Merge fbeaa49 into 4521c5c

tests/tlstest.py

@@ -297,12 +297,47 @@ def connect():
     try:
         connection.handshakeClientCert(settings=settings)
         assert False
-    except TLSLocalAlert as e:
-        assert "certificate with curve" in str(e)
+    except TLSRemoteAlert as e:
+        assert "handshake_failure" in str(e)
+    connection.close()
+
+    test_no += 1
+
+    print("Test {0} - Two good ECDSA certs - secp256r1, TLSv1.2".format(test_no))
+    synchro.recv(1)
+    connection = connect()
+    settings = HandshakeSettings()
+    settings.minVersion = (3, 3)
+    settings.maxVersion = (3, 3)
+    settings.eccCurves = ["secp256r1"]
+    settings.keyShares = []
+    connection.handshakeClientCert(settings=settings)
+    testConnClient(connection)
+    assert isinstance(connection.session.serverCertChain, X509CertChain)
+    assert len(connection.session.serverCertChain.getEndEntityPublicKey()) \
+            == 256
     connection.close()
 
     test_no += 1
 
+    print("Test {0} - Two good ECDSA certs - secp384r1, TLSv1.2".format(test_no))
+    synchro.recv(1)
+    connection = connect()
+    settings = HandshakeSettings()
+    settings.minVersion = (3, 3)
+    settings.maxVersion = (3, 3)
+    settings.eccCurves = ["secp384r1"]
+    settings.keyShares = []
+    connection.handshakeClientCert(settings=settings)
+    testConnClient(connection)
+    assert isinstance(connection.session.serverCertChain, X509CertChain)
+    assert len(connection.session.serverCertChain.getEndEntityPublicKey()) \
+            == 384
+    connection.close()
+
+    test_no += 1
+
+
     print("Test {0} - good X.509 ECDSA, TLSv1.3".format(test_no))
     synchro.recv(1)
     connection = connect()
@@ -1665,12 +1700,33 @@ def connect():
         connection.handshakeServer(certChain=x509ecdsaChain,
                                    privateKey=x509ecdsaKey, settings=settings)
         assert False
-    except TLSRemoteAlert as e:
-        assert "handshake_failure" in str(e)
+    except TLSLocalAlert as e:
+        assert "curve in the public key is not supported by the client" in str(e)
     connection.close()
 
     test_no += 1
 
+    for curve, exp_chain in (("secp256r1", x509ecdsaChain),
+                             ("secp384r1", x509ecdsaP384Chain)):
+        print("Test {0} - Two good ECDSA certs - {1}, TLSv1.2"
+              .format(test_no, curve))
+        synchro.send(b'R')
+        connection = connect()
+        settings = HandshakeSettings()
+        settings.minVersion = (3, 3)
+        settings.maxVersion = (3, 3)
+        v_host = VirtualHost()
+        v_host.keys = [Keypair(x509ecdsaKey, x509ecdsaChain.x509List)]
+        settings.virtual_hosts = [v_host]
+        connection.handshakeServer(certChain=x509ecdsaP384Chain,
+                                   privateKey=x509ecdsaP384Key, settings=settings)
+        assert connection.extendedMasterSecret
+        assert connection.session.serverCertChain == exp_chain
+        testConnServer(connection)
+        connection.close()
+
+        test_no += 1
+
     print("Test {0} - good X.509 ECDSA, TLSv1.3".format(test_no))
     synchro.send(b'R')
     connection = connect()

tlslite/constants.py

@@ -31,6 +31,8 @@
 # while supporting TLS 1.3 or greater
 TLS_1_2_DOWNGRADE_SENTINEL = a2b_hex("444F574E47524401")
 
+RSA_PSS_OID = bytes(a2b_hex('06092a864886f70d01010a'))
+
 
 class TLSEnum(object):
     """Base class for different enums of TLS IDs"""
@@ -216,6 +218,8 @@ class SignatureScheme(TLSEnum):
     rsa_pkcs1_sha256 = (4, 1)
     rsa_pkcs1_sha384 = (5, 1)
     rsa_pkcs1_sha512 = (6, 1)
+    ecdsa_sha1 = (2, 3)
+    ecdsa_sha224 = (3, 3)
     ecdsa_secp256r1_sha256 = (4, 3)
     ecdsa_secp384r1_sha384 = (5, 3)
     ecdsa_secp521r1_sha512 = (6, 3)
@@ -287,15 +291,54 @@ def getHash(scheme):
         except AttributeError:
             raise ValueError("\"{0}\" scheme is unknown".format(scheme))
         vals = scheme.split('_', 4)
-        assert len(vals) in (3, 4)
-        if len(vals) == 3:
+        assert len(vals) in (2, 3, 4)
+        if len(vals) == 2:
+            kType, hName = vals
+        elif len(vals) == 3:
             kType, _, hName = vals
         else:
             kType, _, _, hName = vals
         assert kType in ('rsa', 'ecdsa')
         return hName
 
 
+class AlgorithmOID(TLSEnum):
+    """
+    Algorithm OIDs as defined in rfc5758(ecdsa),
+    rfc5754(rsa, sha), rfc3447(rss-pss).
+    The key is the DER encoded OID in hex and
+    the value is the algorithm id.
+    """
+    oid = {}
+
+    oid[bytes(a2b_hex('06072a8648ce3d0401'))] = \
+            SignatureScheme.ecdsa_sha1
+    oid[bytes(a2b_hex('06082a8648ce3d040301'))] = \
+            SignatureScheme.ecdsa_sha224
+    oid[bytes(a2b_hex('06082a8648ce3d040302'))] = \
+            SignatureScheme.ecdsa_secp256r1_sha256
+    oid[bytes(a2b_hex('06082a8648ce3d040303'))] = \
+            SignatureScheme.ecdsa_secp384r1_sha384
+    oid[bytes(a2b_hex('06082a8648ce3d040304'))] = \
+            SignatureScheme.ecdsa_secp521r1_sha512
+    oid[bytes(a2b_hex('06092a864886f70d010105'))] = \
+            SignatureScheme.rsa_pkcs1_sha1
+    oid[bytes(a2b_hex('06092a864886f70d01010e'))] = \
+            SignatureScheme.rsa_pkcs1_sha224
+    oid[bytes(a2b_hex('06092a864886f70d01010b'))] = \
+            SignatureScheme.rsa_pkcs1_sha256
+    oid[bytes(a2b_hex('06092a864886f70d01010c'))] = \
+            SignatureScheme.rsa_pkcs1_sha384
+    oid[bytes(a2b_hex('06092a864886f70d01010d'))] = \
+            SignatureScheme.rsa_pkcs1_sha512
+    oid[bytes(a2b_hex('300b0609608648016503040201'))] = \
+            SignatureScheme.rsa_pss_rsae_sha256
+    oid[bytes(a2b_hex('300b0609608648016503040202'))] = \
+            SignatureScheme.rsa_pss_rsae_sha384
+    oid[bytes(a2b_hex('300b0609608648016503040203'))] = \
+            SignatureScheme.rsa_pss_rsae_sha512
+
+
 class GroupName(TLSEnum):
     """Name of groups supported for (EC)DH key exchange"""