blob: d1f7e19ae85c82708f63c7b6e95b403a19280120 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
|
/* ISC license. */
#include <bearssl.h>
#include <s6-networking/sbearssl.h>
#include "sbearssl-internal.h"
int sbearssl_choose_algos_rsa (br_ssl_server_context const *sc, br_ssl_server_choices *choices, unsigned int usages)
{
size_t n ;
unsigned int hash_id = 0 ;
int fh ;
br_suite_translated const *st = br_ssl_server_get_client_suites(sc, &n) ;
if (sc->eng.session.version < BR_TLS12) fh = 1 ;
else
{
hash_id = sbearssl_choose_hash(br_ssl_server_get_client_hashes(sc)) ;
fh = !!hash_id ;
}
for (size_t i = 0 ; i < n ; i++)
{
unsigned int tt = st[i][1] ;
switch (tt >> 12)
{
case BR_SSLKEYX_RSA :
if (usages & BR_KEYTYPE_KEYX)
{
choices->cipher_suite = st[i][0] ;
return 1 ;
}
break ;
case BR_SSLKEYX_ECDHE_RSA :
if ((usages & BR_KEYTYPE_SIGN) && fh)
{
choices->cipher_suite = st[i][0] ;
choices->algo_id = hash_id + 0xff00 ;
return 1 ;
}
break ;
}
}
return 0 ;
}
|
