rust/rustls
rust
/
rustls
mirror of https://github.com/ctz/rustls
1
0
Fork 0
Code Issues Releases Wiki Activity

Make `SignatureScheme` enum names closer to IANA 

Having our naming close to the standard makes things a bit clearer.

- ECDSA_SHA1_Legacy -> ECDSA_SHA1.
- RSA_PSS_SHA* -> RSA_PSS_RSAE_*.
- add RSA_PSS_PSS_* enums (not implemented on our side, but could be).
- ECDSA_NISTP* -> ECDSA_SECP*.
- complete supported_in_tls13(), in case these are encountered via
  pluggable crypto.

This is a breaking API change.
This commit is contained in:
Joseph Birr-Pixton 2023-08-04 16:04:51 +01:00
parent 03e88637e5
commit 2658d88a99
8 changed files with 93 additions and 81 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
rustls/examples/internal/bogo_shim.rs
View File

@ -343,11 +343,11 @@ fn lookup_scheme(scheme: u16) -> SignatureScheme {
0x0401 => SignatureScheme::RSA_PKCS1_SHA256, 0x0401 => SignatureScheme::RSA_PKCS1_SHA256,
0x0501 => SignatureScheme::RSA_PKCS1_SHA384, 0x0501 => SignatureScheme::RSA_PKCS1_SHA384,
0x0601 => SignatureScheme::RSA_PKCS1_SHA512, 0x0601 => SignatureScheme::RSA_PKCS1_SHA512,
0x0403 => SignatureScheme::ECDSA_NISTP256_SHA256, 0x0403 => SignatureScheme::ECDSA_SECP256R1_SHA256,
0x0503 => SignatureScheme::ECDSA_NISTP384_SHA384, 0x0503 => SignatureScheme::ECDSA_SECP384R1_SHA384,
0x0804 => SignatureScheme::RSA_PSS_SHA256, 0x0804 => SignatureScheme::RSA_PSS_RSAE_SHA256,
0x0805 => SignatureScheme::RSA_PSS_SHA384, 0x0805 => SignatureScheme::RSA_PSS_RSAE_SHA384,
0x0806 => SignatureScheme::RSA_PSS_SHA512, 0x0806 => SignatureScheme::RSA_PSS_RSAE_SHA512,
0x0807 => SignatureScheme::ED25519, 0x0807 => SignatureScheme::ED25519,
// TODO: add support for Ed448 // TODO: add support for Ed448
// 0x0808 => SignatureScheme::ED448, // 0x0808 => SignatureScheme::ED448,

47
rustls/src/enums.rs
View File

@ -503,16 +503,19 @@ enum_builder! {
EnumName: SignatureScheme; EnumName: SignatureScheme;
EnumVal{ EnumVal{
RSA_PKCS1_SHA1 => 0x0201, RSA_PKCS1_SHA1 => 0x0201,
ECDSA_SHA1_Legacy => 0x0203,
RSA_PKCS1_SHA256 => 0x0401, RSA_PKCS1_SHA256 => 0x0401,
ECDSA_NISTP256_SHA256 => 0x0403,
RSA_PKCS1_SHA384 => 0x0501, RSA_PKCS1_SHA384 => 0x0501,
ECDSA_NISTP384_SHA384 => 0x0503,
RSA_PKCS1_SHA512 => 0x0601, RSA_PKCS1_SHA512 => 0x0601,
ECDSA_NISTP521_SHA512 => 0x0603, ECDSA_SHA1 => 0x0203,
RSA_PSS_SHA256 => 0x0804, ECDSA_SECP256R1_SHA256 => 0x0403,
RSA_PSS_SHA384 => 0x0805, ECDSA_SECP384R1_SHA384 => 0x0503,
RSA_PSS_SHA512 => 0x0806, ECDSA_SECP521R1_SHA512 => 0x0603,
RSA_PSS_RSAE_SHA256 => 0x0804,
RSA_PSS_RSAE_SHA384 => 0x0805,
RSA_PSS_RSAE_SHA512 => 0x0806,
RSA_PSS_PSS_SHA256 => 0x0809,
RSA_PSS_PSS_SHA384 => 0x080a,
RSA_PSS_PSS_SHA512 => 0x080b,
ED25519 => 0x0807, ED25519 => 0x0807,
ED448 => 0x0808 ED448 => 0x0808
} }
@ -525,12 +528,15 @@ impl SignatureScheme {
| Self::RSA_PKCS1_SHA256 | Self::RSA_PKCS1_SHA256
| Self::RSA_PKCS1_SHA384 | Self::RSA_PKCS1_SHA384
| Self::RSA_PKCS1_SHA512 | Self::RSA_PKCS1_SHA512
| Self::RSA_PSS_SHA256 | Self::RSA_PSS_RSAE_SHA256
| Self::RSA_PSS_SHA384 | Self::RSA_PSS_RSAE_SHA384
| Self::RSA_PSS_SHA512 => SignatureAlgorithm::RSA, | Self::RSA_PSS_RSAE_SHA512
Self::ECDSA_NISTP256_SHA256 | Self::RSA_PSS_PSS_SHA256
| Self::ECDSA_NISTP384_SHA384 | Self::RSA_PSS_PSS_SHA384
| Self::ECDSA_NISTP521_SHA512 => SignatureAlgorithm::ECDSA, | Self::RSA_PSS_PSS_SHA512 => SignatureAlgorithm::RSA,
Self::ECDSA_SECP256R1_SHA256
| Self::ECDSA_SECP384R1_SHA384
| Self::ECDSA_SECP521R1_SHA512 => SignatureAlgorithm::ECDSA,
_ => SignatureAlgorithm::Unknown(0), _ => SignatureAlgorithm::Unknown(0),
} }
} }
@ -545,12 +551,17 @@ impl SignatureScheme {
pub(crate) fn supported_in_tls13(&self) -> bool { pub(crate) fn supported_in_tls13(&self) -> bool {
matches!( matches!(
*self, *self,
Self::ECDSA_NISTP384_SHA384 Self::ECDSA_SECP256R1_SHA256
| Self::ECDSA_NISTP256_SHA256 | Self::ECDSA_SECP384R1_SHA384
| Self::RSA_PSS_SHA512 | Self::ECDSA_SECP521R1_SHA512
| Self::RSA_PSS_SHA384 | Self::RSA_PSS_RSAE_SHA256
| Self::RSA_PSS_SHA256 | Self::RSA_PSS_RSAE_SHA384
| Self::RSA_PSS_RSAE_SHA512
| Self::RSA_PSS_PSS_SHA256
| Self::RSA_PSS_PSS_SHA384
| Self::RSA_PSS_PSS_SHA512
| Self::ED25519 | Self::ED25519
| Self::ED448
) )
} }
} }

10
rustls/src/msgs/handshake_test.rs
View File

@ -364,7 +364,7 @@ fn get_sample_clienthellopayload() -> ClientHelloPayload {
extensions: vec![ extensions: vec![
ClientExtension::ECPointFormats(ECPointFormat::SUPPORTED.to_vec()), ClientExtension::ECPointFormats(ECPointFormat::SUPPORTED.to_vec()),
ClientExtension::NamedGroups(vec![NamedGroup::X25519]), ClientExtension::NamedGroups(vec![NamedGroup::X25519]),
ClientExtension::SignatureAlgorithms(vec![SignatureScheme::ECDSA_NISTP256_SHA256]), ClientExtension::SignatureAlgorithms(vec![SignatureScheme::ECDSA_SECP256R1_SHA256]),
ClientExtension::make_sni(DnsNameRef::try_from("hello").unwrap()), ClientExtension::make_sni(DnsNameRef::try_from("hello").unwrap()),
ClientExtension::SessionTicket(ClientSessionTicket::Request), ClientExtension::SessionTicket(ClientSessionTicket::Request),
ClientExtension::SessionTicket(ClientSessionTicket::Offer(Payload(vec![]))), ClientExtension::SessionTicket(ClientSessionTicket::Offer(Payload(vec![]))),
@ -817,7 +817,7 @@ fn get_sample_serverkeyexchangepayload_ecdhe() -> ServerKeyExchangePayload {
}, },
public: PayloadU8(vec![1, 2, 3]), public: PayloadU8(vec![1, 2, 3]),
}, },
dss: DigitallySignedStruct::new(SignatureScheme::RSA_PSS_SHA256, vec![1, 2, 3]), dss: DigitallySignedStruct::new(SignatureScheme::RSA_PSS_RSAE_SHA256, vec![1, 2, 3]),
}) })
} }
@ -828,7 +828,7 @@ fn get_sample_serverkeyexchangepayload_unknown() -> ServerKeyExchangePayload {
fn get_sample_certificaterequestpayload() -> CertificateRequestPayload { fn get_sample_certificaterequestpayload() -> CertificateRequestPayload {
CertificateRequestPayload { CertificateRequestPayload {
certtypes: vec![ClientCertificateType::RSASign], certtypes: vec![ClientCertificateType::RSASign],
sigschemes: vec![SignatureScheme::ECDSA_NISTP256_SHA256], sigschemes: vec![SignatureScheme::ECDSA_SECP256R1_SHA256],
canames: vec![DistinguishedName::from(vec![1, 2, 3])], canames: vec![DistinguishedName::from(vec![1, 2, 3])],
} }
} }
@ -837,7 +837,7 @@ fn get_sample_certificaterequestpayloadtls13() -> CertificateRequestPayloadTLS13
CertificateRequestPayloadTLS13 { CertificateRequestPayloadTLS13 {
context: PayloadU8(vec![1, 2, 3]), context: PayloadU8(vec![1, 2, 3]),
extensions: vec![ extensions: vec![
CertReqExtension::SignatureAlgorithms(vec![SignatureScheme::ECDSA_NISTP256_SHA256]), CertReqExtension::SignatureAlgorithms(vec![SignatureScheme::ECDSA_SECP256R1_SHA256]),
CertReqExtension::AuthorityNames(vec![DistinguishedName::from(vec![1, 2, 3])]), CertReqExtension::AuthorityNames(vec![DistinguishedName::from(vec![1, 2, 3])]),
CertReqExtension::Unknown(UnknownExtension { CertReqExtension::Unknown(UnknownExtension {
typ: ExtensionType::Unknown(12345), typ: ExtensionType::Unknown(12345),
@ -1048,7 +1048,7 @@ fn get_all_tls13_handshake_payloads() -> Vec<HandshakeMessagePayload> {
HandshakeMessagePayload { HandshakeMessagePayload {
typ: HandshakeType::CertificateVerify, typ: HandshakeType::CertificateVerify,
payload: HandshakePayload::CertificateVerify(DigitallySignedStruct::new( payload: HandshakePayload::CertificateVerify(DigitallySignedStruct::new(
SignatureScheme::ECDSA_NISTP256_SHA256, SignatureScheme::ECDSA_SECP256R1_SHA256,
vec![1, 2, 3], vec![1, 2, 3],
)), )),
}, },

20
rustls/src/sign.rs
View File

@ -86,7 +86,7 @@ pub fn any_supported_type(der: &key::PrivateKey) -> Result<Arc<dyn SigningKey>,
pub fn any_ecdsa_type(der: &key::PrivateKey) -> Result<Arc<dyn SigningKey>, SignError> { pub fn any_ecdsa_type(der: &key::PrivateKey) -> Result<Arc<dyn SigningKey>, SignError> {
if let Ok(ecdsa_p256) = EcdsaSigningKey::new( if let Ok(ecdsa_p256) = EcdsaSigningKey::new(
der, der,
SignatureScheme::ECDSA_NISTP256_SHA256, SignatureScheme::ECDSA_SECP256R1_SHA256,
&signature::ECDSA_P256_SHA256_ASN1_SIGNING, &signature::ECDSA_P256_SHA256_ASN1_SIGNING,
) { ) {
return Ok(Arc::new(ecdsa_p256)); return Ok(Arc::new(ecdsa_p256));
@ -94,7 +94,7 @@ pub fn any_ecdsa_type(der: &key::PrivateKey) -> Result<Arc<dyn SigningKey>, Sign
if let Ok(ecdsa_p384) = EcdsaSigningKey::new( if let Ok(ecdsa_p384) = EcdsaSigningKey::new(
der, der,
SignatureScheme::ECDSA_NISTP384_SHA384, SignatureScheme::ECDSA_SECP384R1_SHA384,
&signature::ECDSA_P384_SHA384_ASN1_SIGNING, &signature::ECDSA_P384_SHA384_ASN1_SIGNING,
) { ) {
return Ok(Arc::new(ecdsa_p384)); return Ok(Arc::new(ecdsa_p384));
@ -124,9 +124,9 @@ pub struct RsaSigningKey {
} }
static ALL_RSA_SCHEMES: &[SignatureScheme] = &[ static ALL_RSA_SCHEMES: &[SignatureScheme] = &[
SignatureScheme::RSA_PSS_SHA512, SignatureScheme::RSA_PSS_RSAE_SHA512,
SignatureScheme::RSA_PSS_SHA384, SignatureScheme::RSA_PSS_RSAE_SHA384,
SignatureScheme::RSA_PSS_SHA256, SignatureScheme::RSA_PSS_RSAE_SHA256,
SignatureScheme::RSA_PKCS1_SHA512, SignatureScheme::RSA_PKCS1_SHA512,
SignatureScheme::RSA_PKCS1_SHA384, SignatureScheme::RSA_PKCS1_SHA384,
SignatureScheme::RSA_PKCS1_SHA256, SignatureScheme::RSA_PKCS1_SHA256,
@ -168,9 +168,9 @@ impl RsaSigner {
SignatureScheme::RSA_PKCS1_SHA256 => &signature::RSA_PKCS1_SHA256, SignatureScheme::RSA_PKCS1_SHA256 => &signature::RSA_PKCS1_SHA256,
SignatureScheme::RSA_PKCS1_SHA384 => &signature::RSA_PKCS1_SHA384, SignatureScheme::RSA_PKCS1_SHA384 => &signature::RSA_PKCS1_SHA384,
SignatureScheme::RSA_PKCS1_SHA512 => &signature::RSA_PKCS1_SHA512, SignatureScheme::RSA_PKCS1_SHA512 => &signature::RSA_PKCS1_SHA512,
SignatureScheme::RSA_PSS_SHA256 => &signature::RSA_PSS_SHA256, SignatureScheme::RSA_PSS_RSAE_SHA256 => &signature::RSA_PSS_SHA256,
SignatureScheme::RSA_PSS_SHA384 => &signature::RSA_PSS_SHA384, SignatureScheme::RSA_PSS_RSAE_SHA384 => &signature::RSA_PSS_SHA384,
SignatureScheme::RSA_PSS_SHA512 => &signature::RSA_PSS_SHA512, SignatureScheme::RSA_PSS_RSAE_SHA512 => &signature::RSA_PSS_SHA512,
_ => unreachable!(), _ => unreachable!(),
}; };
@ -241,8 +241,8 @@ impl EcdsaSigningKey {
maybe_sec1_der: &[u8], maybe_sec1_der: &[u8],
) -> Result<EcdsaKeyPair, ()> { ) -> Result<EcdsaKeyPair, ()> {
let pkcs8_prefix = match scheme { let pkcs8_prefix = match scheme {
SignatureScheme::ECDSA_NISTP256_SHA256 => &PKCS8_PREFIX_ECDSA_NISTP256, SignatureScheme::ECDSA_SECP256R1_SHA256 => &PKCS8_PREFIX_ECDSA_NISTP256,
SignatureScheme::ECDSA_NISTP384_SHA384 => &PKCS8_PREFIX_ECDSA_NISTP384, SignatureScheme::ECDSA_SECP384R1_SHA384 => &PKCS8_PREFIX_ECDSA_NISTP384,
_ => unreachable!(), // all callers are in this file _ => unreachable!(), // all callers are in this file
}; };

13
rustls/src/tls12/mod.rs
View File

@ -118,15 +118,16 @@ pub static TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: SupportedCipherSuite =
static TLS12_ECDSA_SCHEMES: &[SignatureScheme] = &[ static TLS12_ECDSA_SCHEMES: &[SignatureScheme] = &[
SignatureScheme::ED25519, SignatureScheme::ED25519,
SignatureScheme::ECDSA_NISTP521_SHA512, SignatureScheme::ED448,
SignatureScheme::ECDSA_NISTP384_SHA384, SignatureScheme::ECDSA_SECP521R1_SHA512,
SignatureScheme::ECDSA_NISTP256_SHA256, SignatureScheme::ECDSA_SECP384R1_SHA384,
SignatureScheme::ECDSA_SECP256R1_SHA256,
]; ];
static TLS12_RSA_SCHEMES: &[SignatureScheme] = &[ static TLS12_RSA_SCHEMES: &[SignatureScheme] = &[
SignatureScheme::RSA_PSS_SHA512, SignatureScheme::RSA_PSS_RSAE_SHA512,
SignatureScheme::RSA_PSS_SHA384, SignatureScheme::RSA_PSS_RSAE_SHA384,
SignatureScheme::RSA_PSS_SHA256, SignatureScheme::RSA_PSS_RSAE_SHA256,
SignatureScheme::RSA_PKCS1_SHA512, SignatureScheme::RSA_PKCS1_SHA512,
SignatureScheme::RSA_PKCS1_SHA384, SignatureScheme::RSA_PKCS1_SHA384,
SignatureScheme::RSA_PKCS1_SHA256, SignatureScheme::RSA_PKCS1_SHA256,

8
rustls/src/verify.rs
View File

@ -105,7 +105,7 @@ pub trait ServerCertVerifier: Send + Sync {
/// connection. /// connection.
/// ///
/// This method is only called for TLS1.2 handshakes. Note that, in TLS1.2, /// This method is only called for TLS1.2 handshakes. Note that, in TLS1.2,
/// SignatureSchemes such as `SignatureScheme::ECDSA_NISTP256_SHA256` are not /// SignatureSchemes such as `SignatureScheme::ECDSA_SECP256R1_SHA256` are not
/// in fact bound to the specific curve implied in their name. /// in fact bound to the specific curve implied in their name.
fn verify_tls12_signature( fn verify_tls12_signature(
&self, &self,
@ -119,7 +119,7 @@ pub trait ServerCertVerifier: Send + Sync {
/// This method is only called for TLS1.3 handshakes. /// This method is only called for TLS1.3 handshakes.
/// ///
/// This method is very similar to `verify_tls12_signature`: but note the /// This method is very similar to `verify_tls12_signature`: but note the
/// tighter ECDSA SignatureScheme semantics -- e.g. `SignatureScheme::ECDSA_NISTP256_SHA256` /// tighter ECDSA SignatureScheme semantics -- e.g. `SignatureScheme::ECDSA_SECP256R1_SHA256`
/// must only validate signatures using public keys on the right curve -- /// must only validate signatures using public keys on the right curve --
/// rustls does not enforce this requirement for you. /// rustls does not enforce this requirement for you.
/// ///
@ -213,7 +213,7 @@ pub trait ClientCertVerifier: Send + Sync {
/// connection. /// connection.
/// ///
/// This method is only called for TLS1.2 handshakes. Note that, in TLS1.2, /// This method is only called for TLS1.2 handshakes. Note that, in TLS1.2,
/// SignatureSchemes such as `SignatureScheme::ECDSA_NISTP256_SHA256` are not /// SignatureSchemes such as `SignatureScheme::ECDSA_SECP256R1_SHA256` are not
/// in fact bound to the specific curve implied in their name. /// in fact bound to the specific curve implied in their name.
fn verify_tls12_signature( fn verify_tls12_signature(
&self, &self,
@ -228,7 +228,7 @@ pub trait ClientCertVerifier: Send + Sync {
/// ///
/// This method is very similar to `verify_tls12_signature`, but note the /// This method is very similar to `verify_tls12_signature`, but note the
/// tighter ECDSA SignatureScheme semantics in TLS 1.3. For example, /// tighter ECDSA SignatureScheme semantics in TLS 1.3. For example,
/// `SignatureScheme::ECDSA_NISTP256_SHA256` /// `SignatureScheme::ECDSA_SECP256R1_SHA256`
/// must only validate signatures using public keys on the right curve -- /// must only validate signatures using public keys on the right curve --
/// rustls does not enforce this requirement for you. /// rustls does not enforce this requirement for you.
fn verify_tls13_signature( fn verify_tls13_signature(

36
rustls/src/webpki/verify.rs
View File

@ -162,12 +162,12 @@ impl WebPkiServerVerifier {
/// Which signature verification schemes the `webpki` crate supports. /// Which signature verification schemes the `webpki` crate supports.
pub fn default_supported_verify_schemes() -> Vec<SignatureScheme> { pub fn default_supported_verify_schemes() -> Vec<SignatureScheme> {
vec![ vec![
SignatureScheme::ECDSA_NISTP384_SHA384, SignatureScheme::ECDSA_SECP384R1_SHA384,
SignatureScheme::ECDSA_NISTP256_SHA256, SignatureScheme::ECDSA_SECP256R1_SHA256,
SignatureScheme::ED25519, SignatureScheme::ED25519,
SignatureScheme::RSA_PSS_SHA512, SignatureScheme::RSA_PSS_RSAE_SHA512,
SignatureScheme::RSA_PSS_SHA384, SignatureScheme::RSA_PSS_RSAE_SHA384,
SignatureScheme::RSA_PSS_SHA256, SignatureScheme::RSA_PSS_RSAE_SHA256,
SignatureScheme::RSA_PKCS1_SHA512, SignatureScheme::RSA_PKCS1_SHA512,
SignatureScheme::RSA_PKCS1_SHA384, SignatureScheme::RSA_PKCS1_SHA384,
SignatureScheme::RSA_PKCS1_SHA256, SignatureScheme::RSA_PKCS1_SHA256,
@ -474,15 +474,15 @@ static ED25519: SignatureAlgorithms = &[webpki::ED25519];
static RSA_SHA256: SignatureAlgorithms = &[webpki::RSA_PKCS1_2048_8192_SHA256]; static RSA_SHA256: SignatureAlgorithms = &[webpki::RSA_PKCS1_2048_8192_SHA256];
static RSA_SHA384: SignatureAlgorithms = &[webpki::RSA_PKCS1_2048_8192_SHA384]; static RSA_SHA384: SignatureAlgorithms = &[webpki::RSA_PKCS1_2048_8192_SHA384];
static RSA_SHA512: SignatureAlgorithms = &[webpki::RSA_PKCS1_2048_8192_SHA512]; static RSA_SHA512: SignatureAlgorithms = &[webpki::RSA_PKCS1_2048_8192_SHA512];
static RSA_PSS_SHA256: SignatureAlgorithms = &[webpki::RSA_PSS_2048_8192_SHA256_LEGACY_KEY]; static RSA_PSS_RSAE_SHA256: SignatureAlgorithms = &[webpki::RSA_PSS_2048_8192_SHA256_LEGACY_KEY];
static RSA_PSS_SHA384: SignatureAlgorithms = &[webpki::RSA_PSS_2048_8192_SHA384_LEGACY_KEY]; static RSA_PSS_RSAE_SHA384: SignatureAlgorithms = &[webpki::RSA_PSS_2048_8192_SHA384_LEGACY_KEY];
static RSA_PSS_SHA512: SignatureAlgorithms = &[webpki::RSA_PSS_2048_8192_SHA512_LEGACY_KEY]; static RSA_PSS_RSAE_SHA512: SignatureAlgorithms = &[webpki::RSA_PSS_2048_8192_SHA512_LEGACY_KEY];
fn convert_scheme(scheme: SignatureScheme) -> Result<SignatureAlgorithms, Error> { fn convert_scheme(scheme: SignatureScheme) -> Result<SignatureAlgorithms, Error> {
match scheme { match scheme {
// nb. for TLS1.2 the curve is not fixed by SignatureScheme. // nb. for TLS1.2 the curve is not fixed by SignatureScheme.
SignatureScheme::ECDSA_NISTP256_SHA256 => Ok(ECDSA_SHA256), SignatureScheme::ECDSA_SECP256R1_SHA256 => Ok(ECDSA_SHA256),
SignatureScheme::ECDSA_NISTP384_SHA384 => Ok(ECDSA_SHA384), SignatureScheme::ECDSA_SECP384R1_SHA384 => Ok(ECDSA_SHA384),
SignatureScheme::ED25519 => Ok(ED25519), SignatureScheme::ED25519 => Ok(ED25519),
@ -490,9 +490,9 @@ fn convert_scheme(scheme: SignatureScheme) -> Result<SignatureAlgorithms, Error>
SignatureScheme::RSA_PKCS1_SHA384 => Ok(RSA_SHA384), SignatureScheme::RSA_PKCS1_SHA384 => Ok(RSA_SHA384),
SignatureScheme::RSA_PKCS1_SHA512 => Ok(RSA_SHA512), SignatureScheme::RSA_PKCS1_SHA512 => Ok(RSA_SHA512),
SignatureScheme::RSA_PSS_SHA256 => Ok(RSA_PSS_SHA256), SignatureScheme::RSA_PSS_RSAE_SHA256 => Ok(RSA_PSS_RSAE_SHA256),
SignatureScheme::RSA_PSS_SHA384 => Ok(RSA_PSS_SHA384), SignatureScheme::RSA_PSS_RSAE_SHA384 => Ok(RSA_PSS_RSAE_SHA384),
SignatureScheme::RSA_PSS_SHA512 => Ok(RSA_PSS_SHA512), SignatureScheme::RSA_PSS_RSAE_SHA512 => Ok(RSA_PSS_RSAE_SHA512),
_ => Err(PeerMisbehaved::SignedHandshakeWithUnadvertisedSigScheme.into()), _ => Err(PeerMisbehaved::SignedHandshakeWithUnadvertisedSigScheme.into()),
} }
@ -535,12 +535,12 @@ fn convert_alg_tls13(
use crate::enums::SignatureScheme::*; use crate::enums::SignatureScheme::*;
match scheme { match scheme {
ECDSA_NISTP256_SHA256 => Ok(webpki::ECDSA_P256_SHA256), ECDSA_SECP256R1_SHA256 => Ok(webpki::ECDSA_P256_SHA256),
ECDSA_NISTP384_SHA384 => Ok(webpki::ECDSA_P384_SHA384), ECDSA_SECP384R1_SHA384 => Ok(webpki::ECDSA_P384_SHA384),
ED25519 => Ok(webpki::ED25519), ED25519 => Ok(webpki::ED25519),
RSA_PSS_SHA256 => Ok(webpki::RSA_PSS_2048_8192_SHA256_LEGACY_KEY), RSA_PSS_RSAE_SHA256 => Ok(webpki::RSA_PSS_2048_8192_SHA256_LEGACY_KEY),
RSA_PSS_SHA384 => Ok(webpki::RSA_PSS_2048_8192_SHA384_LEGACY_KEY), RSA_PSS_RSAE_SHA384 => Ok(webpki::RSA_PSS_2048_8192_SHA384_LEGACY_KEY),
RSA_PSS_SHA512 => Ok(webpki::RSA_PSS_2048_8192_SHA512_LEGACY_KEY), RSA_PSS_RSAE_SHA512 => Ok(webpki::RSA_PSS_2048_8192_SHA512_LEGACY_KEY),
_ => Err(PeerMisbehaved::SignedHandshakeWithUnadvertisedSigScheme.into()), _ => Err(PeerMisbehaved::SignedHandshakeWithUnadvertisedSigScheme.into()),
} }
} }

30
rustls/tests/api.rs
View File

@ -841,9 +841,9 @@ fn server_cert_resolve_reduces_sigalgs_for_rsa_ciphersuite() {
KeyType::Rsa, KeyType::Rsa,
CipherSuite::TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, CipherSuite::TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
vec![ vec![
SignatureScheme::RSA_PSS_SHA512, SignatureScheme::RSA_PSS_RSAE_SHA512,
SignatureScheme::RSA_PSS_SHA384, SignatureScheme::RSA_PSS_RSAE_SHA384,
SignatureScheme::RSA_PSS_SHA256, SignatureScheme::RSA_PSS_RSAE_SHA256,
SignatureScheme::RSA_PKCS1_SHA512, SignatureScheme::RSA_PKCS1_SHA512,
SignatureScheme::RSA_PKCS1_SHA384, SignatureScheme::RSA_PKCS1_SHA384,
SignatureScheme::RSA_PKCS1_SHA256, SignatureScheme::RSA_PKCS1_SHA256,
@ -858,8 +858,8 @@ fn server_cert_resolve_reduces_sigalgs_for_ecdsa_ciphersuite() {
KeyType::Ecdsa, KeyType::Ecdsa,
CipherSuite::TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, CipherSuite::TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
vec![ vec![
SignatureScheme::ECDSA_NISTP384_SHA384, SignatureScheme::ECDSA_SECP384R1_SHA384,
SignatureScheme::ECDSA_NISTP256_SHA256, SignatureScheme::ECDSA_SECP256R1_SHA256,
SignatureScheme::ED25519, SignatureScheme::ED25519,
], ],
); );
@ -1053,23 +1053,23 @@ fn client_cert_resolve() {
for version in rustls::ALL_VERSIONS { for version in rustls::ALL_VERSIONS {
let expected_sigschemes = match version.version { let expected_sigschemes = match version.version {
ProtocolVersion::TLSv1_2 => vec![ ProtocolVersion::TLSv1_2 => vec![
SignatureScheme::ECDSA_NISTP384_SHA384, SignatureScheme::ECDSA_SECP384R1_SHA384,
SignatureScheme::ECDSA_NISTP256_SHA256, SignatureScheme::ECDSA_SECP256R1_SHA256,
SignatureScheme::ED25519, SignatureScheme::ED25519,
SignatureScheme::RSA_PSS_SHA512, SignatureScheme::RSA_PSS_RSAE_SHA512,
SignatureScheme::RSA_PSS_SHA384, SignatureScheme::RSA_PSS_RSAE_SHA384,
SignatureScheme::RSA_PSS_SHA256, SignatureScheme::RSA_PSS_RSAE_SHA256,
SignatureScheme::RSA_PKCS1_SHA512, SignatureScheme::RSA_PKCS1_SHA512,
SignatureScheme::RSA_PKCS1_SHA384, SignatureScheme::RSA_PKCS1_SHA384,
SignatureScheme::RSA_PKCS1_SHA256, SignatureScheme::RSA_PKCS1_SHA256,
], ],
ProtocolVersion::TLSv1_3 => vec![ ProtocolVersion::TLSv1_3 => vec![
SignatureScheme::ECDSA_NISTP384_SHA384, SignatureScheme::ECDSA_SECP384R1_SHA384,
SignatureScheme::ECDSA_NISTP256_SHA256, SignatureScheme::ECDSA_SECP256R1_SHA256,
SignatureScheme::ED25519, SignatureScheme::ED25519,
SignatureScheme::RSA_PSS_SHA512, SignatureScheme::RSA_PSS_RSAE_SHA512,
SignatureScheme::RSA_PSS_SHA384, SignatureScheme::RSA_PSS_RSAE_SHA384,
SignatureScheme::RSA_PSS_SHA256, SignatureScheme::RSA_PSS_RSAE_SHA256,
], ],
_ => unreachable!(), _ => unreachable!(),
}; };