[PATCH] client-side TLS 1.2 support

Simon Josefsson simon at josefsson.org
Mon Aug 31 14:22:36 CEST 2009


Daiki Ueno <ueno at unixuser.org> writes:

>>>>>> In <87zl9gdxte.fsf at mocca.josefsson.org> 
>>>>>>	Simon Josefsson <simon at josefsson.org> wrote:
>> >  static const gnutls_sign_entry sign_algorithms[] = {
>> >    {"RSA-SHA", SIG_RSA_SHA1_OID, GNUTLS_SIGN_RSA_SHA1, GNUTLS_PK_RSA,
>> > -   GNUTLS_MAC_SHA1},
>> > +   GNUTLS_MAC_SHA1, {2, 1}},
>> >    {"RSA-SHA256", SIG_RSA_SHA256_OID, GNUTLS_SIGN_RSA_SHA256, GNUTLS_PK_RSA,
>> > -   GNUTLS_MAC_SHA256},
>> > +   GNUTLS_MAC_SHA256, {4, 1}},
>
>> Please define some constants here instead of using hard coded values.
>
> OK, here it is:

Thanks.

> +#define TLS_SIGN_AID_RSA_SHA1 {2, 1}
> +#define TLS_SIGN_AID_RSA_SHA256 {4, 1}
> +#define TLS_SIGN_AID_RSA_SHA384 {5, 1}
> +#define TLS_SIGN_AID_RSA_SHA512 {6, 1}
> +#define TLS_SIGN_AID_DSA_SHA1 {2, 2}
> +#define TLS_SIGN_AID_RSA_MD5 {1, 2}

Where does these "magic" values come from?  It was these values that I
would prefer to use symbolic names for.

/Simon





More information about the Gnutls-devel mailing list