DSA: More conforming names in crypto/dsa/dsa_aid.c

Made macro names that refer to a known base OID, an commented accordingly.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10557)

diff --git a/crypto/dsa/dsa_aid.c b/crypto/dsa/dsa_aid.c
index 759e5c90e1b1f40dbd6ab451bf2b9b367eab0c14..505e2e2f4088953a64c39f9f666dd2f702736998 100644 (file)
--- a/crypto/dsa/dsa_aid.c
+++ b/crypto/dsa/dsa_aid.c
@@ -15,31 +15,37 @@
 #define ASN1_SEQUENCE 0x30
 #define ASN1_OID 0x06
 
-/* dsaWithSHA OIDs are of the form: (1 3 14 3 2 |n|) */
-#define ENCODE_ALGORITHMIDENTIFIER_SHA(name, n)                         \
+/*
+ * id-dsa-with-sha1 OBJECT IDENTIFIER ::=  {
+ *     iso(1) member-body(2) us(840) x9-57(10040) x9cm(4) 3
+ * }
+ */
+#define ENCODE_ALGORITHMIDENTIFIER_RFC3279(name, n)                     \
     static const unsigned char algorithmidentifier_##name##_der[] = {   \
-        ASN1_SEQUENCE, 0x07,                                            \
-          ASN1_OID, 0x05, 1 * 40 + 3, 14, 3, 2, n                       \
+        ASN1_SEQUENCE, 0x09,                                            \
+          ASN1_OID, 0x07, 1 * 40 + 2, 134, 72, 206, 56, 4, n            \
 }
 
-ENCODE_ALGORITHMIDENTIFIER_SHA(sha, 13);
-ENCODE_ALGORITHMIDENTIFIER_SHA(sha1, 27);
+ENCODE_ALGORITHMIDENTIFIER_RFC3279(sha1, 3);
 
-/* dsaWithSHA OIDs are of the form: (2 16 840 1 101 3 4 3 |n|) */
-#define ENCODE_ALGORITHMIDENTIFIER_SHAx(name, n)                        \
+/*
+ * dsaWithSHAx OIDs are of the form: (sigAlgs |n|)
+ * where sigAlgs OBJECT IDENTIFIER ::= { 2 16 840 1 101 3 4 3 }
+ */
+#define ENCODE_ALGORITHMIDENTIFIER_SIGALGS(name, n)                     \
     static const unsigned char algorithmidentifier_##name##_der[] = {   \
         ASN1_SEQUENCE, 0x0b,                                            \
           ASN1_OID, 0x09, 2 * 40 + 16, 0x86, 0x48, 1, 101, 3, 4, 3, n   \
 }
 
-ENCODE_ALGORITHMIDENTIFIER_SHAx(sha224, 1);
-ENCODE_ALGORITHMIDENTIFIER_SHAx(sha256, 2);
-ENCODE_ALGORITHMIDENTIFIER_SHAx(sha384, 3);
-ENCODE_ALGORITHMIDENTIFIER_SHAx(sha512, 4);
-ENCODE_ALGORITHMIDENTIFIER_SHAx(sha3_224, 5);
-ENCODE_ALGORITHMIDENTIFIER_SHAx(sha3_256, 6);
-ENCODE_ALGORITHMIDENTIFIER_SHAx(sha3_384, 7);
-ENCODE_ALGORITHMIDENTIFIER_SHAx(sha3_512, 8);
+ENCODE_ALGORITHMIDENTIFIER_SIGALGS(sha224, 1);
+ENCODE_ALGORITHMIDENTIFIER_SIGALGS(sha256, 2);
+ENCODE_ALGORITHMIDENTIFIER_SIGALGS(sha384, 3);
+ENCODE_ALGORITHMIDENTIFIER_SIGALGS(sha512, 4);
+ENCODE_ALGORITHMIDENTIFIER_SIGALGS(sha3_224, 5);
+ENCODE_ALGORITHMIDENTIFIER_SIGALGS(sha3_256, 6);
+ENCODE_ALGORITHMIDENTIFIER_SIGALGS(sha3_384, 7);
+ENCODE_ALGORITHMIDENTIFIER_SIGALGS(sha3_512, 8);
 
 #define MD_CASE(name)                                                   \
     case NID_##name:                                                    \
@@ -49,7 +55,6 @@ ENCODE_ALGORITHMIDENTIFIER_SHAx(sha3_512, 8);
 const unsigned char *dsa_algorithmidentifier_encoding(int md_nid, size_t *len)
 {
     switch (md_nid) {
-        MD_CASE(sha);
         MD_CASE(sha1);
         MD_CASE(sha224);
         MD_CASE(sha256);