iaik.security.ssl
Class SignatureScheme

java.lang.Object
  extended by iaik.security.ssl.SignatureAndHashAlgorithm
      extended by iaik.security.ssl.SignatureScheme
All Implemented Interfaces:
java.lang.Cloneable

public class SignatureScheme
extends SignatureAndHashAlgorithm

Implements the TLS 1.3 SignatureScheme structure as specified by RFC 8446.

Note that the TLS 1.3 SignatureScheme type replaces the TLS 1.2 the SignatureAndHashAlgorithm type. For compatibility reasons iSaSiLk can be used with both types, SignatureAndHashAlgorithm and SignatureScheme.

A TLS 1.3 client/server may use the SignatureScheme structure to announce the signature algorithms it is able to support to the peer. The client, for instance, may send a SignatureAlgorithms extension with the ClientHello extension list to tell the server which SignatureSchemes the client can process to, e.g., verify the server certificates or, e.g., sign the CertificateVerify message.
The server, for instance, will specify a list of expected SignatureSchemes when sending the CertificateRequest message.

Each SignatureScheme is specified as id consisting of two hex numbers: (see RFC 8446):

    enum {
         // RSASSA-PKCS1-v1_5 algorithms 
         rsa_pkcs1_sha256(0x0401),
         rsa_pkcs1_sha384(0x0501),
         rsa_pkcs1_sha512(0x0601),

         // ECDSA algorithms 
         ecdsa_secp256r1_sha256(0x0403),
         ecdsa_secp384r1_sha384(0x0503),
         ecdsa_secp521r1_sha512(0x0603),

         // RSASSA-PSS algorithms with public key OID rsaEncryption 
         rsa_pss_rsae_sha256(0x0804),
         rsa_pss_rsae_sha384(0x0805),
         rsa_pss_rsae_sha512(0x0806),

         // EdDSA algorithms 
         ed25519(0x0807),
         ed448(0x0808),

         // RSASSA-PSS algorithms with public key OID RSASSA-PSS 
         rsa_pss_pss_sha256(0x0809),
         rsa_pss_pss_sha384(0x080a),
         rsa_pss_pss_sha512(0x080b),

         // Legacy algorithms 
         rsa_pkcs1_sha1(0x0201),
         ecdsa_sha1(0x0203),

         // Reserved Code Points 
         private_use(0xFE00..0xFFFF),
         (0xFFFF)
         
    } SignatureScheme;

    struct {
        SignatureScheme supported_signature_algorithms<2..2^16-2>;
    } SignatureSchemeList;
 
The following TLS 1.3 SignatureSchemes are supported by iSaSiLk: The following signature schemes are supported for compatibility reasons with TLS 1.2 but shall not used with TLS 1.3 anymore

Note that the TLS 1.3 has deprecated all TLS 1.2 DSA based signature algorithms and all signature algorithms that use SHA-224 as hash algorithm. rsa_pkcs1_sha1 and ecdsa_sha1 are only maintained for interoperability reasons to existing applications using RSA/SHA-1 or ECDSA/SHA-1 certificates. They shall not be for signed TKS handshake messages anymore.
Furthermore the SignatureScheme usage differs somewhat from that of TLS 1.2 SignatureAndHashAlgorithm. Whereas TLS 1.2 ECDSA* signature algorithms may be used with any elliptic curve, TLS 1.3 ecdsa* signature schemes maybe used with the the specific elliptic curve they are explicitly specified for: ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha256 for the NIST curves secp256r1, secp384r1 and secp521r1, respectively.

See Also:
SignatureAlgorithms, SignatureSchemeList

Field Summary
static SignatureScheme ecdsa_secp256r1_sha256
          TLS 1.3 SignatureScheme "ecdsa_secp256r1_sha256" (id: 0x0403).
static SignatureScheme ecdsa_secp384r1_sha384
          TLS 1.3 SignatureScheme "ecdsa_secp384r1_sha384" (id: 0x0503).
static SignatureScheme ecdsa_secp521r1_sha512
          TLS 1.3 SignatureScheme "ecdsa_secp521r1_sha512" (id: 0x0603).
static SignatureScheme ecdsa_sha1
          TLS 1.3 Legacy SignatureScheme "ecdsa_sha1" (id: 0x0203).
static SignatureScheme ed25519
          TLS 1.3 SignatureScheme "ed25519" (id: 0x0807).
static SignatureScheme ed448
          TLS 1.3 SignatureScheme "ed448" (id: 0x0808).
static SignatureScheme rsa_pkcs1_sha1
          TLS 1.3 Legacy SignatureScheme "rsa_pkcs1_sha1" (id: 0x0201).
static SignatureScheme rsa_pkcs1_sha256
          TLS 1.3 SignatureScheme "rsa_pkcs1_sha256" (id: 0x0401).
static SignatureScheme rsa_pkcs1_sha384
          TLS 1.3 SignatureScheme "rsa_pkcs1_sha384" (id: 0x0501).
static SignatureScheme rsa_pkcs1_sha512
          TLS 1.3 SignatureScheme "rsa_pkcs1_sha512" (id: 0x0601).
static SignatureScheme rsa_pss_pss_sha256
          TLS 1.3 SignatureScheme "rsa_pss_pss_sha256" with public key OID RSASSA-PSS (id: 0x0809).
static SignatureScheme rsa_pss_pss_sha384
          TLS 1.3 SignatureScheme "rsa_pss_pss_sha384" with public key OID RSASSA-PSS (id: 0x080a).
static SignatureScheme rsa_pss_pss_sha512
          TLS 1.3 SignatureScheme "rsa_pss_pss_sha512" with public key OID RSASSA-PSS (id: 0x080b).
static SignatureScheme rsa_pss_rsae_sha256
          TLS 1.3 SignatureScheme "rsa_pss_rsae_sha256" with public key OID rsaEncryption (id: 0x0804).
static SignatureScheme rsa_pss_rsae_sha384
          TLS 1.3 SignatureScheme "rsa_pss_rsae_sha384" with public key OID rsaEncryption (id: 0x0805).
static SignatureScheme rsa_pss_rsae_sha512
          TLS 1.3 SignatureScheme "rsa_pss_rsae_sha512" with public key OID rsaEncryption (id: 0x0806).
 
Fields inherited from class iaik.security.ssl.SignatureAndHashAlgorithm
ED25519, ED448, MD5withRSA, SHA1withDSA, SHA1withECDSA, SHA1withRSA, SHA224withDSA, SHA224withECDSA, SHA224withRSA, SHA256withDSA, SHA256withECDSA, SHA256withRSA, SHA256withRSAPSS_PSS, SHA256withRSAPSS_RSAE, SHA384withDSA, SHA384withECDSA, SHA384withRSA, SHA384withRSAPSS_PSS, SHA384withRSAPSS_RSAE, SHA512withDSA, SHA512withECDSA, SHA512withRSA, SHA512withRSAPSS_PSS, SHA512withRSAPSS_RSAE
 
Method Summary
 java.lang.Object clone()
          Returns a clone of this SigAndHashAlgId.
 java.lang.String getSchemeName()
          Gets the name of this signature scheme in TLS 1.3 signature scheme syntax.
 
Methods inherited from class iaik.security.ssl.SignatureAndHashAlgorithm
equals, getId, getName, hashCode, toString, toString
 
Methods inherited from class java.lang.Object
finalize, getClass, notify, notifyAll, wait, wait, wait
 

Field Detail

rsa_pkcs1_sha1

public static final SignatureScheme rsa_pkcs1_sha1
TLS 1.3 Legacy SignatureScheme "rsa_pkcs1_sha1" (id: 0x0201). Same as SHA1withRSA.


rsa_pkcs1_sha256

public static final SignatureScheme rsa_pkcs1_sha256
TLS 1.3 SignatureScheme "rsa_pkcs1_sha256" (id: 0x0401). Same as SHA256withRSA.


rsa_pkcs1_sha384

public static final SignatureScheme rsa_pkcs1_sha384
TLS 1.3 SignatureScheme "rsa_pkcs1_sha384" (id: 0x0501). Same as SHA384withRSA.


rsa_pkcs1_sha512

public static final SignatureScheme rsa_pkcs1_sha512
TLS 1.3 SignatureScheme "rsa_pkcs1_sha512" (id: 0x0601). Same as SHA512withRSA.


rsa_pss_rsae_sha256

public static final SignatureScheme rsa_pss_rsae_sha256
TLS 1.3 SignatureScheme "rsa_pss_rsae_sha256" with public key OID rsaEncryption (id: 0x0804). Same as SHA256withRSAPSS_RSAE.


rsa_pss_rsae_sha384

public static final SignatureScheme rsa_pss_rsae_sha384
TLS 1.3 SignatureScheme "rsa_pss_rsae_sha384" with public key OID rsaEncryption (id: 0x0805). Same as SHA384withRSAPSS_RSAE.


rsa_pss_rsae_sha512

public static final SignatureScheme rsa_pss_rsae_sha512
TLS 1.3 SignatureScheme "rsa_pss_rsae_sha512" with public key OID rsaEncryption (id: 0x0806). Same as SHA512withRSAPSS_RSAE.


rsa_pss_pss_sha256

public static final SignatureScheme rsa_pss_pss_sha256
TLS 1.3 SignatureScheme "rsa_pss_pss_sha256" with public key OID RSASSA-PSS (id: 0x0809). Same as SHA256withRSAPSS_PSS.


rsa_pss_pss_sha384

public static final SignatureScheme rsa_pss_pss_sha384
TLS 1.3 SignatureScheme "rsa_pss_pss_sha384" with public key OID RSASSA-PSS (id: 0x080a). Same as SHA384withRSAPSS_PSS.


rsa_pss_pss_sha512

public static final SignatureScheme rsa_pss_pss_sha512
TLS 1.3 SignatureScheme "rsa_pss_pss_sha512" with public key OID RSASSA-PSS (id: 0x080b). Same as SHA512withRSAPSS_PSS.


ecdsa_sha1

public static final SignatureScheme ecdsa_sha1
TLS 1.3 Legacy SignatureScheme "ecdsa_sha1" (id: 0x0203). Same as SHA1withECDSA.


ecdsa_secp256r1_sha256

public static final SignatureScheme ecdsa_secp256r1_sha256
TLS 1.3 SignatureScheme "ecdsa_secp256r1_sha256" (id: 0x0403). Same as SHA256withECDSA.


ecdsa_secp384r1_sha384

public static final SignatureScheme ecdsa_secp384r1_sha384
TLS 1.3 SignatureScheme "ecdsa_secp384r1_sha384" (id: 0x0503). Same as SHA384withECDSA.


ecdsa_secp521r1_sha512

public static final SignatureScheme ecdsa_secp521r1_sha512
TLS 1.3 SignatureScheme "ecdsa_secp521r1_sha512" (id: 0x0603). Same as SHA512withECDSA.


ed25519

public static final SignatureScheme ed25519
TLS 1.3 SignatureScheme "ed25519" (id: 0x0807). Same as ED25519.


ed448

public static final SignatureScheme ed448
TLS 1.3 SignatureScheme "ed448" (id: 0x0808). Same as ED448.

Method Detail

getSchemeName

public java.lang.String getSchemeName()
Gets the name of this signature scheme in TLS 1.3 signature scheme syntax.

Returns:
the TLS 1.3 signature scheme name (e.g. "rsa_pkcs1_sha256" for "SHA256withRSA")

clone

public java.lang.Object clone()
Returns a clone of this SigAndHashAlgId.

Overrides:
clone in class SignatureAndHashAlgorithm
Returns:
a clone

This Javadoc may contain text parts from text parts from IETF Internet Standard specifications (see copyright note).

iSaSiLk 6.0, (c) 2002 IAIK, (c) 2003 - 2015 SIC