From ce1c25b81489205857a335a611460c0d05d4ad65 Mon Sep 17 00:00:00 2001 From: Adam Langley Date: Wed, 26 Oct 2016 12:30:30 -0700 Subject: [PATCH] crypto/tls: add a SignatureScheme type. The SignatureAndHashAlgorithm from TLS 1.2[1] is being changed to SignatureScheme in TLS 1.3[2]. (The actual values are compatible however.) Since we expect to support TLS 1.3 in the future, we're already using the name and style of SignatureScheme in the recently augmented ClientHelloInfo. As this is public API, it seems that SignatureScheme should have its own type and exported values, which is implemented in this change. [1] https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1 [2] https://tools.ietf.org/html/draft-ietf-tls-tls13-18#section-4.2.3 Change-Id: I0482755d02bb9a04eaf075c012696103eb806645 Reviewed-on: https://go-review.googlesource.com/32119 Reviewed-by: Brad Fitzpatrick Run-TryBot: Adam Langley TryBot-Result: Gobot Gobot --- common.go | 21 ++++++++++++++++++++- handshake_server.go | 4 ++-- 2 files changed, 22 insertions(+), 3 deletions(-) diff --git a/common.go b/common.go index 78c762f..beca798 100644 --- a/common.go +++ b/common.go @@ -215,6 +215,25 @@ type ClientSessionCache interface { Put(sessionKey string, cs *ClientSessionState) } +// SignatureScheme identifies a signature algorithm supported by TLS. See +// https://tools.ietf.org/html/draft-ietf-tls-tls13-18#section-4.2.3. +type SignatureScheme uint16 + +const ( + PKCS1WithSHA1 SignatureScheme = 0x0201 + PKCS1WithSHA256 SignatureScheme = 0x0401 + PKCS1WithSHA384 SignatureScheme = 0x0501 + PKCS1WithSHA512 SignatureScheme = 0x0601 + + PSSWithSHA256 SignatureScheme = 0x0804 + PSSWithSHA384 SignatureScheme = 0x0805 + PSSWithSHA512 SignatureScheme = 0x0806 + + ECDSAWithP256AndSHA256 SignatureScheme = 0x0403 + ECDSAWithP384AndSHA384 SignatureScheme = 0x0503 + ECDSAWithP521AndSHA512 SignatureScheme = 0x0603 +) + // ClientHelloInfo contains information from a ClientHello message in order to // guide certificate selection in the GetCertificate callback. type ClientHelloInfo struct { @@ -244,7 +263,7 @@ type ClientHelloInfo struct { // is willing to verify. SignatureSchemes is set only if the Signature // Algorithms Extension is being used (see // https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1). - SignatureSchemes []uint16 + SignatureSchemes []SignatureScheme // SupportedProtos lists the application protocols supported by the client. // SupportedProtos is set only if the Application-Layer Protocol diff --git a/handshake_server.go b/handshake_server.go index 0cccd65..b786c30 100644 --- a/handshake_server.go +++ b/handshake_server.go @@ -822,9 +822,9 @@ func (hs *serverHandshakeState) clientHelloInfo() *ClientHelloInfo { supportedVersions = suppVersArray[VersionTLS12-hs.clientHello.vers:] } - signatureSchemes := make([]uint16, 0, len(hs.clientHello.signatureAndHashes)) + signatureSchemes := make([]SignatureScheme, 0, len(hs.clientHello.signatureAndHashes)) for _, sah := range hs.clientHello.signatureAndHashes { - signatureSchemes = append(signatureSchemes, uint16(sah.hash)<<8+uint16(sah.signature)) + signatureSchemes = append(signatureSchemes, SignatureScheme(sah.hash)<<8+SignatureScheme(sah.signature)) } hs.cachedClientHelloInfo = &ClientHelloInfo{