Class SignatureScheme

  extended by iaik.security.ssl.SignatureAndHashAlgorithm
      extended by iaik.security.ssl.SignatureScheme
All Implemented Interfaces:

public class SignatureScheme
extends SignatureAndHashAlgorithm

Implements the TLS 1.3 SignatureScheme structure as specified by RFC 8446.

Note that the TLS 1.3 SignatureScheme type replaces the TLS 1.2 the SignatureAndHashAlgorithm type. For compatibility reasons iSaSiLk can be used with both types, SignatureAndHashAlgorithm and SignatureScheme.

A TLS 1.3 client/server may use the SignatureScheme structure to announce the signature algorithms it is able to support to the peer. The client, for instance, may send a SignatureAlgorithms extension with the ClientHello extension list to tell the server which SignatureSchemes the client can process to, e.g., verify the server certificates or, e.g., sign the CertificateVerify message.
The server, for instance, will specify a list of expected SignatureSchemes when sending the CertificateRequest message.

Each SignatureScheme is specified as id consisting of two hex numbers: (see RFC 8446):

    enum {
         // RSASSA-PKCS1-v1_5 algorithms 

         // ECDSA algorithms 

         // RSASSA-PSS algorithms with public key OID rsaEncryption 

         // EdDSA algorithms 

         // RSASSA-PSS algorithms with public key OID RSASSA-PSS 

         // Legacy algorithms 

         // Reserved Code Points 
    } SignatureScheme;

    struct {
        SignatureScheme supported_signature_algorithms<2..2^16-2>;
    } SignatureSchemeList;
The following TLS 1.3 SignatureSchemes are supported by iSaSiLk: The following signature schemes are supported for compatibility reasons with TLS 1.2 but shall not used with TLS 1.3 anymore (and do not belong to the default algorithm set):

Note that the TLS 1.3 has deprecated all TLS 1.2 DSA based signature algorithms and all signature algorithms that use SHA-224 as hash algorithm. rsa_pkcs1_sha1 and ecdsa_sha1 are only maintained for interoperability reasons to existing applications using RSA/SHA-1 or ECDSA/SHA-1 certificates. They shall not be for signed TKS handshake messages anymore.
Furthermore the SignatureScheme usage differs somewhat from that of TLS 1.2 SignatureAndHashAlgorithm. Whereas TLS 1.2 ECDSA* signature algorithms may be used with any elliptic curve, TLS 1.3 ecdsa* signature schemes maybe used with the the specific elliptic curve they are explicitly specified for: ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha256 for the NIST curves secp256r1, secp384r1 and secp521r1, respectively.

See Also:
SignatureAlgorithms, SignatureSchemeList

Field Summary
static SignatureScheme ecdsa_secp256r1_sha256
          TLS 1.3 SignatureScheme "ecdsa_secp256r1_sha256" (id: 0x0403).
static SignatureScheme ecdsa_secp384r1_sha384
          TLS 1.3 SignatureScheme "ecdsa_secp384r1_sha384" (id: 0x0503).
static SignatureScheme ecdsa_secp521r1_sha512
          TLS 1.3 SignatureScheme "ecdsa_secp521r1_sha512" (id: 0x0603).
static SignatureScheme ecdsa_sha1
          TLS 1.3 Legacy SignatureScheme "ecdsa_sha1" (id: 0x0203).
static SignatureScheme ed25519
          TLS 1.3 SignatureScheme "ed25519" (id: 0x0807).
static SignatureScheme ed448
          TLS 1.3 SignatureScheme "ed448" (id: 0x0808).
static SignatureScheme rsa_pkcs1_sha1
          TLS 1.3 Legacy SignatureScheme "rsa_pkcs1_sha1" (id: 0x0201).
static SignatureScheme rsa_pkcs1_sha256
          TLS 1.3 SignatureScheme "rsa_pkcs1_sha256" (id: 0x0401).
static SignatureScheme rsa_pkcs1_sha384
          TLS 1.3 SignatureScheme "rsa_pkcs1_sha384" (id: 0x0501).
static SignatureScheme rsa_pkcs1_sha512
          TLS 1.3 SignatureScheme "rsa_pkcs1_sha512" (id: 0x0601).
static SignatureScheme rsa_pss_pss_sha256
          TLS 1.3 SignatureScheme "rsa_pss_pss_sha256" with public key OID RSASSA-PSS (id: 0x0809).
static SignatureScheme rsa_pss_pss_sha384
          TLS 1.3 SignatureScheme "rsa_pss_pss_sha384" with public key OID RSASSA-PSS (id: 0x080a).
static SignatureScheme rsa_pss_pss_sha512
          TLS 1.3 SignatureScheme "rsa_pss_pss_sha512" with public key OID RSASSA-PSS (id: 0x080b).
static SignatureScheme rsa_pss_rsae_sha256
          TLS 1.3 SignatureScheme "rsa_pss_rsae_sha256" with public key OID rsaEncryption (id: 0x0804).
static SignatureScheme rsa_pss_rsae_sha384
          TLS 1.3 SignatureScheme "rsa_pss_rsae_sha384" with public key OID rsaEncryption (id: 0x0805).
static SignatureScheme rsa_pss_rsae_sha512
          TLS 1.3 SignatureScheme "rsa_pss_rsae_sha512" with public key OID rsaEncryption (id: 0x0806).
Fields inherited from class iaik.security.ssl.SignatureAndHashAlgorithm
ED25519, ED448, MD5withRSA, SHA1withDSA, SHA1withECDSA, SHA1withRSA, SHA224withDSA, SHA224withECDSA, SHA224withRSA, SHA256withDSA, SHA256withECDSA, SHA256withRSA, SHA256withRSAPSS_PSS, SHA256withRSAPSS_RSAE, SHA384withDSA, SHA384withECDSA, SHA384withRSA, SHA384withRSAPSS_PSS, SHA384withRSAPSS_RSAE, SHA512withDSA, SHA512withECDSA, SHA512withRSA, SHA512withRSAPSS_PSS, SHA512withRSAPSS_RSAE
Method Summary
 java.lang.Object clone()
          Returns a clone of this SigAndHashAlgId.
 java.lang.String getSchemeName()
          Gets the name of this signature scheme in TLS 1.3 signature scheme syntax.
Methods inherited from class iaik.security.ssl.SignatureAndHashAlgorithm
equals, getId, getName, getVersion, hashCode, setVersion, toString, toString
Methods inherited from class java.lang.Object
finalize, getClass, notify, notifyAll, wait, wait, wait

Field Detail


public static final SignatureScheme rsa_pkcs1_sha1
TLS 1.3 Legacy SignatureScheme "rsa_pkcs1_sha1" (id: 0x0201). Same as SHA1withRSA.


public static final SignatureScheme rsa_pkcs1_sha256
TLS 1.3 SignatureScheme "rsa_pkcs1_sha256" (id: 0x0401). Same as SHA256withRSA.


public static final SignatureScheme rsa_pkcs1_sha384
TLS 1.3 SignatureScheme "rsa_pkcs1_sha384" (id: 0x0501). Same as SHA384withRSA.


public static final SignatureScheme rsa_pkcs1_sha512
TLS 1.3 SignatureScheme "rsa_pkcs1_sha512" (id: 0x0601). Same as SHA512withRSA.


public static final SignatureScheme rsa_pss_rsae_sha256
TLS 1.3 SignatureScheme "rsa_pss_rsae_sha256" with public key OID rsaEncryption (id: 0x0804). Same as SHA256withRSAPSS_RSAE.


public static final SignatureScheme rsa_pss_rsae_sha384
TLS 1.3 SignatureScheme "rsa_pss_rsae_sha384" with public key OID rsaEncryption (id: 0x0805). Same as SHA384withRSAPSS_RSAE.


public static final SignatureScheme rsa_pss_rsae_sha512
TLS 1.3 SignatureScheme "rsa_pss_rsae_sha512" with public key OID rsaEncryption (id: 0x0806). Same as SHA512withRSAPSS_RSAE.


public static final SignatureScheme rsa_pss_pss_sha256
TLS 1.3 SignatureScheme "rsa_pss_pss_sha256" with public key OID RSASSA-PSS (id: 0x0809). Same as SHA256withRSAPSS_PSS.


public static final SignatureScheme rsa_pss_pss_sha384
TLS 1.3 SignatureScheme "rsa_pss_pss_sha384" with public key OID RSASSA-PSS (id: 0x080a). Same as SHA384withRSAPSS_PSS.


public static final SignatureScheme rsa_pss_pss_sha512
TLS 1.3 SignatureScheme "rsa_pss_pss_sha512" with public key OID RSASSA-PSS (id: 0x080b). Same as SHA512withRSAPSS_PSS.


public static final SignatureScheme ecdsa_sha1
TLS 1.3 Legacy SignatureScheme "ecdsa_sha1" (id: 0x0203). Same as SHA1withECDSA.


public static final SignatureScheme ecdsa_secp256r1_sha256
TLS 1.3 SignatureScheme "ecdsa_secp256r1_sha256" (id: 0x0403). Same as SHA256withECDSA.


public static final SignatureScheme ecdsa_secp384r1_sha384
TLS 1.3 SignatureScheme "ecdsa_secp384r1_sha384" (id: 0x0503). Same as SHA384withECDSA.


public static final SignatureScheme ecdsa_secp521r1_sha512
TLS 1.3 SignatureScheme "ecdsa_secp521r1_sha512" (id: 0x0603). Same as SHA512withECDSA.


public static final SignatureScheme ed25519
TLS 1.3 SignatureScheme "ed25519" (id: 0x0807). Same as ED25519.


public static final SignatureScheme ed448
TLS 1.3 SignatureScheme "ed448" (id: 0x0808). Same as ED448.

Method Detail


public java.lang.String getSchemeName()
Gets the name of this signature scheme in TLS 1.3 signature scheme syntax.

the TLS 1.3 signature scheme name (e.g. "rsa_pkcs1_sha256" for "SHA256withRSA")


public java.lang.Object clone()
Returns a clone of this SigAndHashAlgId.

clone in class SignatureAndHashAlgorithm
a clone

This Javadoc may contain text parts from text parts from IETF Internet Standard specifications (see copyright note).

iSaSiLk 6.0, (c) 2002 IAIK, (c) 2003 - 2015 SIC