MCPcopy
hub / github.com/XTLS/REALITY / supportedSignatureAlgorithms

Function supportedSignatureAlgorithms

common.go:1724–1738  ·  view source on GitHub ↗

supportedSignatureAlgorithms returns the supported signature algorithms for the given minimum TLS version, to advertise in ClientHello and CertificateRequest messages.

(minVers uint16)

Source from the content-addressed store, hash-verified

1722// the given minimum TLS version, to advertise in ClientHello and
1723// CertificateRequest messages.
1724func supportedSignatureAlgorithms(minVers uint16) []SignatureScheme {
1725 sigAlgs := defaultSupportedSignatureAlgorithms()
1726 if fips140tls.Required() {
1727 sigAlgs = slices.DeleteFunc(sigAlgs, func(s SignatureScheme) bool {
1728 return !slices.Contains(allowedSignatureAlgorithmsFIPS, s)
1729 })
1730 }
1731 if minVers > VersionTLS12 {
1732 sigAlgs = slices.DeleteFunc(sigAlgs, func(s SignatureScheme) bool {
1733 sigType, sigHash, _ := typeAndHashFromSignatureScheme(s)
1734 return sigType == signaturePKCS1v15 || sigHash == crypto.SHA1
1735 })
1736 }
1737 return sigAlgs
1738}
1739
1740// supportedSignatureAlgorithmsCert returns the supported algorithms for
1741// signatures in certificates.

Callers 6

makeClientHelloMethod · 0.85
readServerCertificateMethod · 0.85
sendServerCertificateMethod · 0.85
readClientCertificateMethod · 0.85
doFullHandshakeMethod · 0.85

Calls 3

RequiredFunction · 0.92

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…