gnutls-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] client-side TLS 1.2 support

From: Daiki Ueno
Subject: Re: [PATCH] client-side TLS 1.2 support
Date: Mon, 31 Aug 2009 21:33:07 +0900
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/23.1.50 (gnu/linux) 
>>>>> In <address@hidden> 
>>>>>   Simon Josefsson <address@hidden> wrote:
> > +#define TLS_SIGN_AID_RSA_SHA1 {2, 1}
> > +#define TLS_SIGN_AID_RSA_SHA256 {4, 1}
> > +#define TLS_SIGN_AID_RSA_SHA384 {5, 1}
> > +#define TLS_SIGN_AID_RSA_SHA512 {6, 1}
> > +#define TLS_SIGN_AID_DSA_SHA1 {2, 2}
> > +#define TLS_SIGN_AID_RSA_MD5 {1, 2}

> Where does these "magic" values come from?  It was these values that I
> would prefer to use symbolic names for.

RFC5246 7.4.1.4.1. defines those values as:

      enum {
          none(0), md5(1), sha1(2), sha224(3), sha256(4), sha384(5),
          sha512(6), (255)
      } HashAlgorithm;

      enum { anonymous(0), rsa(1), dsa(2), ecdsa(3), (255) }
        SignatureAlgorithm;

I first thought of redefining GNUTLS_SIGN_* with pairs of those values
(like cipher suites definitions), but it will break the ABI...

Regards,
-- 
Daiki Ueno
reply via email to
[Prev in Thread] Current Thread [Next in Thread]