embedded_tls/extensions/extension_data/
signature_algorithms.rs

1use crate::{
2    TlsError,
3    buffer::CryptoBuffer,
4    parse_buffer::{ParseBuffer, ParseError},
5};
6
7use heapless::Vec;
8
9#[derive(Debug, Clone, Copy, PartialEq)]
10#[cfg_attr(feature = "defmt", derive(defmt::Format))]
11pub enum SignatureScheme {
12    /* RSASSA-PKCS1-v1_5 algorithms */
13    RsaPkcs1Sha256,
14    RsaPkcs1Sha384,
15    RsaPkcs1Sha512,
16
17    /* ECDSA algorithms */
18    EcdsaSecp256r1Sha256,
19    EcdsaSecp384r1Sha384,
20    EcdsaSecp521r1Sha512,
21
22    /* RSASSA-PSS algorithms with public key OID rsaEncryption */
23    RsaPssRsaeSha256,
24    RsaPssRsaeSha384,
25    RsaPssRsaeSha512,
26
27    /* EdDSA algorithms */
28    Ed25519,
29    Ed448,
30
31    /* RSASSA-PSS algorithms with public key OID RSASSA-PSS */
32    RsaPssPssSha256,
33    RsaPssPssSha384,
34    RsaPssPssSha512,
35
36    Sha224Ecdsa,
37    Sha224Rsa,
38    Sha224Dsa,
39
40    /* Legacy algorithms */
41    RsaPkcs1Sha1,
42    EcdsaSha1,
43
44    /* Brainpool */
45    Sha256BrainpoolP256r1,
46    Sha384BrainpoolP384r1,
47    Sha512BrainpoolP512r1,
48
49    /* ML-DSA */
50    MlDsa44,
51    MlDsa65,
52    MlDsa87,
53    /* Reserved Code Points */
54    //private_use(0xFE00..0xFFFF),
55    //(0xFFFF)
56}
57
58impl SignatureScheme {
59    pub fn parse(buf: &mut ParseBuffer) -> Result<Self, ParseError> {
60        match buf.read_u16()? {
61            0x0401 => Ok(Self::RsaPkcs1Sha256),
62            0x0501 => Ok(Self::RsaPkcs1Sha384),
63            0x0601 => Ok(Self::RsaPkcs1Sha512),
64
65            0x0403 => Ok(Self::EcdsaSecp256r1Sha256),
66            0x0503 => Ok(Self::EcdsaSecp384r1Sha384),
67            0x0603 => Ok(Self::EcdsaSecp521r1Sha512),
68
69            0x0804 => Ok(Self::RsaPssRsaeSha256),
70            0x0805 => Ok(Self::RsaPssRsaeSha384),
71            0x0806 => Ok(Self::RsaPssRsaeSha512),
72
73            0x0807 => Ok(Self::Ed25519),
74            0x0808 => Ok(Self::Ed448),
75
76            0x0809 => Ok(Self::RsaPssPssSha256),
77            0x080a => Ok(Self::RsaPssPssSha384),
78            0x080b => Ok(Self::RsaPssPssSha512),
79
80            0x0303 => Ok(Self::Sha224Ecdsa),
81            0x0301 => Ok(Self::Sha224Rsa),
82            0x0302 => Ok(Self::Sha224Dsa),
83
84            0x0201 => Ok(Self::RsaPkcs1Sha1),
85            0x0203 => Ok(Self::EcdsaSha1),
86
87            0x081A => Ok(Self::Sha256BrainpoolP256r1),
88            0x081B => Ok(Self::Sha384BrainpoolP384r1),
89            0x081C => Ok(Self::Sha512BrainpoolP512r1),
90
91            0x0904 => Ok(Self::MlDsa44),
92            0x0905 => Ok(Self::MlDsa65),
93            0x0906 => Ok(Self::MlDsa87),
94
95            _ => Err(ParseError::InvalidData),
96        }
97    }
98
99    #[must_use]
100    pub fn as_u16(self) -> u16 {
101        match self {
102            Self::RsaPkcs1Sha256 => 0x0401,
103            Self::RsaPkcs1Sha384 => 0x0501,
104            Self::RsaPkcs1Sha512 => 0x0601,
105
106            Self::EcdsaSecp256r1Sha256 => 0x0403,
107            Self::EcdsaSecp384r1Sha384 => 0x0503,
108            Self::EcdsaSecp521r1Sha512 => 0x0603,
109
110            Self::RsaPssRsaeSha256 => 0x0804,
111            Self::RsaPssRsaeSha384 => 0x0805,
112            Self::RsaPssRsaeSha512 => 0x0806,
113
114            Self::Ed25519 => 0x0807,
115            Self::Ed448 => 0x0808,
116
117            Self::RsaPssPssSha256 => 0x0809,
118            Self::RsaPssPssSha384 => 0x080a,
119            Self::RsaPssPssSha512 => 0x080b,
120
121            Self::Sha224Ecdsa => 0x0303,
122            Self::Sha224Rsa => 0x0301,
123            Self::Sha224Dsa => 0x0302,
124
125            Self::RsaPkcs1Sha1 => 0x0201,
126            Self::EcdsaSha1 => 0x0203,
127
128            Self::Sha256BrainpoolP256r1 => 0x081A,
129            Self::Sha384BrainpoolP384r1 => 0x081B,
130            Self::Sha512BrainpoolP512r1 => 0x081C,
131
132            Self::MlDsa44 => 0x0904,
133            Self::MlDsa65 => 0x0905,
134            Self::MlDsa87 => 0x0906,
135        }
136    }
137}
138
139#[derive(Debug, Clone, PartialEq)]
140#[cfg_attr(feature = "defmt", derive(defmt::Format))]
141pub struct SignatureAlgorithms<const N: usize> {
142    pub supported_signature_algorithms: Vec<SignatureScheme, N>,
143}
144
145impl<const N: usize> SignatureAlgorithms<N> {
146    pub fn parse(buf: &mut ParseBuffer) -> Result<Self, ParseError> {
147        let data_length = buf.read_u16()? as usize;
148
149        Ok(Self {
150            supported_signature_algorithms: buf
151                .read_list::<_, N>(data_length, SignatureScheme::parse)?,
152        })
153    }
154
155    pub fn encode(&self, buf: &mut CryptoBuffer) -> Result<(), TlsError> {
156        buf.with_u16_length(|buf| {
157            for &a in &self.supported_signature_algorithms {
158                buf.push_u16(a.as_u16())
159                    .map_err(|_| TlsError::EncodeError)?;
160            }
161            Ok(())
162        })
163    }
164}
embedded_tls/extensions/extension_data/signature_algorithms.rs

embedded_tls/extensions/extension_data/
signature_algorithms.rs
