MCPcopy
hub / github.com/XTLS/REALITY / legacyTypeAndHashFromPublicKey

Function legacyTypeAndHashFromPublicKey

auth.go:132–147  ·  view source on GitHub ↗

legacyTypeAndHashFromPublicKey returns the fixed signature type and crypto.Hash for a given public key used with TLS 1.0 and 1.1, before the introduction of signature algorithm negotiation.

(pub crypto.PublicKey)

Source from the content-addressed store, hash-verified

130// a given public key used with TLS 1.0 and 1.1, before the introduction of
131// signature algorithm negotiation.
132func legacyTypeAndHashFromPublicKey(pub crypto.PublicKey) (sigType uint8, hash crypto.Hash, err error) {
133 switch pub.(type) {
134 case *rsa.PublicKey:
135 return signaturePKCS1v15, crypto.MD5SHA1, nil
136 case *ecdsa.PublicKey:
137 return signatureECDSA, crypto.SHA1, nil
138 case ed25519.PublicKey:
139 // RFC 8422 specifies support for Ed25519 in TLS 1.0 and 1.1,
140 // but it requires holding on to a handshake transcript to do a
141 // full signature, and not even OpenSSL bothers with the
142 // complexity, so we can't even test it properly.
143 return 0, 0, fmt.Errorf("tls: Ed25519 public keys are not supported before TLS 1.2")
144 default:
145 return 0, 0, fmt.Errorf("tls: unsupported public key: %T", pub)
146 }
147}
148
149var rsaSignatureSchemes = []struct {
150 scheme SignatureScheme

Callers 4

doFullHandshakeMethod · 0.85
doFullHandshakeMethod · 0.85

Calls

no outgoing calls

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…