Explicitly mention SHA2 algorithm in BLISS OIDs and signature schemes
authorAndreas Steffen <andreas.steffen@strongswan.org>
Fri, 6 Nov 2015 13:55:10 +0000 (14:55 +0100)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Fri, 6 Nov 2015 13:55:31 +0000 (14:55 +0100)
12 files changed:
src/libcharon/plugins/stroke/stroke_config.c
src/libstrongswan/asn1/oid.txt
src/libstrongswan/credentials/keys/public_key.c
src/libstrongswan/credentials/keys/public_key.h
src/libstrongswan/crypto/hashers/hasher.c
src/libstrongswan/plugins/bliss/bliss_plugin.c
src/libstrongswan/plugins/bliss/bliss_private_key.c
src/libstrongswan/plugins/bliss/bliss_public_key.c
src/libstrongswan/plugins/bliss/tests/suites/test_bliss_sign.c
src/libstrongswan/plugins/x509/x509_ocsp_request.c
src/libstrongswan/tests/suites/test_hasher.c
src/libstrongswan/tests/suites/test_utils.c

index f717194..68cf830 100644 (file)
@@ -346,9 +346,9 @@ static void parse_pubkey_constraints(char *auth, auth_cfg_t *cfg)
                        { "sha256",             SIGN_ECDSA_256,                                 KEY_ECDSA,      },
                        { "sha384",             SIGN_ECDSA_384,                                 KEY_ECDSA,      },
                        { "sha512",             SIGN_ECDSA_521,                                 KEY_ECDSA,      },
-                       { "sha256",             SIGN_BLISS_WITH_SHA256,                 KEY_BLISS,      },
-                       { "sha384",             SIGN_BLISS_WITH_SHA384,                 KEY_BLISS,      },
-                       { "sha512",             SIGN_BLISS_WITH_SHA512,                 KEY_BLISS,      },
+                       { "sha256",             SIGN_BLISS_WITH_SHA2_256,               KEY_BLISS,      },
+                       { "sha384",             SIGN_BLISS_WITH_SHA2_384,               KEY_BLISS,      },
+                       { "sha512",             SIGN_BLISS_WITH_SHA2_512,               KEY_BLISS,      },
                };
 
                if (rsa_len || ecdsa_len || bliss_strength)
index d691426..64dedcb 100644 (file)
                     0x07     "BLISS-B-III"                             OID_BLISS_B_III
                     0x08     "BLISS-B-IV"                              OID_BLISS_B_IV
                   0x03       "blissSigType"
-                    0x01     "BLISS-with-SHA512"               OID_BLISS_WITH_SHA512
-                    0x02     "BLISS-with-SHA384"               OID_BLISS_WITH_SHA384
-                    0x03     "BLISS-with-SHA256"               OID_BLISS_WITH_SHA256
+                    0x01     "BLISS-with-SHA2-512"             OID_BLISS_WITH_SHA2_512
+                    0x02     "BLISS-with-SHA2-384"             OID_BLISS_WITH_SHA2_384
+                    0x03     "BLISS-with-SHA2-256"             OID_BLISS_WITH_SHA2_256
                     0x04     "BLISS-with-SHA3-512"             OID_BLISS_WITH_SHA3_512
                     0x05     "BLISS-with-SHA3-384"             OID_BLISS_WITH_SHA3_384
                     0x06     "BLISS-with-SHA3-256"             OID_BLISS_WITH_SHA3_256
index 3ffa9b9..d6f211a 100644 (file)
@@ -27,7 +27,7 @@ ENUM(key_type_names, KEY_ANY, KEY_BLISS,
        "BLISS"
 );
 
-ENUM(signature_scheme_names, SIGN_UNKNOWN, SIGN_BLISS_WITH_SHA512,
+ENUM(signature_scheme_names, SIGN_UNKNOWN, SIGN_BLISS_WITH_SHA3_512,
        "UNKNOWN",
        "RSA_EMSA_PKCS1_NULL",
        "RSA_EMSA_PKCS1_MD5",
@@ -44,9 +44,9 @@ ENUM(signature_scheme_names, SIGN_UNKNOWN, SIGN_BLISS_WITH_SHA512,
        "ECDSA-256",
        "ECDSA-384",
        "ECDSA-521",
-       "BLISS_WITH_SHA256",
-       "BLISS_WITH_SHA384",
-       "BLISS_WITH_SHA512",
+       "BLISS_WITH_SHA2_256",
+       "BLISS_WITH_SHA2_384",
+       "BLISS_WITH_SHA2_512",
        "BLISS_WITH_SHA3_256",
        "BLISS_WITH_SHA3_384",
        "BLISS_WITH_SHA3_512",
@@ -140,12 +140,12 @@ signature_scheme_t signature_scheme_from_oid(int oid)
                case OID_ECDSA_WITH_SHA512:
                        return SIGN_ECDSA_WITH_SHA512_DER;
                case OID_BLISS_PUBLICKEY:
-               case OID_BLISS_WITH_SHA512:
-                       return SIGN_BLISS_WITH_SHA512;
-               case OID_BLISS_WITH_SHA384:
-                       return SIGN_BLISS_WITH_SHA384;
-               case OID_BLISS_WITH_SHA256:
-                       return SIGN_BLISS_WITH_SHA256;
+               case OID_BLISS_WITH_SHA2_512:
+                       return SIGN_BLISS_WITH_SHA2_512;
+               case OID_BLISS_WITH_SHA2_384:
+                       return SIGN_BLISS_WITH_SHA2_384;
+               case OID_BLISS_WITH_SHA2_256:
+                       return SIGN_BLISS_WITH_SHA2_256;
                case OID_BLISS_WITH_SHA3_512:
                        return SIGN_BLISS_WITH_SHA3_512;
                case OID_BLISS_WITH_SHA3_384:
@@ -190,12 +190,12 @@ int signature_scheme_to_oid(signature_scheme_t scheme)
                        return OID_ECDSA_WITH_SHA384;
                case SIGN_ECDSA_WITH_SHA512_DER:
                        return OID_ECDSA_WITH_SHA512;
-               case SIGN_BLISS_WITH_SHA256:
-                       return OID_BLISS_WITH_SHA256;
-               case SIGN_BLISS_WITH_SHA384:
-                       return OID_BLISS_WITH_SHA384;
-               case SIGN_BLISS_WITH_SHA512:
-                       return OID_BLISS_WITH_SHA512;
+               case SIGN_BLISS_WITH_SHA2_256:
+                       return OID_BLISS_WITH_SHA2_256;
+               case SIGN_BLISS_WITH_SHA2_384:
+                       return OID_BLISS_WITH_SHA2_384;
+               case SIGN_BLISS_WITH_SHA2_512:
+                       return OID_BLISS_WITH_SHA2_512;
                case SIGN_BLISS_WITH_SHA3_256:
                        return OID_BLISS_WITH_SHA3_256;
                case SIGN_BLISS_WITH_SHA3_384:
@@ -222,9 +222,9 @@ static struct {
        { SIGN_ECDSA_WITH_SHA256_DER, KEY_ECDSA, 256 },
        { SIGN_ECDSA_WITH_SHA384_DER, KEY_ECDSA, 384 },
        { SIGN_ECDSA_WITH_SHA512_DER, KEY_ECDSA, 0 },
-       { SIGN_BLISS_WITH_SHA256,     KEY_BLISS, 128 },
-       { SIGN_BLISS_WITH_SHA384,     KEY_BLISS, 192 },
-       { SIGN_BLISS_WITH_SHA512,     KEY_BLISS, 0 },
+       { SIGN_BLISS_WITH_SHA2_256,   KEY_BLISS, 128 },
+       { SIGN_BLISS_WITH_SHA2_384,   KEY_BLISS, 192 },
+       { SIGN_BLISS_WITH_SHA2_512,   KEY_BLISS, 0 }
 };
 
 /**
@@ -299,9 +299,9 @@ key_type_t key_type_from_signature_scheme(signature_scheme_t scheme)
                case SIGN_ECDSA_384:
                case SIGN_ECDSA_521:
                        return KEY_ECDSA;
-               case SIGN_BLISS_WITH_SHA256:
-               case SIGN_BLISS_WITH_SHA384:
-               case SIGN_BLISS_WITH_SHA512:
+               case SIGN_BLISS_WITH_SHA2_256:
+               case SIGN_BLISS_WITH_SHA2_384:
+               case SIGN_BLISS_WITH_SHA2_512:
                case SIGN_BLISS_WITH_SHA3_256:
                case SIGN_BLISS_WITH_SHA3_384:
                case SIGN_BLISS_WITH_SHA3_512:
index 38c04f5..ce48f9b 100644 (file)
@@ -94,12 +94,12 @@ enum signature_scheme_t {
        SIGN_ECDSA_384,
        /** ECDSA on the P-521 curve with SHA-512 as in RFC 4754           */
        SIGN_ECDSA_521,
-       /** BLISS with SHA-256                                             */
-       SIGN_BLISS_WITH_SHA256,
-       /** BLISS with SHA-384                                             */
-       SIGN_BLISS_WITH_SHA384,
-       /** BLISS with SHA-512                                             */
-       SIGN_BLISS_WITH_SHA512,
+       /** BLISS with SHA-2_256                                           */
+       SIGN_BLISS_WITH_SHA2_256,
+       /** BLISS with SHA-2_384                                           */
+       SIGN_BLISS_WITH_SHA2_384,
+       /** BLISS with SHA-2_512                                           */
+       SIGN_BLISS_WITH_SHA2_512,
        /** BLISS with SHA-3_256                                           */
        SIGN_BLISS_WITH_SHA3_256,
        /** BLISS with SHA-3_384                                           */
index d936e12..8e3b7de 100644 (file)
@@ -387,11 +387,11 @@ int hasher_signature_algorithm_to_oid(hash_algorithm_t alg, key_type_t key)
                        switch (alg)
                        {
                                case HASH_SHA256:
-                                       return OID_BLISS_WITH_SHA256;
+                                       return OID_BLISS_WITH_SHA2_256;
                                case HASH_SHA384:
-                                       return OID_BLISS_WITH_SHA384;
+                                       return OID_BLISS_WITH_SHA2_384;
                                case HASH_SHA512:
-                                       return OID_BLISS_WITH_SHA512;
+                                       return OID_BLISS_WITH_SHA2_512;
                                case HASH_SHA3_256:
                                        return OID_BLISS_WITH_SHA3_256;
                                case HASH_SHA3_384:
@@ -427,19 +427,19 @@ hash_algorithm_t hasher_from_signature_scheme(signature_scheme_t scheme)
                case SIGN_RSA_EMSA_PKCS1_SHA256:
                case SIGN_ECDSA_WITH_SHA256_DER:
                case SIGN_ECDSA_256:
-               case SIGN_BLISS_WITH_SHA256:
+               case SIGN_BLISS_WITH_SHA2_256:
                case SIGN_BLISS_WITH_SHA3_256:
                        return HASH_SHA256;
                case SIGN_RSA_EMSA_PKCS1_SHA384:
                case SIGN_ECDSA_WITH_SHA384_DER:
                case SIGN_ECDSA_384:
-               case SIGN_BLISS_WITH_SHA384:
+               case SIGN_BLISS_WITH_SHA2_384:
                case SIGN_BLISS_WITH_SHA3_384:
                        return HASH_SHA384;
                case SIGN_RSA_EMSA_PKCS1_SHA512:
                case SIGN_ECDSA_WITH_SHA512_DER:
                case SIGN_ECDSA_521:
-               case SIGN_BLISS_WITH_SHA512:
+               case SIGN_BLISS_WITH_SHA2_512:
                case SIGN_BLISS_WITH_SHA3_512:
                        return HASH_SHA512;
        }
index 07597c3..4adcf1e 100644 (file)
@@ -55,19 +55,31 @@ METHOD(plugin_t, get_features, int,
                PLUGIN_REGISTER(PUBKEY, bliss_public_key_load, TRUE),
                        PLUGIN_PROVIDE(PUBKEY, KEY_ANY),
                /* signature schemes, private */
-               PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_BLISS_WITH_SHA256),
+               PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_BLISS_WITH_SHA2_256),
                        PLUGIN_DEPENDS(HASHER, HASH_SHA256),
-               PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_BLISS_WITH_SHA384),
+               PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_BLISS_WITH_SHA2_384),
                        PLUGIN_DEPENDS(HASHER, HASH_SHA384),
-               PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_BLISS_WITH_SHA512),
+               PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_BLISS_WITH_SHA2_512),
                        PLUGIN_DEPENDS(HASHER, HASH_SHA512),
+               PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_BLISS_WITH_SHA3_256),
+                       PLUGIN_DEPENDS(HASHER, HASH_SHA3_256),
+               PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_BLISS_WITH_SHA3_384),
+                       PLUGIN_DEPENDS(HASHER, HASH_SHA3_384),
+               PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_BLISS_WITH_SHA3_512),
+                       PLUGIN_DEPENDS(HASHER, HASH_SHA3_512),
                /* signature verification schemes */
-               PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_BLISS_WITH_SHA256),
+               PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_BLISS_WITH_SHA2_256),
                        PLUGIN_DEPENDS(HASHER, HASH_SHA256),
-               PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_BLISS_WITH_SHA384),
+               PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_BLISS_WITH_SHA2_384),
                        PLUGIN_DEPENDS(HASHER, HASH_SHA384),
-               PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_BLISS_WITH_SHA512),
+               PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_BLISS_WITH_SHA2_512),
                        PLUGIN_DEPENDS(HASHER, HASH_SHA512),
+               PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_BLISS_WITH_SHA3_256),
+                       PLUGIN_DEPENDS(HASHER, HASH_SHA3_256),
+               PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_BLISS_WITH_SHA3_384),
+                       PLUGIN_DEPENDS(HASHER, HASH_SHA3_384),
+               PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_BLISS_WITH_SHA3_512),
+                       PLUGIN_DEPENDS(HASHER, HASH_SHA3_512),
        };
        *features = f;
 
index 22c194b..20bbc6a 100644 (file)
@@ -511,11 +511,11 @@ METHOD(private_key_t, sign, bool,
 {
        switch (scheme)
        {
-               case SIGN_BLISS_WITH_SHA256:
+               case SIGN_BLISS_WITH_SHA2_256:
                        return sign_bliss(this, HASH_SHA256, data, signature);
-               case SIGN_BLISS_WITH_SHA384:
+               case SIGN_BLISS_WITH_SHA2_384:
                        return sign_bliss(this, HASH_SHA384, data, signature);
-               case SIGN_BLISS_WITH_SHA512:
+               case SIGN_BLISS_WITH_SHA2_512:
                        return sign_bliss(this, HASH_SHA512, data, signature);
                case SIGN_BLISS_WITH_SHA3_256:
                        return sign_bliss(this, HASH_SHA3_256, data, signature);
index ba34bf4..93d1165 100644 (file)
@@ -193,11 +193,11 @@ METHOD(public_key_t, verify, bool,
 {
        switch (scheme)
        {
-               case SIGN_BLISS_WITH_SHA256:
+               case SIGN_BLISS_WITH_SHA2_256:
                        return verify_bliss(this, HASH_SHA256, data, signature);
-               case SIGN_BLISS_WITH_SHA384:
+               case SIGN_BLISS_WITH_SHA2_384:
                        return verify_bliss(this, HASH_SHA384, data, signature);
-               case SIGN_BLISS_WITH_SHA512:
+               case SIGN_BLISS_WITH_SHA2_512:
                        return verify_bliss(this, HASH_SHA512, data, signature);
                case SIGN_BLISS_WITH_SHA3_256:
                        return verify_bliss(this, HASH_SHA3_256, data, signature);
index 8b4e9cb..a3e4420 100644 (file)
@@ -36,13 +36,13 @@ START_TEST(test_bliss_sign_all)
                switch (k)
                {
                        case 1:
-                               signature_scheme = SIGN_BLISS_WITH_SHA256;
+                               signature_scheme = SIGN_BLISS_WITH_SHA2_256;
                                break;
                        case 2:
-                               signature_scheme = SIGN_BLISS_WITH_SHA384;
+                               signature_scheme = SIGN_BLISS_WITH_SHA2_384;
                                break;
                        default:
-                               signature_scheme = SIGN_BLISS_WITH_SHA512;
+                               signature_scheme = SIGN_BLISS_WITH_SHA2_512;
                }
 
                /* enforce BLISS-B key for k = 2, 3 */
@@ -176,14 +176,14 @@ START_TEST(test_bliss_sign_fail)
 
        /* generate valid signature */
        msg = chunk_from_str("Hello Dolly!");
-       ck_assert(privkey->sign(privkey, SIGN_BLISS_WITH_SHA512, msg, &signature));
+       ck_assert(privkey->sign(privkey, SIGN_BLISS_WITH_SHA2_512, msg, &signature));
 
        /* verify with invalid signature scheme */
        ck_assert(!pubkey->verify(pubkey, SIGN_UNKNOWN, msg, signature));
 
        /* corrupt signature */
        signature.ptr[signature.len - 1] ^= 0x80;
-       ck_assert(!pubkey->verify(pubkey, SIGN_BLISS_WITH_SHA512, msg, signature));
+       ck_assert(!pubkey->verify(pubkey, SIGN_BLISS_WITH_SHA2_512, msg, signature));
 
        free(signature.ptr);
        privkey->destroy(privkey);
index eb5b019..e32f8ee 100644 (file)
@@ -266,8 +266,8 @@ static chunk_t build_optionalSignature(private_x509_ocsp_request_t *this,
                        scheme = SIGN_ECDSA_WITH_SHA1_DER;
                        break;
                case KEY_BLISS:
-                       oid = OID_BLISS_WITH_SHA512;
-                       scheme = SIGN_BLISS_WITH_SHA512;
+                       oid = OID_BLISS_WITH_SHA2_512;
+                       scheme = SIGN_BLISS_WITH_SHA2_512;
                        break;
                default:
                        DBG1(DBG_LIB, "unable to sign OCSP request, %N signature not "
index 14cc321..07a6aca 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2013 Andreas Steffen
+ * Copyright (C) 2013-2015 Andreas Steffen
  * HSR Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
@@ -28,30 +28,38 @@ typedef struct {
 }hasher_oid_t;
 
 static hasher_oid_t oids[] = {
-       { OID_MD2, HASH_MD2, KEY_ANY },
-       { OID_MD5, HASH_MD5, KEY_ANY },
-       { OID_SHA1, HASH_SHA1, KEY_ANY },
-       { OID_SHA224, HASH_SHA224, KEY_ANY },
-       { OID_SHA256, HASH_SHA256, KEY_ANY },
-       { OID_SHA384, HASH_SHA384, KEY_ANY },
-       { OID_SHA512, HASH_SHA512, KEY_ANY },
-       { OID_UNKNOWN, HASH_UNKNOWN, KEY_ANY },
-       { OID_MD2_WITH_RSA, HASH_MD2, KEY_RSA },
-       { OID_MD5_WITH_RSA, HASH_MD5, KEY_RSA },
-       { OID_SHA1_WITH_RSA, HASH_SHA1, KEY_RSA },
-       { OID_SHA224_WITH_RSA, HASH_SHA224, KEY_RSA },
-       { OID_SHA256_WITH_RSA, HASH_SHA256, KEY_RSA },
-       { OID_SHA384_WITH_RSA, HASH_SHA384, KEY_RSA },
-       { OID_SHA512_WITH_RSA, HASH_SHA512, KEY_RSA },
-       { OID_UNKNOWN, HASH_UNKNOWN, KEY_RSA },
-       { OID_ECDSA_WITH_SHA1, HASH_SHA1, KEY_ECDSA },
-       { OID_ECDSA_WITH_SHA256, HASH_SHA256, KEY_ECDSA },
-       { OID_ECDSA_WITH_SHA384, HASH_SHA384, KEY_ECDSA },
-       { OID_ECDSA_WITH_SHA512, HASH_SHA512, KEY_ECDSA },
-       { OID_BLISS_WITH_SHA256, HASH_SHA256, KEY_BLISS },
-       { OID_BLISS_WITH_SHA384, HASH_SHA384, KEY_BLISS },
-       { OID_BLISS_WITH_SHA512, HASH_SHA512, KEY_BLISS },
-       { OID_UNKNOWN, HASH_UNKNOWN, KEY_ECDSA }
+       { OID_MD2, HASH_MD2, KEY_ANY },                         /*  0 */
+       { OID_MD5, HASH_MD5, KEY_ANY },                         /*  1 */
+       { OID_SHA1, HASH_SHA1, KEY_ANY },                       /*  2 */
+       { OID_SHA224, HASH_SHA224, KEY_ANY },                   /*  3 */
+       { OID_SHA256, HASH_SHA256, KEY_ANY },                   /*  4 */
+       { OID_SHA384, HASH_SHA384, KEY_ANY },                   /*  5 */
+       { OID_SHA512, HASH_SHA512, KEY_ANY },                   /*  6 */
+       { OID_SHA3_224, HASH_SHA3_224, KEY_ANY },               /*  7 */
+       { OID_SHA3_256, HASH_SHA3_256, KEY_ANY },               /*  8 */
+       { OID_SHA3_384, HASH_SHA3_384, KEY_ANY },               /*  9 */
+       { OID_SHA3_512, HASH_SHA3_512, KEY_ANY },               /* 10 */
+       { OID_UNKNOWN, HASH_UNKNOWN, KEY_ANY },                 /* 11 */
+       { OID_MD2_WITH_RSA, HASH_MD2, KEY_RSA },                /* 12 */
+       { OID_MD5_WITH_RSA, HASH_MD5, KEY_RSA },                /* 13 */
+       { OID_SHA1_WITH_RSA, HASH_SHA1, KEY_RSA },              /* 14 */
+       { OID_SHA224_WITH_RSA, HASH_SHA224, KEY_RSA },          /* 15 */
+       { OID_SHA256_WITH_RSA, HASH_SHA256, KEY_RSA },          /* 16 */
+       { OID_SHA384_WITH_RSA, HASH_SHA384, KEY_RSA },          /* 17 */
+       { OID_SHA512_WITH_RSA, HASH_SHA512, KEY_RSA },          /* 18 */
+       { OID_UNKNOWN, HASH_UNKNOWN, KEY_RSA },                 /* 19 */
+       { OID_ECDSA_WITH_SHA1, HASH_SHA1, KEY_ECDSA },          /* 20 */
+       { OID_ECDSA_WITH_SHA256, HASH_SHA256, KEY_ECDSA },      /* 21 */
+       { OID_ECDSA_WITH_SHA384, HASH_SHA384, KEY_ECDSA },      /* 22 */
+       { OID_ECDSA_WITH_SHA512, HASH_SHA512, KEY_ECDSA },      /* 23 */
+       { OID_UNKNOWN, HASH_UNKNOWN, KEY_ECDSA },               /* 24 */
+       { OID_BLISS_WITH_SHA2_256, HASH_SHA256, KEY_BLISS },    /* 25 */
+       { OID_BLISS_WITH_SHA2_384, HASH_SHA384, KEY_BLISS },    /* 26 */
+       { OID_BLISS_WITH_SHA2_512, HASH_SHA512, KEY_BLISS },    /* 27 */
+       { OID_BLISS_WITH_SHA3_256, HASH_SHA3_256, KEY_BLISS },  /* 28 */
+       { OID_BLISS_WITH_SHA3_384, HASH_SHA3_384, KEY_BLISS },  /* 29 */
+       { OID_BLISS_WITH_SHA3_512, HASH_SHA3_512, KEY_BLISS },  /* 30 */
+       { OID_UNKNOWN, HASH_UNKNOWN, KEY_BLISS }                /* 31 */
 };
 
 START_TEST(test_hasher_from_oid)
@@ -169,11 +177,11 @@ Suite *hasher_suite_create()
        suite_add_tcase(s, tc);
 
        tc = tcase_create("to_oid");
-       tcase_add_loop_test(tc, test_hasher_to_oid, 0, 8);
+       tcase_add_loop_test(tc, test_hasher_to_oid, 0, 12);
        suite_add_tcase(s, tc);
 
        tc = tcase_create("sig_to_oid");
-       tcase_add_loop_test(tc, test_hasher_sig_to_oid, 7, countof(oids));
+       tcase_add_loop_test(tc, test_hasher_sig_to_oid, 11, countof(oids));
        suite_add_tcase(s, tc);
 
        tc = tcase_create("from_prf");
index b38f2cb..104b0b2 100644 (file)
@@ -789,9 +789,9 @@ static struct {
        {KEY_ECDSA,  256, { SIGN_ECDSA_WITH_SHA256_DER, SIGN_ECDSA_WITH_SHA384_DER, SIGN_ECDSA_WITH_SHA512_DER, SIGN_UNKNOWN }},
        {KEY_ECDSA,  384, { SIGN_ECDSA_WITH_SHA384_DER, SIGN_ECDSA_WITH_SHA512_DER, SIGN_UNKNOWN }},
        {KEY_ECDSA,  512, { SIGN_ECDSA_WITH_SHA512_DER, SIGN_UNKNOWN }},
-       {KEY_BLISS,  128, { SIGN_BLISS_WITH_SHA256, SIGN_BLISS_WITH_SHA384, SIGN_BLISS_WITH_SHA512, SIGN_UNKNOWN }},
-       {KEY_BLISS,  192, { SIGN_BLISS_WITH_SHA384, SIGN_BLISS_WITH_SHA512, SIGN_UNKNOWN }},
-       {KEY_BLISS,  256, { SIGN_BLISS_WITH_SHA512, SIGN_UNKNOWN }},
+       {KEY_BLISS,  128, { SIGN_BLISS_WITH_SHA2_256, SIGN_BLISS_WITH_SHA2_384, SIGN_BLISS_WITH_SHA2_512, SIGN_UNKNOWN }},
+       {KEY_BLISS,  192, { SIGN_BLISS_WITH_SHA2_384, SIGN_BLISS_WITH_SHA2_512, SIGN_UNKNOWN }},
+       {KEY_BLISS,  256, { SIGN_BLISS_WITH_SHA2_512, SIGN_UNKNOWN }},
 };
 
 START_TEST(test_signature_schemes_for_key)