MCPcopy
hub / github.com/XTLS/REALITY / selectSignatureScheme

Function selectSignatureScheme

auth.go:234–257  ·  view source on GitHub ↗

selectSignatureScheme picks a SignatureScheme from the peer's preference list that works with the selected certificate. It's only called for protocol versions that support signature algorithms, so TLS 1.2 and 1.3.

(vers uint16, c *Certificate, peerAlgs []SignatureScheme)

Source from the content-addressed store, hash-verified

232// that works with the selected certificate. It's only called for protocol
233// versions that support signature algorithms, so TLS 1.2 and 1.3.
234func selectSignatureScheme(vers uint16, c *Certificate, peerAlgs []SignatureScheme) (SignatureScheme, error) {
235 supportedAlgs := signatureSchemesForCertificate(vers, c)
236 if len(supportedAlgs) == 0 {
237 return 0, unsupportedCertificateError(c)
238 }
239 if len(peerAlgs) == 0 && vers == VersionTLS12 {
240 // For TLS 1.2, if the client didn't send signature_algorithms then we
241 // can assume that it supports SHA1. See RFC 5246, Section 7.4.1.4.1.
242 // RFC 9155 made signature_algorithms mandatory in TLS 1.2, and we gated
243 // it behind the tlssha1 GODEBUG setting.
244 // if tlssha1.Value() != "1" {
245 return 0, errors.New("tls: missing signature_algorithms from TLS 1.2 peer")
246 // }
247 // peerAlgs = []SignatureScheme{PKCS1WithSHA1, ECDSAWithSHA1}
248 }
249 // Pick signature scheme in the peer's preference order, as our
250 // preference order is not configurable.
251 for _, preferredAlg := range peerAlgs {
252 if isSupportedSignatureAlgorithm(preferredAlg, supportedAlgs) {
253 return preferredAlg, nil
254 }
255 }
256 return 0, errors.New("tls: peer doesn't support any of the certificate's signature algorithms")
257}
258
259// unsupportedCertificateError returns a helpful error for certificates with
260// an unsupported private key.

Callers 6

SupportsCertificateMethod · 0.85
SupportsCertificateMethod · 0.85
doFullHandshakeMethod · 0.85
sendClientCertificateMethod · 0.85
pickCertificateMethod · 0.85

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…