MCPcopy
hub / github.com/XTLS/REALITY / certificateRequestInfoFromMsg

Function certificateRequestInfoFromMsg

handshake_client.go:1207–1269  ·  view source on GitHub ↗

certificateRequestInfoFromMsg generates a CertificateRequestInfo from a TLS <= 1.2 CertificateRequest, making an effort to fill in missing information.

(ctx context.Context, vers uint16, certReq *certificateRequestMsg)

Source from the content-addressed store, hash-verified

1205// certificateRequestInfoFromMsg generates a CertificateRequestInfo from a TLS
1206// <= 1.2 CertificateRequest, making an effort to fill in missing information.
1207func certificateRequestInfoFromMsg(ctx context.Context, vers uint16, certReq *certificateRequestMsg) *CertificateRequestInfo {
1208 cri := &CertificateRequestInfo{
1209 AcceptableCAs: certReq.certificateAuthorities,
1210 Version: vers,
1211 ctx: ctx,
1212 }
1213
1214 var rsaAvail, ecAvail bool
1215 for _, certType := range certReq.certificateTypes {
1216 switch certType {
1217 case certTypeRSASign:
1218 rsaAvail = true
1219 case certTypeECDSASign:
1220 ecAvail = true
1221 }
1222 }
1223
1224 if !certReq.hasSignatureAlgorithm {
1225 // Prior to TLS 1.2, signature schemes did not exist. In this case we
1226 // make up a list based on the acceptable certificate types, to help
1227 // GetClientCertificate and SupportsCertificate select the right certificate.
1228 // The hash part of the SignatureScheme is a lie here, because
1229 // TLS 1.0 and 1.1 always use MD5+SHA1 for RSA and SHA1 for ECDSA.
1230 switch {
1231 case rsaAvail && ecAvail:
1232 cri.SignatureSchemes = []SignatureScheme{
1233 ECDSAWithP256AndSHA256, ECDSAWithP384AndSHA384, ECDSAWithP521AndSHA512,
1234 PKCS1WithSHA256, PKCS1WithSHA384, PKCS1WithSHA512, PKCS1WithSHA1,
1235 }
1236 case rsaAvail:
1237 cri.SignatureSchemes = []SignatureScheme{
1238 PKCS1WithSHA256, PKCS1WithSHA384, PKCS1WithSHA512, PKCS1WithSHA1,
1239 }
1240 case ecAvail:
1241 cri.SignatureSchemes = []SignatureScheme{
1242 ECDSAWithP256AndSHA256, ECDSAWithP384AndSHA384, ECDSAWithP521AndSHA512,
1243 }
1244 }
1245 return cri
1246 }
1247
1248 // Filter the signature schemes based on the certificate types.
1249 // See RFC 5246, Section 7.4.4 (where it calls this "somewhat complicated").
1250 cri.SignatureSchemes = make([]SignatureScheme, 0, len(certReq.supportedSignatureAlgorithms))
1251 for _, sigScheme := range certReq.supportedSignatureAlgorithms {
1252 sigType, _, err := typeAndHashFromSignatureScheme(sigScheme)
1253 if err != nil {
1254 continue
1255 }
1256 switch sigType {
1257 case signatureECDSA, signatureEd25519:
1258 if ecAvail {
1259 cri.SignatureSchemes = append(cri.SignatureSchemes, sigScheme)
1260 }
1261 case signatureRSAPSS, signaturePKCS1v15:
1262 if rsaAvail {
1263 cri.SignatureSchemes = append(cri.SignatureSchemes, sigScheme)
1264 }

Callers 1

doFullHandshakeMethod · 0.85

Calls 1

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…