Expose supported signature algorithms for private keys (#281)

### Motivation:

When loading a private key from disk as a `Certificate.PrivateKey` there
is no straight forward way to query the supported signature algorithms.
For signature algorithm negotiation, the raw values defined in RFC are
useful as well.

### Modifications:

Add a new property to query the supported signature algorithms for a
given key. Add a new property that translates a signature algorithm to
the respective value defined in RFC 8446.

### Results:

Working with certificate private keys and signature algorithms gets
easier.

Author: josephnoir

Sources/X509/CertificatePrivateKey.swift

@@ -378,3 +378,36 @@ extension Certificate.PrivateKey {
         }
     }
 }
+
+@available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *)
+extension Certificate.PrivateKey {
+    /// Return a list of all supported signature types for this private key. The ordering is not a comment on the
+    /// preference or security of the contained algorithms.
+    @inlinable
+    public var supportedSignatureAlgorithms: [Certificate.SignatureAlgorithm] {
+        switch backing {
+        case .p256, .p384, .p521:
+            return [.ecdsaWithSHA512, .ecdsaWithSHA384, .ecdsaWithSHA256]
+        case .rsa:
+            return [
+                .sha512WithRSAEncryption, .sha384WithRSAEncryption, .sha256WithRSAEncryption, .sha1WithRSAEncryption,
+            ]
+        #if canImport(Darwin)
+        case .secureEnclaveP256:
+            return [.ecdsaWithSHA512, .ecdsaWithSHA384, .ecdsaWithSHA256]
+        case .secKey(let key):
+            switch key.type {
+            case .RSA:
+                return [
+                    .sha512WithRSAEncryption, .sha384WithRSAEncryption, .sha256WithRSAEncryption,
+                    .sha1WithRSAEncryption,
+                ]
+            case .ECDSA:
+                return [.ecdsaWithSHA512, .ecdsaWithSHA384, .ecdsaWithSHA256]
+            }
+        #endif
+        case .ed25519:
+            return [.ed25519]
+        }
+    }
+}

Sources/X509/SignatureAlgorithm.swift

@@ -152,3 +152,64 @@ extension AlgorithmIdentifier {
         }
     }
 }
+
+@available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *)
+extension Certificate.SignatureAlgorithm {
+    /// Map a signature algorithm to the signature scheme value defined in RFC 8446 for TLS 1.3.
+    public var rfc8446SignatureSchemeValue: UInt16 {
+        get throws {
+            switch self {
+            case .ecdsaWithSHA256:
+                return 0x0403
+            case .ecdsaWithSHA384:
+                return 0x0503
+            case .ecdsaWithSHA512:
+                return 0x0603
+            case .sha1WithRSAEncryption:
+                return 0x0201
+            case .sha256WithRSAEncryption:
+                return 0x0401
+            case .sha384WithRSAEncryption:
+                return 0x0501
+            case .sha512WithRSAEncryption:
+                return 0x0601
+            case .ed25519:
+                return 0x0807
+            default:
+                throw CertificateError.unsupportedSignatureAlgorithm(
+                    reason: "SignatureAlgorithm(\(self)) has an unsupprted value"
+                )
+            }
+        }
+    }
+}
+
+@available(macOS 10.15, iOS 13, watchOS 6, tvOS 13, macCatalyst 13, visionOS 1.0, *)
+extension Certificate.SignatureAlgorithm {
+    /// Initialize a signature algorithm from a raw value as defined in RFC8446.
+    ///
+    /// Returns: The signature algorithm matching the value for the algorithms supported by Swift Certificates and
+    ///     nil otherwise.
+    public init?(rfc8446SignatureSchemeValue value: UInt16) {
+        switch value {
+        case 0x0403:
+            self = .ecdsaWithSHA256
+        case 0x0503:
+            self = .ecdsaWithSHA384
+        case 0x0603:
+            self = .ecdsaWithSHA512
+        case 0x0201:
+            self = .sha1WithRSAEncryption
+        case 0x0401:
+            self = .sha256WithRSAEncryption
+        case 0x0501:
+            self = .sha384WithRSAEncryption
+        case 0x0601:
+            self = .sha512WithRSAEncryption
+        case 0x0807:
+            self = .ed25519
+        default:
+            return nil
+        }
+    }
+}

Tests/X509Tests/SignatureTests.swift

@@ -50,6 +50,68 @@ final class SignatureTests: XCTestCase {
     )
     #endif
 
+    // RFC8446 defines the following values for signature schemes for TLS 1.3 (signature algorithms before).
+    // Swift Certificates only supports a handful of them.
+    //
+    // enum {
+    //     /* RSASSA-PKCS1-v1_5 algorithms */
+    //     rsa_pkcs1_sha256(0x0401),
+    //     rsa_pkcs1_sha384(0x0501),
+    //     rsa_pkcs1_sha512(0x0601),
+    //
+    //     /* ECDSA algorithms */
+    //     ecdsa_secp256r1_sha256(0x0403),
+    //     ecdsa_secp384r1_sha384(0x0503),
+    //     ecdsa_secp521r1_sha512(0x0603),
+    //
+    //     /* RSASSA-PSS algorithms with public key OID rsaEncryption */
+    //     rsa_pss_rsae_sha256(0x0804),
+    //     rsa_pss_rsae_sha384(0x0805),
+    //     rsa_pss_rsae_sha512(0x0806),
+    //
+    //     /* EdDSA algorithms */
+    //     ed25519(0x0807),
+    //     ed448(0x0808),
+    //
+    //     /* RSASSA-PSS algorithms with public key OID RSASSA-PSS */
+    //     rsa_pss_pss_sha256(0x0809),
+    //     rsa_pss_pss_sha384(0x080a),
+    //     rsa_pss_pss_sha512(0x080b),
+    //
+    //     /* Legacy algorithms */
+    //     rsa_pkcs1_sha1(0x0201),
+    //     ecdsa_sha1(0x0203),
+    //
+    //     /* Reserved Code Points */
+    //     private_use(0xFE00..0xFFFF),
+    //     (0xFFFF)
+    // } SignatureScheme;
+    static let supportedRFC8446SignatureAlgorithms: [UInt16: Certificate.SignatureAlgorithm] = [
+        // RSASSA-PKCS1-v1_5 algorithms
+        0x0401: Certificate.SignatureAlgorithm.sha256WithRSAEncryption,
+        0x0501: Certificate.SignatureAlgorithm.sha384WithRSAEncryption,
+        0x0601: Certificate.SignatureAlgorithm.sha512WithRSAEncryption,
+
+        // RSASSA-PSS algorithms with public key OID rsaEncryption
+        // Currently not supported
+
+        // ECDSA algorithms
+        0x0403: Certificate.SignatureAlgorithm.ecdsaWithSHA256,
+        0x0503: Certificate.SignatureAlgorithm.ecdsaWithSHA384,
+        0x0603: Certificate.SignatureAlgorithm.ecdsaWithSHA512,
+
+        // EdDSA algorithms
+        0x0807: Certificate.SignatureAlgorithm.ed25519,
+        // ed448 is currenlty not supported
+
+        // RSASSA-PSS algorithms with public key OID RSASSA-PSS
+        // Currently not supported
+
+        // Legacy algorithms
+        0x0201: Certificate.SignatureAlgorithm.sha1WithRSAEncryption,
+        // ecdsa_sha1 is currenlty not supported
+    ]
+
     func testRSASignatureBytes() throws {
         let input = Array("Hello World".utf8)
         let privateKey = Certificate.PrivateKey(Self.rsaKey)
@@ -941,4 +1003,122 @@ final class SignatureTests: XCTestCase {
             0x05, 0x06, 0x07, 0x08, 0x09, 0x0a,
         ])
     }
+
+    func testSignatureAlgorithmTranslatesToCorrectRFC8446Value() throws {
+        for (value, algorithm) in SignatureTests.supportedRFC8446SignatureAlgorithms {
+            XCTAssertEqual(value, try! algorithm.rfc8446SignatureSchemeValue)
+        }
+    }
+
+    func testSignatureAlgorithmInitializedWithRFC8446Value() {
+        let supportedValues = Set(SignatureTests.supportedRFC8446SignatureAlgorithms.keys)
+        for value in 0...UInt16.max {
+            if supportedValues.contains(value) {
+                let algo = Certificate.SignatureAlgorithm(rfc8446SignatureSchemeValue: value)
+                XCTAssertNotNil(algo)
+                XCTAssertEqual(algo, SignatureTests.supportedRFC8446SignatureAlgorithms[value])
+            } else {
+                XCTAssertNil(Certificate.SignatureAlgorithm(rfc8446SignatureSchemeValue: value))
+            }
+        }
+
+    }
+
+    func testMapPrivateKeyToSupportedSignatureAlgorithmRSA() throws {
+        XCTAssertEqual(
+            Set(Certificate.PrivateKey(Self.rsaKey).supportedSignatureAlgorithms),
+            Set([.sha256WithRSAEncryption, .sha384WithRSAEncryption, .sha512WithRSAEncryption, .sha1WithRSAEncryption])
+        )
+    }
+
+    func testMapPrivateKeyToSupportedSignatureAlgorithmECDSA() throws {
+        XCTAssertEqual(
+            Set(Certificate.PrivateKey(Self.p256Key).supportedSignatureAlgorithms),
+            Set([.ecdsaWithSHA256, .ecdsaWithSHA384, .ecdsaWithSHA512])
+        )
+        XCTAssertEqual(
+            Set(Certificate.PrivateKey(Self.p384Key).supportedSignatureAlgorithms),
+            Set([.ecdsaWithSHA256, .ecdsaWithSHA384, .ecdsaWithSHA512])
+        )
+        XCTAssertEqual(
+            Set(Certificate.PrivateKey(Self.p521Key).supportedSignatureAlgorithms),
+            Set([.ecdsaWithSHA256, .ecdsaWithSHA384, .ecdsaWithSHA512])
+        )
+    }
+
+    func testMapPrivateKeyToSupportedSignatureAlgorithmEdDSA() throws {
+        XCTAssertEqual(Set(Certificate.PrivateKey(Self.ed25519Key).supportedSignatureAlgorithms), Set([.ed25519]))
+    }
+
+    #if canImport(Darwin)
+    func testMapPrivateKeyToSupportedSignatureAlgorithmSecureEncalve() throws {
+        guard let secureEnclaveP256 = Self.secureEnclaveP256 else {
+            throw XCTSkip("No SEP")
+        }
+        XCTAssertEqual(
+            Set(Certificate.PrivateKey(secureEnclaveP256).supportedSignatureAlgorithms),
+            Set([.ecdsaWithSHA256, .ecdsaWithSHA384, .ecdsaWithSHA512])
+        )
+    }
+
+    func testMapPrivateKeyToSupportedSignatureAlgorithmSecKeyRSA() async throws {
+        guard let secKeyRSA = Self.secKeyRSA else {
+            throw XCTSkip("Key Error")
+        }
+        XCTAssertEqual(
+            Set(try Certificate.PrivateKey(secKeyRSA).supportedSignatureAlgorithms),
+            Set([.sha256WithRSAEncryption, .sha384WithRSAEncryption, .sha512WithRSAEncryption, .sha1WithRSAEncryption])
+        )
+    }
+
+    func testMapPrivateKeyToSupportedSignatureAlgorithmSecKeyEC256() async throws {
+        guard let secKeyEC256 = Self.secKeyEC256 else {
+            throw XCTSkip("Key Error")
+        }
+        XCTAssertEqual(
+            Set(try Certificate.PrivateKey(secKeyEC256).supportedSignatureAlgorithms),
+            Set([.ecdsaWithSHA256, .ecdsaWithSHA384, .ecdsaWithSHA512])
+        )
+    }
+
+    func testMapPrivateKeyToSupportedSignatureAlgorithmSecKeyEC2384() async throws {
+        guard let secKeyEC384 = Self.secKeyEC384 else {
+            throw XCTSkip("Key Error")
+        }
+        XCTAssertEqual(
+            Set(try Certificate.PrivateKey(secKeyEC384).supportedSignatureAlgorithms),
+            Set([.ecdsaWithSHA256, .ecdsaWithSHA384, .ecdsaWithSHA512])
+        )
+    }
+
+    func testMapPrivateKeyToSupportedSignatureAlgorithmSecKeyEC521() async throws {
+        guard let secKeyEC521 = Self.secKeyEC521 else {
+            throw XCTSkip("Key Error")
+        }
+        XCTAssertEqual(
+            Set(try Certificate.PrivateKey(secKeyEC521).supportedSignatureAlgorithms),
+            Set([.ecdsaWithSHA256, .ecdsaWithSHA384, .ecdsaWithSHA512])
+        )
+    }
+
+    func testMapPrivateKeyToSupportedSignatureAlgorithmsecKeyEnclaveEC256() async throws {
+        guard let secKeyEnclaveEC256 = Self.secKeyEnclaveEC256 else {
+            throw XCTSkip("Key Error")
+        }
+        XCTAssertEqual(
+            Set(try Certificate.PrivateKey(secKeyEnclaveEC256).supportedSignatureAlgorithms),
+            Set([.ecdsaWithSHA256, .ecdsaWithSHA384, .ecdsaWithSHA512])
+        )
+    }
+
+    func testMapPrivateKeyToSupportedSignatureAlgorithmsecKeyEnclaveEC384() async throws {
+        guard let secKeyEnclaveEC384 = Self.secKeyEnclaveEC384 else {
+            throw XCTSkip("Key Error")
+        }
+        XCTAssertEqual(
+            Set(try Certificate.PrivateKey(secKeyEnclaveEC384).supportedSignatureAlgorithms),
+            Set([.ecdsaWithSHA256, .ecdsaWithSHA384, .ecdsaWithSHA512])
+        )
+    }
+    #endif
 }