iaik.security.ssl

Class SignatureAlgorithmsCert

java.lang.Object

iaik.security.ssl.Extension

iaik.security.ssl.SignatureAlgorithms

iaik.security.ssl.SignatureAlgorithmsCert

All Implemented Interfaces:

java.lang.Cloneable

public class SignatureAlgorithmsCert
extends SignatureAlgorithms
implements java.lang.Cloneable

This class implements the signature_algorithms_cert extension RFC 8446.

Although the SignatureAlgorithmsCert extension is specified for TLS 1.3 (RFC 8446) it may also be used for TLS 1.2. The SignatureAlgorithmsCert extension is intended to be used if different sets of signature algorithms/schemes shall be used for certificate signatures and signatures used within TLS handshake messages (e.g. ServerKeyExchange, CertficateVerify).

A TLS client may send a SignatureAlgorithmsCert extension with the ClientHello extension list to tell the server which signature algorithms the client can process to verify certificate signatures. In TLS 1.3 the server may include a SignatureAlgorithmsCert extension within the CertificateRequest message to tell the client which signature algorithms may be used for the client certificate.
The SignatureAlgorithmsCert extension has the same structure as the SignatureAlgorithms extension (see RFC 8446):

    enum {
         // RSASSA-PKCS1-v1_5 algorithms 
         rsa_pkcs1_sha256(0x0401),
         rsa_pkcs1_sha384(0x0501),
         rsa_pkcs1_sha512(0x0601),

         // ECDSA algorithms 
         ecdsa_secp256r1_sha256(0x0403),
         ecdsa_secp384r1_sha384(0x0503),
         ecdsa_secp521r1_sha512(0x0603),

         // RSASSA-PSS algorithms with public key OID rsaEncryption 
         rsa_pss_rsae_sha256(0x0804),
         rsa_pss_rsae_sha384(0x0805),
         rsa_pss_rsae_sha512(0x0806),

         // EdDSA algorithms 
         ed25519(0x0807),
         ed448(0x0808),

         // RSASSA-PSS algorithms with public key OID RSASSA-PSS 
         rsa_pss_pss_sha256(0x0809),
         rsa_pss_pss_sha384(0x080a),
         rsa_pss_pss_sha512(0x080b),

         // Legacy algorithms 
         rsa_pkcs1_sha1(0x0201),
         ecdsa_sha1(0x0203),

         // Reserved Code Points 
         private_use(0xFE00..0xFFFF),
         (0xFFFF)
         
    } SignatureScheme;

    struct {
        SignatureScheme supported_signature_algorithms<2..2^16-2>;
    } SignatureSchemeList;
 

An application that wants to use the signature_algorithms_cert extension may create it for the list of algorithms it wants be use for certificate signatures. If you, for instance, only want to use the SHA512withRSA, SHA512withECDSA algorithms for certificate signatures you may create a SignatureAlgorithmsCert extension with these two SignatureScheme elements:

 SignatureScheme[] signatureSchemes = {
   SignatureScheme.rsa_pkcs1_sha256,
   SignatureScheme.ecsa_secp256r1_sha256
 };
 SignatureAlgorithmsCert signatureAlgorithms = 
   new SignatureAlgorithmsCert(new SignatureSchemeList(signatureSchemes));
 // add to ExtensionList
 ExtensionList extensions = new ExtensionList();
 ...
 extensions.addExtension(signatureAlgorithmsCert);
 ...
 // set extensions for the SSLContext configuration:
 SSLContext context = ...;
 // SignatureAlgorithmsCert only meaningful since TLS 1.2
 context.setAllowedProtocolVersions(SSLContext.VERSION_TLS12, SSLContext.VERSION_TLS13); 
 ...
 context.setExtensions(extensions);
 ...
 

When setting the SignatureAlgorithmsCert extension to critical iSaSiLk checks if the certificates sent from the peer are actually signed with any of the suggested algorithm(s) (except for (self-signed) trust anchors that are out of scope of certificate validation).

Version:

File Revision 31

See Also:

Extension, SignatureScheme, SignatureSchemeList, SignatureAndHashAlgorithm, SignatureAndHashAlgorithmList, SignatureAlgorithms

Field Summary

Fields

Modifier and Type	Field and Description
static ExtensionType	TYPE The type (50) of the signature_algorithms extension.

Constructor Summary

Constructors

Constructor and Description
SignatureAlgorithmsCert() Default constructor.
SignatureAlgorithmsCert(SignatureAndHashAlgorithmList supportedAlgorithms) Creates a SignatureAlgorithmsCert extension from the given list of supported signature algorithms.
SignatureAlgorithmsCert(SignatureSchemeList supportedSignatureSchems) Creates a SignatureAlgorithmsCert extension from the given list of supported signature schemes.

Method Summary

Modifier and Type	Method and Description
java.lang.Object	clone() Returns a clone of this SignatureAlgorithmsCert extension.
boolean	equals(java.lang.Object obj) Checks if this SignatureAlgorithmsCert extension is equal to the given object.
SignatureAndHashAlgorithmList	getSupportedAlgorithms() Gets the supported signature algorithms included in this signature algorithms extension.
SignatureSchemeList	getSupportedSignatureSchemes() Gets the supported signature schemes included in this signature algorithms extension.

Methods inherited from class iaik.security.ssl.SignatureAlgorithms

clone, hashCode, setIgnorePeerPreferenceOrder, toString

Methods inherited from class iaik.security.ssl.Extension

getAllowedProtocolVersions, getExtensionType, getName, getType, setCritical

Methods inherited from class java.lang.Object

finalize, getClass, notify, notifyAll, wait, wait, wait

Field Detail

TYPE

public static final ExtensionType TYPE

The type (50) of the signature_algorithms extension.

Constructor Detail

SignatureAlgorithmsCert

public SignatureAlgorithmsCert()

Default constructor. Creates a new SignatureAlgorithmsCert extension with the default algorithm set.

SignatureAlgorithmsCert

public SignatureAlgorithmsCert(SignatureAndHashAlgorithmList supportedAlgorithms)

Creates a SignatureAlgorithmsCert extension from the given list of supported signature algorithms.
This constructor may be used to specify the supported signature algorithms, e.g.:

 SignatureAndHashAlgorithm[] algorithms = {
   SignatureAndHashAlgorithm.SHA256withRSA,
   SignatureAndHashAlgorithm.SHA256withECDSA
 };
 SignatureAlgorithmsCert signatureAlgorithmsCert = 
   new SignatureAlgorithmsCert(new SignatureAndHashAlgorithmList(algorithms));
 // add to ExtensionList
 ExtensionList extensions = new ExtensionList();
 ...
 extensions.addExtension(signatureAlgorithmsCert);
 ...
 // set extensions for the SSLContext configuration:
 SSLContext context = ...;
 // SignatureAlgorithms only meaningful since TLS 1.2
 context.setAllowedProtocolVersions(SSLContext.VERSION_TLS12, SSLContext.VERSION_TLS13); 
 ...
 context.setExtensions(extensions);
 ...
 

Parameters:

supportedAlgorithms - the supported signature algorithms to be used

Throws:

java.lang.IllegalArgumentException - if the given algorithm list is null or empty

See Also:

(TLS 1.3 interoperability; TLS 1.3 uses the term "SignatureSchemeList")

SignatureAlgorithmsCert

public SignatureAlgorithmsCert(SignatureSchemeList supportedSignatureSchems)

Creates a SignatureAlgorithmsCert extension from the given list of supported signature schemes.
This constructor maybe used to specify the supported signature schemes, e.g.:

 SignatureScheme[] signatureSchemes = {
   SignatureScheme.rsa_pkcs1_sha256,
   SignatureScheme.ecdsa_secp256r1_sha256
 };
 SignatureAlgorithmsCert signatureAlgorithmsCert = 
   new SignatureAlgorithmsCert(new SignatureSchemeList(signatureSchemes));
 // add to ExtensionList
 ExtensionList extensions = new ExtensionList();
 ...
 extensions.addExtension(signatureAlgorithmsCert);
 ...
 // set extensions for the SSLContext configuration:
 SSLContext context = ...;
 // SignatureAlgorithms only meaningful since TLS 1.2
 context.setAllowedProtocolVersions(SSLContext.VERSION_TLS12, SSLContext.VERSION_TLS13); 
 ...
 context.setExtensions(extensions);
 ...
 

Parameters:

supportedSignatureSchems - the supported signature algorithms to be used

Throws:

java.lang.IllegalArgumentException - if the given algorithm list is null or empty

See Also:

(TLS 1.2 interoperability; TLS 1.2 uses the term "SignatureAndHashAlgorithmList")

Method Detail

equals

public boolean equals(java.lang.Object obj)

Checks if this SignatureAlgorithmsCert extension is equal to the given object.

Two SignatureAlgorithmsCert extensions are treated as equal if they contain the same signature algorithm / scheme objects (same number and same order). The critical value is not checked by this method.

Overrides:

equals in class SignatureAlgorithms

Returns:

true if this SignatureAlgorithmsCert extension is equal to the given object, false if it is not equal to it

getSupportedAlgorithms

public SignatureAndHashAlgorithmList getSupportedAlgorithms()

Gets the supported signature algorithms included in this signature algorithms extension.

Overrides:

getSupportedAlgorithms in class SignatureAlgorithms

Returns:

the supported signature algorithms as list of SignatureAndHashAlgorithm

See Also:

(TLS 1.3 interoperability; TLS 1.3 uses the term "SignatureScheme")

getSupportedSignatureSchemes

public SignatureSchemeList getSupportedSignatureSchemes()

Gets the supported signature schemes included in this signature algorithms extension.

Overrides:

getSupportedSignatureSchemes in class SignatureAlgorithms

Returns:

the supported signature schemes as list of SignatureScheme

See Also:

(TLS 1.2 interoperability; TLS 1.2 uses the term "SignatureAndHashAlgorithm")

clone

public java.lang.Object clone()

Returns a clone of this SignatureAlgorithmsCert extension.

Overrides:

clone in class SignatureAlgorithms

Returns:

a clone of this SignatureAlgorithmsCert extension