t1_lib.c - OpenGrok cross reference for /third_party/openssl/ssl/t1

Lines Matching defs:sig
1180         if (!EVP_PKEY_set_type(tmpkey, lu->sig)) {
1185         /* If unable to create pctx we assume the sig algorithm is unavailable */
1387  * Called by servers only. Checks that we have a sig alg that supports the
1408         if (lu->sig == EVP_PKEY_EC
1465 int tls12_check_peer_sigalg(SSL *s, uint16_t sig, EVP_PKEY *pkey)
1489     lu = tls1_lookup_sigalg(s, sig);
1496         || (pkeyid != lu->sig
1497         && (lu->sig != EVP_PKEY_RSA_PSS || pkeyid != EVP_PKEY_RSA))) {
1534                 if (sig != TLSEXT_SIGALG_ecdsa_secp256r1_sha256
1535                     && sig != TLSEXT_SIGALG_ecdsa_secp384r1_sha384) {
1550         if (sig == *sent_sigs)
1567     sigalgstr[0] = (sig >> 8) & 0xff;
1568     sigalgstr[1] = sig & 0xff;
1586     *pnid = s->s3.tmp.peer_sigalg->sig;
1594     *pnid = s->s3.tmp.sigalg->sig;
2058     if (SSL_IS_TLS13(s) && lu->sig == EVP_PKEY_DSA)
2065         && (lu->sig == EVP_PKEY_DSA || lu->hash_idx == SSL_MD_SHA1_IDX
2074     if (lu->sig == NID_id_GostR3410_2012_256
2075             || lu->sig == NID_id_GostR3410_2012_512
2076             || lu->sig == NID_id_GostR3410_2001) {
2077         /* We never allow GOST sig algs on the server with TLSv1.3 */
2088              * sig algs if we could negotiate TLSv1.2 or below and we have GOST
2174             || (lu->sig != EVP_PKEY_RSA
2326         /* Ignore PKCS1 based sig algs in TLSv1.3 */
2327         if (SSL_IS_TLS13(s) && sigptr->sig == EVP_PKEY_RSA)
2356             *psign = lu != NULL ? lu->sig : NID_undef;
2379         *psign = shsigalgs->sig;
2436      * name.  If not, match both sig+hash to find the needed SIGALG_LOOKUP.
2437      * Just sig+hash is not unique since TLS 1.3 adds rsa_pss_pss_* and
2463             if (s->hash == hash_alg && s->sig == sig_alg) {
2484  * form sig+hash e.g. RSA+SHA512:DSA+SHA512
2488     sig_cb_st sig;
2489     sig.sigalgcnt = 0;
2490     if (!CONF_parse_list(str, ':', 1, sig_cb, &sig))
2494     return tls1_set_raw_sigalgs(c, sig.sigalgs, sig.sigalgcnt, client);
2540             if (curr->hash == md_id && curr->sig == sig_id) {
2742                 if (lu != NULL && lu->hash == NID_sha1 && lu->sig == rsign)
3068 static int check_cert_usable(SSL *s, const SIGALG_LOOKUP *sig, X509 *x,
3080     if (sig->hash != NID_undef)
3081         mdname = OBJ_nid2sn(sig->hash);
3106             if (mdnid == lu->hash && pknid == lu->sig)
3121  * with signature scheme |sig|.
3126 static int has_usable_cert(SSL *s, const SIGALG_LOOKUP *sig, int idx)
3128     /* TLS 1.2 callers can override sig->sig_idx, but not TLS 1.3 callers. */
3130         idx = sig->sig_idx;
3134     return check_cert_usable(s, sig, s->cert->pkeys[idx].x509,
3140  * specified signature scheme |sig|, or false otherwise.
3142 static int is_cert_usable(SSL *s, const SIGALG_LOOKUP *sig, X509 *x,
3150     /* Check the key is consistent with the sig alg */
3151     if ((int)idx != sig->sig_idx)
3154     return check_cert_usable(s, sig, x, pkey);
3176             || lu->sig == EVP_PKEY_DSA
3177             || lu->sig == EVP_PKEY_RSA)
3189         if (lu->sig == EVP_PKEY_EC) {
3194         } else if (lu->sig == EVP_PKEY_RSA_PSS) {
3273                     if (lu->sig == EVP_PKEY_RSA_PSS) {