Add compatibility functions for sigalgs

Node.js recently added an option to override signature algorithms in nodejs/node#29598
which make use of several NIDs and SSL_get_shared_sigalgs. This CL adds
NIDs for Ed448 (but does not implement it) and a shim function for
SSL_get_shared_sigalgs that simply returns 0. This enables Electron to
reduce its patch surface.

Change-Id: I833d30b0248ca68ebce4767dd58d5f087fd1e18e
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/38404
Reviewed-by: David Benjamin <[email protected]>
Commit-Queue: David Benjamin <[email protected]>

crypto/obj/obj_dat.h

@@ -57,7 +57,7 @@
 /* This file is generated by crypto/obj/objects.go. */
 
 
-#define NUM_NID 960
+#define NUM_NID 961
 
 static const uint8_t kObjectData[] = {
     /* NID_rsadsi */
@@ -7115,6 +7115,10 @@ static const uint8_t kObjectData[] = {
     0x2b,
     0x65,
     0x70,
+    /* NID_ED448 */
+    0x2b,
+    0x65,
+    0x71,
 };
 
 static const ASN1_OBJECT kObjects[NUM_NID] = {
@@ -8756,6 +8760,7 @@ static const ASN1_OBJECT kObjects[NUM_NID] = {
     {"KxANY", "kx-any", NID_kx_any, 0, NULL, 0},
     {"AuthANY", "auth-any", NID_auth_any, 0, NULL, 0},
     {"CECPQ2", "CECPQ2", NID_CECPQ2, 0, NULL, 0},
+    {"ED448", "ED448", NID_ED448, 3, &kObjectData[6178], 0},
 };
 
 static const unsigned kNIDsInShortNameOrder[] = {
@@ -8851,6 +8856,7 @@ static const unsigned kNIDsInShortNameOrder[] = {
     67 /* DSA-old */,
     297 /* DVCS */,
     949 /* ED25519 */,
+    960 /* ED448 */,
     99 /* GN */,
     855 /* HMAC */,
     780 /* HMAC-MD5 */,
@@ -9729,6 +9735,7 @@ static const unsigned kNIDsInLongNameOrder[] = {
     392 /* Domain */,
     132 /* E-mail Protection */,
     949 /* ED25519 */,
+    960 /* ED448 */,
     389 /* Enterprises */,
     384 /* Experimental */,
     372 /* Extended OCSP Status */,
@@ -10667,8 +10674,8 @@ static const unsigned kNIDsInLongNameOrder[] = {
 static const unsigned kNIDsInOIDOrder[] = {
     434 /* 0.9 (OBJ_data) */,
     182 /* 1.2 (OBJ_member_body) */,
-    379 /* 1.3 (OBJ_org) */,
     676 /* 1.3 (OBJ_identified_organization) */,
+    379 /* 1.3 (OBJ_org) */,
     11 /* 2.5 (OBJ_X500) */,
     647 /* 2.23 (OBJ_international_organizations) */,
     380 /* 1.3.6 (OBJ_dod) */,
@@ -10681,6 +10688,7 @@ static const unsigned kNIDsInOIDOrder[] = {
     183 /* 1.2.840 (OBJ_ISO_US) */,
     381 /* 1.3.6.1 (OBJ_iana) */,
     949 /* 1.3.101.112 (OBJ_ED25519) */,
+    960 /* 1.3.101.113 (OBJ_ED448) */,
     677 /* 1.3.132 (OBJ_certicom_arc) */,
     394 /* 2.5.1.5 (OBJ_selected_attribute_types) */,
     13 /* 2.5.4.3 (OBJ_commonName) */,

crypto/obj/obj_mac.num

@@ -948,3 +948,4 @@ auth_psk		956
 kx_any		957
 auth_any		958
 CECPQ2		959
+ED448		960

crypto/obj/objects.txt

@@ -1355,3 +1355,6 @@ secg-scheme 14 3 : dhSinglePass-cofactorDH-sha512kdf-scheme
 # TLS 1.3 cipher suites do not specify key exchange or authentication.
  : KxANY : kx-any
  : AuthANY : auth-any
+
+# From RFC8410
+1 3 101 113 : ED448

include/openssl/nid.h

@@ -4237,6 +4237,10 @@ extern "C" {
 #define SN_CECPQ2 "CECPQ2"
 #define NID_CECPQ2 959
 
+#define SN_ED448 "ED448"
+#define NID_ED448 960
+#define OBJ_ED448 1L, 3L, 101L, 113L
+
 
 #if defined(__cplusplus)
 } /* extern C */

include/openssl/ssl.h

@@ -4120,6 +4120,11 @@ OPENSSL_EXPORT void SSL_set_state(SSL *ssl, int state);
 // pointer to |buf|, or NULL if |len| is less than or equal to zero.
 OPENSSL_EXPORT char *SSL_get_shared_ciphers(const SSL *ssl, char *buf, int len);
 
+// SSL_get_shared_sigalgs returns zero.
+OPENSSL_EXPORT int SSL_get_shared_sigalgs(SSL *ssl, int idx, int *psign,
+                                          int *phash, int *psignandhash,
+                                          uint8_t *rsig, uint8_t *rhash);
+
 // SSL_MODE_HANDSHAKE_CUTTHROUGH is the same as SSL_MODE_ENABLE_FALSE_START.
 #define SSL_MODE_HANDSHAKE_CUTTHROUGH SSL_MODE_ENABLE_FALSE_START
 

ssl/ssl_lib.cc

@@ -2496,6 +2496,11 @@ char *SSL_get_shared_ciphers(const SSL *ssl, char *buf, int len) {
   return buf;
 }
 
+int SSL_get_shared_sigalgs(SSL *ssl, int idx, int *psign, int *phash,
+                           int *psignandhash, uint8_t *rsig, uint8_t *rhash) {
+  return 0;
+}
+
 int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method) {
   if (ctx->method->is_dtls) {
     return 0;