Add support for SHA2 in CAPI ENGINE.

PR#2706 though patch is from PR#3366.

diff --git a/engines/e_capi.c b/engines/e_capi.c
index a3456a330cdf757cd605d0cb5551a3e5c31192b4..d4221cbae3f24e6a18a38f5ea4db7815e7cc71d6 100644 (file)
--- a/engines/e_capi.c
+++ b/engines/e_capi.c
@@ -114,6 +114,26 @@
 #define CERT_SYSTEM_STORE_CURRENT_USER                 0x00010000
 #endif 
 
+#ifndef        ALG_SID_SHA_256
+       #define ALG_SID_SHA_256                 12
+#endif
+#ifndef        ALG_SID_SHA_384
+       #define ALG_SID_SHA_384                 13
+#endif
+#ifndef        ALG_SID_SHA_512
+       #define ALG_SID_SHA_512                 14
+#endif
+
+#ifndef        CALG_SHA_256
+       #define CALG_SHA_256            (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_SHA_256)
+#endif
+#ifndef        CALG_SHA_384
+       #define CALG_SHA_384            (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_SHA_384)
+#endif
+#ifndef        CALG_SHA_512
+       #define CALG_SHA_512            (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_SHA_512)
+#endif
+
 #include <openssl/engine.h>
 #include <openssl/pem.h>
 #include <openssl/x509v3.h>
@@ -821,6 +841,18 @@ int capi_rsa_sign(int dtype, const unsigned char *m, unsigned int m_len,
 /* Convert the signature type to a CryptoAPI algorithm ID */
        switch(dtype)
                {
+       case NID_sha256:
+               alg = CALG_SHA_256;
+               break;
+
+       case NID_sha384:
+               alg = CALG_SHA_384;
+               break;
+
+       case NID_sha512:
+               alg = CALG_SHA_512;
+               break;
+
        case NID_sha1:
                alg = CALG_SHA1;
                break;