crypto/tls: add a SignatureScheme type.

The SignatureAndHashAlgorithm from TLS 1.2[1] is being changed to
SignatureScheme in TLS 1.3[2]. (The actual values are compatible
however.)

Since we expect to support TLS 1.3 in the future, we're already using
the name and style of SignatureScheme in the recently augmented
ClientHelloInfo. As this is public API, it seems that SignatureScheme
should have its own type and exported values, which is implemented in
this change.

[1] https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1
[2] https://tools.ietf.org/html/draft-ietf-tls-tls13-18#section-4.2.3

Change-Id: I0482755d02bb9a04eaf075c012696103eb806645
Reviewed-on: https://go-review.googlesource.com/32119
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Run-TryBot: Adam Langley <agl@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>

diff --git a/src/crypto/tls/common.go b/src/crypto/tls/common.go
index 78c762fa85a0cd9ca1e2beeb42490b0247089e1d..beca79897b57a78bd5065d1b706c3a919a21a2e1 100644 (file)
--- a/src/crypto/tls/common.go
+++ b/src/crypto/tls/common.go
@@ -215,6 +215,25 @@ type ClientSessionCache interface {
        Put(sessionKey string, cs *ClientSessionState)
 }
 
+// SignatureScheme identifies a signature algorithm supported by TLS. See
+// https://tools.ietf.org/html/draft-ietf-tls-tls13-18#section-4.2.3.
+type SignatureScheme uint16
+
+const (
+       PKCS1WithSHA1   SignatureScheme = 0x0201
+       PKCS1WithSHA256 SignatureScheme = 0x0401
+       PKCS1WithSHA384 SignatureScheme = 0x0501
+       PKCS1WithSHA512 SignatureScheme = 0x0601
+
+       PSSWithSHA256 SignatureScheme = 0x0804
+       PSSWithSHA384 SignatureScheme = 0x0805
+       PSSWithSHA512 SignatureScheme = 0x0806
+
+       ECDSAWithP256AndSHA256 SignatureScheme = 0x0403
+       ECDSAWithP384AndSHA384 SignatureScheme = 0x0503
+       ECDSAWithP521AndSHA512 SignatureScheme = 0x0603
+)
+
 // ClientHelloInfo contains information from a ClientHello message in order to
 // guide certificate selection in the GetCertificate callback.
 type ClientHelloInfo struct {
@@ -244,7 +263,7 @@ type ClientHelloInfo struct {
        // is willing to verify. SignatureSchemes is set only if the Signature
        // Algorithms Extension is being used (see
        // https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1).
-       SignatureSchemes []uint16
+       SignatureSchemes []SignatureScheme
 
        // SupportedProtos lists the application protocols supported by the client.
        // SupportedProtos is set only if the Application-Layer Protocol

diff --git a/src/crypto/tls/handshake_server.go b/src/crypto/tls/handshake_server.go
index 0cccd6580ee029d5e5844a8754fcc3369af7b287..b786c3083a2d636dc4004b5da87682450a3eeb5c 100644 (file)
--- a/src/crypto/tls/handshake_server.go
+++ b/src/crypto/tls/handshake_server.go
@@ -822,9 +822,9 @@ func (hs *serverHandshakeState) clientHelloInfo() *ClientHelloInfo {
                supportedVersions = suppVersArray[VersionTLS12-hs.clientHello.vers:]
        }
 
-       signatureSchemes := make([]uint16, 0, len(hs.clientHello.signatureAndHashes))
+       signatureSchemes := make([]SignatureScheme, 0, len(hs.clientHello.signatureAndHashes))
        for _, sah := range hs.clientHello.signatureAndHashes {
-               signatureSchemes = append(signatureSchemes, uint16(sah.hash)<<8+uint16(sah.signature))
+               signatureSchemes = append(signatureSchemes, SignatureScheme(sah.hash)<<8+SignatureScheme(sah.signature))
        }
 
        hs.cachedClientHelloInfo = &ClientHelloInfo{