certificateRequestInfoFromMsg generates a CertificateRequestInfo from a TLS <= 1.2 CertificateRequest, making an effort to fill in missing information.
(ctx context.Context, vers uint16, certReq *certificateRequestMsg)
| 1205 | // certificateRequestInfoFromMsg generates a CertificateRequestInfo from a TLS |
| 1206 | // <= 1.2 CertificateRequest, making an effort to fill in missing information. |
| 1207 | func certificateRequestInfoFromMsg(ctx context.Context, vers uint16, certReq *certificateRequestMsg) *CertificateRequestInfo { |
| 1208 | cri := &CertificateRequestInfo{ |
| 1209 | AcceptableCAs: certReq.certificateAuthorities, |
| 1210 | Version: vers, |
| 1211 | ctx: ctx, |
| 1212 | } |
| 1213 | |
| 1214 | var rsaAvail, ecAvail bool |
| 1215 | for _, certType := range certReq.certificateTypes { |
| 1216 | switch certType { |
| 1217 | case certTypeRSASign: |
| 1218 | rsaAvail = true |
| 1219 | case certTypeECDSASign: |
| 1220 | ecAvail = true |
| 1221 | } |
| 1222 | } |
| 1223 | |
| 1224 | if !certReq.hasSignatureAlgorithm { |
| 1225 | // Prior to TLS 1.2, signature schemes did not exist. In this case we |
| 1226 | // make up a list based on the acceptable certificate types, to help |
| 1227 | // GetClientCertificate and SupportsCertificate select the right certificate. |
| 1228 | // The hash part of the SignatureScheme is a lie here, because |
| 1229 | // TLS 1.0 and 1.1 always use MD5+SHA1 for RSA and SHA1 for ECDSA. |
| 1230 | switch { |
| 1231 | case rsaAvail && ecAvail: |
| 1232 | cri.SignatureSchemes = []SignatureScheme{ |
| 1233 | ECDSAWithP256AndSHA256, ECDSAWithP384AndSHA384, ECDSAWithP521AndSHA512, |
| 1234 | PKCS1WithSHA256, PKCS1WithSHA384, PKCS1WithSHA512, PKCS1WithSHA1, |
| 1235 | } |
| 1236 | case rsaAvail: |
| 1237 | cri.SignatureSchemes = []SignatureScheme{ |
| 1238 | PKCS1WithSHA256, PKCS1WithSHA384, PKCS1WithSHA512, PKCS1WithSHA1, |
| 1239 | } |
| 1240 | case ecAvail: |
| 1241 | cri.SignatureSchemes = []SignatureScheme{ |
| 1242 | ECDSAWithP256AndSHA256, ECDSAWithP384AndSHA384, ECDSAWithP521AndSHA512, |
| 1243 | } |
| 1244 | } |
| 1245 | return cri |
| 1246 | } |
| 1247 | |
| 1248 | // Filter the signature schemes based on the certificate types. |
| 1249 | // See RFC 5246, Section 7.4.4 (where it calls this "somewhat complicated"). |
| 1250 | cri.SignatureSchemes = make([]SignatureScheme, 0, len(certReq.supportedSignatureAlgorithms)) |
| 1251 | for _, sigScheme := range certReq.supportedSignatureAlgorithms { |
| 1252 | sigType, _, err := typeAndHashFromSignatureScheme(sigScheme) |
| 1253 | if err != nil { |
| 1254 | continue |
| 1255 | } |
| 1256 | switch sigType { |
| 1257 | case signatureECDSA, signatureEd25519: |
| 1258 | if ecAvail { |
| 1259 | cri.SignatureSchemes = append(cri.SignatureSchemes, sigScheme) |
| 1260 | } |
| 1261 | case signatureRSAPSS, signaturePKCS1v15: |
| 1262 | if rsaAvail { |
| 1263 | cri.SignatureSchemes = append(cri.SignatureSchemes, sigScheme) |
| 1264 | } |
no test coverage detected
searching dependent graphs…