summaryrefslogtreecommitdiff
path: root/src/sbearssl/sbearssl_choose_algos_rsa.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/sbearssl/sbearssl_choose_algos_rsa.c')
-rw-r--r--src/sbearssl/sbearssl_choose_algos_rsa.c43
1 files changed, 43 insertions, 0 deletions
diff --git a/src/sbearssl/sbearssl_choose_algos_rsa.c b/src/sbearssl/sbearssl_choose_algos_rsa.c
new file mode 100644
index 0000000..d1f7e19
--- /dev/null
+++ b/src/sbearssl/sbearssl_choose_algos_rsa.c
@@ -0,0 +1,43 @@
+/* ISC license. */
+
+#include <bearssl.h>
+
+#include <s6-networking/sbearssl.h>
+#include "sbearssl-internal.h"
+
+int sbearssl_choose_algos_rsa (br_ssl_server_context const *sc, br_ssl_server_choices *choices, unsigned int usages)
+{
+ size_t n ;
+ unsigned int hash_id = 0 ;
+ int fh ;
+ br_suite_translated const *st = br_ssl_server_get_client_suites(sc, &n) ;
+ if (sc->eng.session.version < BR_TLS12) fh = 1 ;
+ else
+ {
+ hash_id = sbearssl_choose_hash(br_ssl_server_get_client_hashes(sc)) ;
+ fh = !!hash_id ;
+ }
+ for (size_t i = 0 ; i < n ; i++)
+ {
+ unsigned int tt = st[i][1] ;
+ switch (tt >> 12)
+ {
+ case BR_SSLKEYX_RSA :
+ if (usages & BR_KEYTYPE_KEYX)
+ {
+ choices->cipher_suite = st[i][0] ;
+ return 1 ;
+ }
+ break ;
+ case BR_SSLKEYX_ECDHE_RSA :
+ if ((usages & BR_KEYTYPE_SIGN) && fh)
+ {
+ choices->cipher_suite = st[i][0] ;
+ choices->algo_id = hash_id + 0xff00 ;
+ return 1 ;
+ }
+ break ;
+ }
+ }
+ return 0 ;
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-19 22:10:25 +0000