1 /*************************************************************************** 2 * Copyright (c) 2024 Microsoft Corporation 3 * 4 * This program and the accompanying materials are made available under the 5 * terms of the MIT License which is available at 6 * https://opensource.org/licenses/MIT. 7 * 8 * SPDX-License-Identifier: MIT 9 **************************************************************************/ 10 11 12 /**************************************************************************/ 13 /**************************************************************************/ 14 /** */ 15 /** NetX Secure Component */ 16 /** */ 17 /** X.509 Digital Certificates */ 18 /** */ 19 /**************************************************************************/ 20 /**************************************************************************/ 21 22 #define NX_SECURE_SOURCE_CODE 23 24 25 #include "nx_secure_x509.h" 26 27 /**************************************************************************/ 28 /* */ 29 /* FUNCTION RELEASE */ 30 /* */ 31 /* _nx_secure_x509_find_certificate_methods PORTABLE C */ 32 /* 6.1.6 */ 33 /* AUTHOR */ 34 /* */ 35 /* Timothy Stapko, Microsoft Corporation */ 36 /* */ 37 /* DESCRIPTION */ 38 /* */ 39 /* This function finds crypto methods specified in a certificate. */ 40 /* */ 41 /* INPUT */ 42 /* */ 43 /* cert Pointer to X509 certificate */ 44 /* signature_algorithm Id for signature method */ 45 /* crypto_methods Return matching table entry */ 46 /* */ 47 /* OUTPUT */ 48 /* */ 49 /* status Completion status */ 50 /* */ 51 /* CALLS */ 52 /* */ 53 /* None */ 54 /* */ 55 /* CALLED BY */ 56 /* */ 57 /* _nx_secure_x509_certificate_verify Verify a certificate */ 58 /* _nx_secure_x509_crl_verify Verify revocation list */ 59 /* _nx_secure_tls_process_certificate_verify */ 60 /* Process CertificateVerify */ 61 /* _nx_secure_tls_process_server_key_exchange */ 62 /* Process ServerKeyExchange */ 63 /* _nx_secure_tls_send_certificate_verify */ 64 /* Send certificate verify */ 65 /* */ 66 /* RELEASE HISTORY */ 67 /* */ 68 /* DATE NAME DESCRIPTION */ 69 /* */ 70 /* 05-19-2020 Timothy Stapko Initial Version 6.0 */ 71 /* 09-30-2020 Timothy Stapko Modified comment(s), */ 72 /* resulting in version 6.1 */ 73 /* 04-02-2021 Timothy Stapko Modified comment(s), */ 74 /* removed dependency on TLS, */ 75 /* resulting in version 6.1.6 */ 76 /* */ 77 /**************************************************************************/ _nx_secure_x509_find_certificate_methods(NX_SECURE_X509_CERT * cert,USHORT signature_algorithm,NX_SECURE_X509_CRYPTO ** crypto_methods)78UINT _nx_secure_x509_find_certificate_methods(NX_SECURE_X509_CERT *cert, USHORT signature_algorithm, 79 NX_SECURE_X509_CRYPTO **crypto_methods) 80 { 81 SHORT index; 82 83 /* The number of ciphersuites is very small so a linear search should be fine. */ 84 for (index = 0; index < cert -> nx_secure_x509_cipher_table_size; ++index) 85 { 86 /* See if the ciphersuite is supported. */ 87 if (cert -> nx_secure_x509_cipher_table[index].nx_secure_x509_crypto_identifier == signature_algorithm) 88 { 89 *crypto_methods = &cert -> nx_secure_x509_cipher_table[index]; 90 return(NX_SECURE_X509_SUCCESS); 91 } 92 } 93 94 /* No entry found, crypto routines unknown. */ 95 *crypto_methods = NX_CRYPTO_NULL; 96 return(NX_SECURE_X509_UNKNOWN_CERT_SIG_ALGORITHM); 97 } 98 99
