Add signature algorithm and hash identifiers for TLS 1.2 and 1.3

btls/btls.h

@@ -60,9 +60,13 @@ extern "C" {
 
 #define SSL_PKEY_BIGN 9
 
-#define TLSEXT_SIGALG_bign_sign_128 0xFE01
-#define TLSEXT_SIGALG_bign_sign_192 0xFE02
-#define TLSEXT_SIGALG_bign_sign_256 0xFE03
+#define TLSEXT_SIGALG_bign_sign_128 0xE7E7
+#define TLSEXT_SIGALG_bign_sign_192 0xE8E8
+#define TLSEXT_SIGALG_bign_sign_256 0xE9E9
+
+#define TLSEXT_SIGALG_bign_with_hbelt   0xFE01
+#define TLSEXT_SIGALG_bign_with_bash384 0xFE02
+#define TLSEXT_SIGALG_bign_with_bash512 0xFE03
 
 /* ssl.h */
 #define SSL_TXT_kBDHE "kBDHE"

btls/legacy/btls.h

@@ -79,9 +79,13 @@ extern "C" {
 
 #define SSL_PKEY_BIGN 9
 
-#define TLSEXT_SIGALG_bign_sign_128 0xFE01
-#define TLSEXT_SIGALG_bign_sign_192 0xFE02
-#define TLSEXT_SIGALG_bign_sign_256 0xFE03
+#define TLSEXT_SIGALG_bign_sign_128 0xE7E7
+#define TLSEXT_SIGALG_bign_sign_192 0xE8E8
+#define TLSEXT_SIGALG_bign_sign_256 0xE9E9
+
+#define TLSEXT_SIGALG_bign_with_hbelt   0xFE01
+#define TLSEXT_SIGALG_bign_with_bash384 0xFE02
+#define TLSEXT_SIGALG_bign_with_bash512 0xFE03
 
 /* ssl.h */
 #define SSL_TXT_kBDHE "kBDHE"

btls/patch/OpenSSL_1_1_1i.patch

@@ -843,7 +843,7 @@ index cf45a40c..89b1ec42 100644
          SSLfatal(s, SSL_AD_INTERNAL_ERROR,
                   SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE,
 diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
-index 48d46f8a..bf444c1d 100644
+index 48d46f8a..580e3847 100644
 --- a/ssl/t1_lib.c
 +++ b/ssl/t1_lib.c
 @@ -20,6 +20,7 @@
@@ -874,17 +874,20 @@ index 48d46f8a..bf444c1d 100644
  };
 
  static const uint16_t suiteb_curves[] = {
-@@ -674,6 +681,9 @@ static const uint16_t tls12_sigalgs[] = {
+@@ -674,6 +681,12 @@ static const uint16_t tls12_sigalgs[] = {
      TLSEXT_SIGALG_gostr34102012_512_gostr34112012_512,
      TLSEXT_SIGALG_gostr34102001_gostr3411,
  #endif
 +    TLSEXT_SIGALG_bign_sign_128,
 +    TLSEXT_SIGALG_bign_sign_192,
-+    TLSEXT_SIGALG_bign_sign_256
++    TLSEXT_SIGALG_bign_sign_256,
++    TLSEXT_SIGALG_bign_with_hbelt,
++    TLSEXT_SIGALG_bign_with_bash384,
++    TLSEXT_SIGALG_bign_with_bash512
  };
 
  #ifndef OPENSSL_NO_EC
-@@ -769,8 +779,20 @@ static const SIGALG_LOOKUP sigalg_lookup_tbl[] = {
+@@ -769,8 +782,32 @@ static const SIGALG_LOOKUP sigalg_lookup_tbl[] = {
      {NULL, TLSEXT_SIGALG_gostr34102001_gostr3411,
       NID_id_GostR3411_94, SSL_MD_GOST94_IDX,
       NID_id_GostR3410_2001, SSL_PKEY_GOST01,
@@ -902,11 +905,23 @@ index 48d46f8a..bf444c1d 100644
 +    {NULL, TLSEXT_SIGALG_bign_sign_256,
 +     NID_bash512, SSL_MD_BASH512_IDX,
 +     NID_bign_pubkey, SSL_PKEY_BIGN,
++     NID_bign_with_bash512, NID_bign_curve512v1},
++    {NULL, TLSEXT_SIGALG_bign_with_hbelt,
++     NID_belt_hash, SSL_MD_HBELT_IDX,
++     NID_bign_pubkey, SSL_PKEY_BIGN,
++     NID_bign_with_hbelt, NID_bign_curve256v1},
++    {NULL, TLSEXT_SIGALG_bign_with_bash384,
++     NID_bash384, SSL_MD_BASH384_IDX,
++     NID_bign_pubkey, SSL_PKEY_BIGN,
++     NID_bign_with_bash384, NID_bign_curve384v1},
++    {NULL, TLSEXT_SIGALG_bign_with_bash512,
++     NID_bash512, SSL_MD_BASH512_IDX,
++     NID_bign_pubkey, SSL_PKEY_BIGN,
 +     NID_bign_with_bash512, NID_bign_curve512v1},
  };
  /* Legacy sigalgs for TLS < 1.2 RSA TLS signatures */
  static const SIGALG_LOOKUP legacy_rsa_sigalg = {
-@@ -2428,6 +2450,7 @@ void tls1_set_cert_validity(SSL *s)
+@@ -2428,6 +2465,7 @@ void tls1_set_cert_validity(SSL *s)
      tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_GOST12_512);
      tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_ED25519);
      tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_ED448);
@@ -915,7 +930,7 @@ index 48d46f8a..bf444c1d 100644
 
  /* User level utility function to check a chain is suitable */
 diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c
-index e2c397b7..bd1c519a 100644
+index e2c397b7..7da695ca 100644
 --- a/ssl/t1_trce.c
 +++ b/ssl/t1_trce.c
 @@ -443,6 +443,16 @@ static const ssl_trace_tbl ssl_ciphers_tbl[] = {
@@ -945,13 +960,16 @@ index e2c397b7..bd1c519a 100644
      {256, "ffdhe2048"},
      {257, "ffdhe3072"},
      {258, "ffdhe4096"},
-@@ -572,6 +585,9 @@ static const ssl_trace_tbl ssl_sigalg_tbl[] = {
+@@ -572,6 +585,12 @@ static const ssl_trace_tbl ssl_sigalg_tbl[] = {
      {TLSEXT_SIGALG_gostr34102012_256_gostr34112012_256, "gost2012_256"},
      {TLSEXT_SIGALG_gostr34102012_512_gostr34112012_512, "gost2012_512"},
      {TLSEXT_SIGALG_gostr34102001_gostr3411, "gost2001_gost94"},
 +	{TLSEXT_SIGALG_bign_sign_128, "bign_auth128"},
 +	{TLSEXT_SIGALG_bign_sign_192, "bign_auth192"},
 +	{TLSEXT_SIGALG_bign_sign_256, "bign_auth256"},
++    {TLSEXT_SIGALG_bign_with_hbelt, "bign_with_hbelt"},
++    {TLSEXT_SIGALG_bign_with_bash384, "bign_with_bash384"},
++    {TLSEXT_SIGALG_bign_with_bash512, "bign_with_bash512"},
  };
 
  static const ssl_trace_tbl ssl_ctype_tbl[] = {

btls/patch/openssl-3.3.1.patch

@@ -900,7 +900,7 @@ index 5ff479a..e3c05b7 100644
          SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_UNKNOWN_CIPHER_TYPE);
          goto err;
 diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
-index e9aa078..157fb7e 100644
+index e9aa078..bc09ce4 100644
 --- a/ssl/t1_lib.c
 +++ b/ssl/t1_lib.c
 @@ -26,6 +26,7 @@
@@ -953,17 +953,20 @@ index e9aa078..157fb7e 100644
 
      return ret;
  }
-@@ -1372,6 +1383,9 @@ static const uint16_t tls12_sigalgs[] = {
+@@ -1372,6 +1383,12 @@ static const uint16_t tls12_sigalgs[] = {
      TLSEXT_SIGALG_gostr34102012_512_gostr34112012_512,
      TLSEXT_SIGALG_gostr34102001_gostr3411,
  #endif
 +    TLSEXT_SIGALG_bign_sign_128,
 +    TLSEXT_SIGALG_bign_sign_192,
-+    TLSEXT_SIGALG_bign_sign_256
++    TLSEXT_SIGALG_bign_sign_256,
++    TLSEXT_SIGALG_bign_with_hbelt,
++    TLSEXT_SIGALG_bign_with_bash384,
++    TLSEXT_SIGALG_bign_with_bash512
  };
 
 
-@@ -1479,8 +1493,20 @@ static const SIGALG_LOOKUP sigalg_lookup_tbl[] = {
+@@ -1479,8 +1496,32 @@ static const SIGALG_LOOKUP sigalg_lookup_tbl[] = {
      {NULL, TLSEXT_SIGALG_gostr34102001_gostr3411,
       NID_id_GostR3411_94, SSL_MD_GOST94_IDX,
       NID_id_GostR3410_2001, SSL_PKEY_GOST01,
@@ -981,19 +984,31 @@ index e9aa078..157fb7e 100644
 +    {"bign256", TLSEXT_SIGALG_bign_sign_256,
 +     NID_bash512, SSL_MD_BASH512_IDX,
 +     NID_bign_pubkey, SSL_PKEY_BIGN,
++     NID_bign_with_bash512, NID_bign_curve512v1, 1},
++    {"bign_with_hbelt", TLSEXT_SIGALG_bign_with_hbelt,
++     NID_belt_hash, SSL_MD_HBELT_IDX,
++     NID_bign_pubkey, SSL_PKEY_BIGN,
++     NID_bign_with_hbelt, NID_bign_curve256v1, 1},
++    {"bign_with_bash384", TLSEXT_SIGALG_bign_with_bash384,
++     NID_bash384, SSL_MD_BASH384_IDX,
++     NID_bign_pubkey, SSL_PKEY_BIGN,
++     NID_bign_with_bash384, NID_bign_curve384v1, 1},
++    {"bign_with_bash512", TLSEXT_SIGALG_bign_with_bash512,
++     NID_bash512, SSL_MD_BASH512_IDX,
++     NID_bign_pubkey, SSL_PKEY_BIGN,
 +     NID_bign_with_bash512, NID_bign_curve512v1, 1},
  };
  /* Legacy sigalgs for TLS < 1.2 RSA TLS signatures */
  static const SIGALG_LOOKUP legacy_rsa_sigalg = {
-@@ -3398,6 +3424,7 @@ void tls1_set_cert_validity(SSL_CONNECTION *s)
+@@ -3398,6 +3439,7 @@ void tls1_set_cert_validity(SSL_CONNECTION *s)
      tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_GOST12_512);
      tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_ED25519);
      tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_ED448);
 +    tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_BIGN);
  }
 
  /* User level utility function to check a chain is suitable */
-@@ -3608,10 +3635,18 @@ static int check_cert_usable(SSL_CONNECTION *s, const SIGALG_LOOKUP *sig,
+@@ -3608,10 +3650,18 @@ static int check_cert_usable(SSL_CONNECTION *s, const SIGALG_LOOKUP *sig,
      const char *mdname = NULL;
      SSL_CTX *sctx = SSL_CONNECTION_GET_CTX(s);
 
@@ -1013,7 +1028,7 @@ index e9aa078..157fb7e 100644
          mdname = OBJ_nid2sn(sig->hash);
      supported = EVP_PKEY_digestsign_supports_digest(pkey, sctx->libctx,
 diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c
-index 29dce65..a034917 100644
+index 29dce65..e87a0f6 100644
 --- a/ssl/t1_trce.c
 +++ b/ssl/t1_trce.c
 @@ -449,6 +449,16 @@ static const ssl_trace_tbl ssl_ciphers_tbl[] = {
@@ -1033,13 +1048,16 @@ index 29dce65..a034917 100644
  };
 
  /* Compression methods */
-@@ -597,6 +607,9 @@ static const ssl_trace_tbl ssl_sigalg_tbl[] = {
+@@ -597,6 +607,12 @@ static const ssl_trace_tbl ssl_sigalg_tbl[] = {
      {TLSEXT_SIGALG_ecdsa_brainpoolP256r1_sha256, "ecdsa_brainpoolP256r1_sha256"},
      {TLSEXT_SIGALG_ecdsa_brainpoolP384r1_sha384, "ecdsa_brainpoolP384r1_sha384"},
      {TLSEXT_SIGALG_ecdsa_brainpoolP512r1_sha512, "ecdsa_brainpoolP512r1_sha512"},
 +    {TLSEXT_SIGALG_bign_sign_128, "bign_auth128"},
 +    {TLSEXT_SIGALG_bign_sign_192, "bign_auth192"},
 +    {TLSEXT_SIGALG_bign_sign_256, "bign_auth256"},
++    {TLSEXT_SIGALG_bign_with_hbelt, "bign_with_hbelt"},
++    {TLSEXT_SIGALG_bign_with_bash384, "bign_with_bash384"},
++    {TLSEXT_SIGALG_bign_with_bash512, "bign_with_bash512"},
  };
 
  static const ssl_trace_tbl ssl_ctype_tbl[] = {

btls/patch/openssl-3.5.5.patch

@@ -882,7 +882,7 @@ index 6079176..514390b 100644
          SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_UNKNOWN_CIPHER_TYPE);
          goto err;
 diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
-index cd471a6..d5f6f23 100644
+index cd471a6..ae0fb7c 100644
 --- a/ssl/t1_lib.c
 +++ b/ssl/t1_lib.c
 @@ -28,6 +28,7 @@
@@ -934,17 +934,20 @@ index cd471a6..d5f6f23 100644
 
      return ret;
  }
-@@ -1955,6 +1963,9 @@ static const uint16_t tls12_sigalgs[] = {
+@@ -1955,6 +1963,12 @@ static const uint16_t tls12_sigalgs[] = {
      TLSEXT_SIGALG_gostr34102012_512_gostr34112012_512,
      TLSEXT_SIGALG_gostr34102001_gostr3411,
  #endif
 +    TLSEXT_SIGALG_bign_sign_128,
 +    TLSEXT_SIGALG_bign_sign_192,
-+    TLSEXT_SIGALG_bign_sign_256
++    TLSEXT_SIGALG_bign_sign_256,
++    TLSEXT_SIGALG_bign_with_hbelt,
++    TLSEXT_SIGALG_bign_with_bash384,
++    TLSEXT_SIGALG_bign_with_bash512
  };
 
  static const uint16_t suiteb_sigalgs[] = {
-@@ -2140,6 +2151,24 @@ static const SIGALG_LOOKUP sigalg_lookup_tbl[] = {
+@@ -2140,6 +2154,42 @@ static const SIGALG_LOOKUP sigalg_lookup_tbl[] = {
          NID_undef, NID_undef, 1, 0,
          TLS1_2_VERSION, TLS1_2_VERSION, DTLS1_2_VERSION, DTLS1_2_VERSION },
  #endif
@@ -965,19 +968,37 @@ index cd471a6..d5f6f23 100644
 +        NID_bash512, SSL_MD_BASH512_IDX,
 +        NID_bign_pubkey, SSL_PKEY_BIGN,
 +        NID_bign_with_bash512, NID_bign_curve512v1, 1, 0,
++        TLS1_2_VERSION, 0, DTLS1_2_VERSION, 0},
++    { "bign_with_hbelt",
++        NULL, TLSEXT_SIGALG_bign_with_hbelt,
++        NID_belt_hash, SSL_MD_HBELT_IDX,
++        NID_bign_pubkey, SSL_PKEY_BIGN,
++        NID_bign_with_hbelt, NID_bign_curve256v1, 1, 0,
++        TLS1_2_VERSION, 0, DTLS1_2_VERSION, 0},
++    { "bign_with_bash384",
++        NULL, TLSEXT_SIGALG_bign_with_bash384,
++        NID_bash384, SSL_MD_BASH384_IDX,
++        NID_bign_pubkey, SSL_PKEY_BIGN,
++        NID_bign_with_bash384, NID_bign_curve384v1, 1, 0,
++        TLS1_2_VERSION, 0, DTLS1_2_VERSION, 0},
++    { "bign_with_bash512",
++        NULL, TLSEXT_SIGALG_bign_with_bash512,
++        NID_bash512, SSL_MD_BASH512_IDX,
++        NID_bign_pubkey, SSL_PKEY_BIGN,
++        NID_bign_with_bash512, NID_bign_curve512v1, 1, 0,
 +        TLS1_2_VERSION, 0, DTLS1_2_VERSION, 0},
  };
  /* Legacy sigalgs for TLS < 1.2 RSA TLS signatures */
  static const SIGALG_LOOKUP legacy_rsa_sigalg = {
-@@ -4262,6 +4291,7 @@ void tls1_set_cert_validity(SSL_CONNECTION *s)
+@@ -4262,6 +4312,7 @@ void tls1_set_cert_validity(SSL_CONNECTION *s)
      tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_GOST12_512);
      tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_ED25519);
      tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_ED448);
 +    tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_BIGN);
  }
 
  /* User level utility function to check a chain is suitable */
-@@ -4472,6 +4502,12 @@ static int check_cert_usable(SSL_CONNECTION *s, const SIGALG_LOOKUP *sig,
+@@ -4472,6 +4523,12 @@ static int check_cert_usable(SSL_CONNECTION *s, const SIGALG_LOOKUP *sig,
      const char *mdname = NULL;
      SSL_CTX *sctx = SSL_CONNECTION_GET_CTX(s);
 
@@ -991,7 +1012,7 @@ index cd471a6..d5f6f23 100644
       * If the given EVP_PKEY cannot support signing with this digest,
       * the answer is simply 'no'.
 diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c
-index e8075d0..cd52197 100644
+index e8075d0..6326aee 100644
 --- a/ssl/t1_trce.c
 +++ b/ssl/t1_trce.c
 @@ -453,6 +453,16 @@ static const ssl_trace_tbl ssl_ciphers_tbl[] = {
@@ -1011,17 +1032,20 @@ index e8075d0..cd52197 100644
  };
 
  /* Compression methods */
-@@ -607,6 +617,9 @@ static const ssl_trace_tbl ssl_sigalg_tbl[] = {
+@@ -607,6 +617,12 @@ static const ssl_trace_tbl ssl_sigalg_tbl[] = {
      { TLSEXT_SIGALG_ecdsa_brainpoolP256r1_sha256, TLSEXT_SIGALG_ecdsa_brainpoolP256r1_sha256_name },
      { TLSEXT_SIGALG_ecdsa_brainpoolP384r1_sha384, TLSEXT_SIGALG_ecdsa_brainpoolP384r1_sha384_name },
      { TLSEXT_SIGALG_ecdsa_brainpoolP512r1_sha512, TLSEXT_SIGALG_ecdsa_brainpoolP512r1_sha512_name },
 +    { TLSEXT_SIGALG_bign_sign_128, "bign_auth128" },
 +    { TLSEXT_SIGALG_bign_sign_192, "bign_auth192" },
 +    { TLSEXT_SIGALG_bign_sign_256, "bign_auth256" },
++    { TLSEXT_SIGALG_bign_with_hbelt, "bign_with_hbelt" },
++    { TLSEXT_SIGALG_bign_with_bash384, "bign_with_bash384" },
++    { TLSEXT_SIGALG_bign_with_bash512, "bign_with_bash512" },  
      /*
       * Well known groups that we happen to know about, but only come from
       * provider capability declarations (hence no macros for the
-@@ -614,7 +627,7 @@ static const ssl_trace_tbl ssl_sigalg_tbl[] = {
+@@ -614,7 +630,7 @@ static const ssl_trace_tbl ssl_sigalg_tbl[] = {
       */
      { 0x0904, "mldsa44" },
      { 0x0905, "mldsa65" },