstrongswan/credentials/keys/public_key.h
+++ b/src/libstrongswan/credentials/keys/public_key.h
@@ -244,10 +244,18 @@ bool public_key_has_fingerprint(public_key_t *public, chunk_t fingerprint);
  * Conversion of ASN.1 signature or hash OID to signature scheme.
  *
  * @param oid			ASN.1 OID
- * @return				signature_scheme, SIGN_UNKNOWN if OID is unsupported
+ * @return				signature scheme, SIGN_UNKNOWN if OID is unsupported
  */
 signature_scheme_t signature_scheme_from_oid(int oid);
 
+/**
+ * Conversion of signature scheme to ASN.1 signature OID.
+ *
+ * @param scheme		signature scheme
+ * @return				ASN.1 OID, OID_UNKNOWN if not supported
+ */
+int signature_scheme_to_oid(signature_scheme_t scheme);
+
 /**
  * Determine the type of key associated with a given signature scheme.
  *