Gitiles
Code Review Sign In
realtimeroboticsgroup.org / RealtimeRoboticsGroup / test / 4a42b18205ca3911a5fb484653502438e8d872eb / . / src / certificate / utils.c
blob: e9ab58c9b7974a752dfbafd85afb260c6f3cb5ea [file] [log] [blame]
James Kuszmaul4a42b182021-01-17 11:32:46 -0800[diff] [blame^]1#include "certificate.h"
2#include <rawrtc/certificate.h>
3#include <rawrtcc/code.h>
4#include <re.h>
5
6/*
7 * Translate a certificate key type to the corresponding re type.
8 */
9enum tls_keytype rawrtc_certificate_key_type_to_tls_keytype(
10 enum rawrtc_certificate_key_type const type) {
11 // No conversion needed
12 return (enum tls_keytype) type;
13}
14
15/*
16 * Translate a re key type to the corresponding rawrtc type.
17 */
18enum rawrtc_code rawrtc_tls_keytype_to_certificate_key_type(
19 enum rawrtc_certificate_key_type* const typep, // de-referenced
20 enum tls_keytype const re_type) {
21 // Check arguments
22 if (!typep) {
23 return RAWRTC_CODE_INVALID_ARGUMENT;
24 }
25
26 // Convert ice_cand_type
27 switch (re_type) {
28 case TLS_KEYTYPE_RSA:
29 *typep = RAWRTC_CERTIFICATE_KEY_TYPE_RSA;
30 return RAWRTC_CODE_SUCCESS;
31 case TLS_KEYTYPE_EC:
32 *typep = RAWRTC_CERTIFICATE_KEY_TYPE_EC;
33 return RAWRTC_CODE_SUCCESS;
34 default:
35 return RAWRTC_CODE_INVALID_ARGUMENT;
36 }
37}
38
39/*
40 * Translate a certificate sign algorithm to the corresponding re fingerprint algorithm.
41 */
42enum rawrtc_code rawrtc_certificate_sign_algorithm_to_tls_fingerprint(
43 enum tls_fingerprint* const fingerprintp, // de-referenced
44 enum rawrtc_certificate_sign_algorithm const algorithm) {
45 switch (algorithm) {
46 case RAWRTC_CERTIFICATE_SIGN_ALGORITHM_NONE:
47 return RAWRTC_CODE_INVALID_ARGUMENT;
48 case RAWRTC_CERTIFICATE_SIGN_ALGORITHM_SHA384:
49 case RAWRTC_CERTIFICATE_SIGN_ALGORITHM_SHA512:
50 // Note: SHA-384 and SHA-512 are currently not supported (needs to be added to re)
51 return RAWRTC_CODE_UNSUPPORTED_ALGORITHM;
52 default:
53 break;
54 }
55
56 // No conversion needed
57 *fingerprintp = (enum tls_fingerprint) algorithm;
58 return RAWRTC_CODE_SUCCESS;
59}
60
61/*
62 * Translate a re fingerprint algorithm to the corresponding rawrtc algorithm.
63 */
64enum rawrtc_code rawrtc_tls_fingerprint_to_certificate_sign_algorithm(
65 enum rawrtc_certificate_sign_algorithm* const algorithmp, // de-referenced
66 enum tls_fingerprint re_algorithm) {
67 // Check arguments
68 if (!algorithmp) {
69 return RAWRTC_CODE_INVALID_ARGUMENT;
70 }
71
72 // Convert ice_cand_type
73 // Note: SHA-384 and SHA-512 are currently not supported (needs to be added to libre)
74 switch (re_algorithm) {
75 case TLS_FINGERPRINT_SHA256:
76 *algorithmp = RAWRTC_CERTIFICATE_SIGN_ALGORITHM_SHA256;
77 return RAWRTC_CODE_SUCCESS;
78 default:
79 return RAWRTC_CODE_INVALID_ARGUMENT;
80 }
81}
82
83static enum rawrtc_certificate_sign_algorithm const map_enum_certificate_sign_algorithm[] = {
84 RAWRTC_CERTIFICATE_SIGN_ALGORITHM_SHA256,
85 RAWRTC_CERTIFICATE_SIGN_ALGORITHM_SHA384,
86 RAWRTC_CERTIFICATE_SIGN_ALGORITHM_SHA512,
87};
88
89static char const* const map_str_certificate_sign_algorithm[] = {
90 "sha-256",
91 "sha-384",
92 "sha-512",
93};
94
95static size_t const map_certificate_sign_algorithm_length =
96 ARRAY_SIZE(map_enum_certificate_sign_algorithm);
97
98/*
99 * Translate a certificate sign algorithm to str.
100 */
101char const* rawrtc_certificate_sign_algorithm_to_str(
102 enum rawrtc_certificate_sign_algorithm const algorithm) {
103 size_t i;
104
105 for (i = 0; i < map_certificate_sign_algorithm_length; ++i) {
106 if (map_enum_certificate_sign_algorithm[i] == algorithm) {
107 return map_str_certificate_sign_algorithm[i];
108 }
109 }
110
111 return "???";
112}
113
114/*
115 * Translate a str to a certificate sign algorithm (case-insensitive).
116 */
117enum rawrtc_code rawrtc_str_to_certificate_sign_algorithm(
118 enum rawrtc_certificate_sign_algorithm* const algorithmp, // de-referenced
119 char const* const str) {
120 size_t i;
121
122 // Check arguments
123 if (!algorithmp || !str) {
124 return RAWRTC_CODE_INVALID_ARGUMENT;
125 }
126
127 for (i = 0; i < map_certificate_sign_algorithm_length; ++i) {
128 if (str_casecmp(map_str_certificate_sign_algorithm[i], str) == 0) {
129 *algorithmp = map_enum_certificate_sign_algorithm[i];
130 return RAWRTC_CODE_SUCCESS;
131 }
132 }
133
134 return RAWRTC_CODE_NO_VALUE;
135}
136
137/*
138 * Get the EVP_MD* structure for a certificate sign algorithm type.
139 */
140EVP_MD const* rawrtc_get_sign_function(enum rawrtc_certificate_sign_algorithm const type) {
141 switch (type) {
142 case RAWRTC_CERTIFICATE_SIGN_ALGORITHM_SHA256:
143 return EVP_sha256();
144 case RAWRTC_CERTIFICATE_SIGN_ALGORITHM_SHA384:
145 return EVP_sha384();
146 case RAWRTC_CERTIFICATE_SIGN_ALGORITHM_SHA512:
147 return EVP_sha512();
148 default:
149 return NULL;
150 }
151}
152
153/*
154 * Get the length of the fingerprint to a certificate sign algorithm type.
155 */
156enum rawrtc_code rawrtc_get_sign_algorithm_length(
157 size_t* const sizep, // de-referenced
158 enum rawrtc_certificate_sign_algorithm const type) {
159 EVP_MD const* sign_function;
160 int size;
161
162 // Get sign algorithm function
163 sign_function = rawrtc_get_sign_function(type);
164 if (!sign_function) {
165 return RAWRTC_CODE_INVALID_ARGUMENT;
166 }
167
168 // Get length
169 size = EVP_MD_size(sign_function);
170 if (size < 1) {
171 return RAWRTC_CODE_UNSUPPORTED_ALGORITHM;
172 }
173
174 // Set size
175 *sizep = (size_t) size;
176 return RAWRTC_CODE_SUCCESS;
177}