rev signaturescheme

Author: Srabutdotcom

deno.json

@@ -1,6 +1,6 @@
 {
   "name": "@tls/enum",
-  "version": "0.4.5",
+  "version": "0.4.6",
   "exports": "./src/mod.ts",
   "publish": {
     "exclude": ["dist/"]

src/signaturescheme.js

@@ -76,8 +76,43 @@ export class SignatureScheme extends Enum {
     */
    get Uint16() { return Uint16.fromValue(+this); }
 
-   async certificateVerify(clientHelloMsg, serverHelloMsg, encryptedExtensionsMsg, certificateMsg, RSAprivateKey, sha) {
-      const signature = await signatureFrom(clientHelloMsg, serverHelloMsg, encryptedExtensionsMsg, certificateMsg, RSAprivateKey, sha)
+   get algo() {
+      switch (this) {
+         case 'ECDSA_SECP256R1_SHA256': return {
+            name: "ECDSA",
+            hash: "SHA-256"
+         }
+         case 'ECDSA_SECP384R1_SHA384': return {
+            name: "ECDSA",
+            hash: "SHA-384"
+         }
+         case 'ECDSA_SECP521R1_SHA512': return {
+            name: "ECDSA",
+            hash: "SHA-512"
+         }
+         case 'ED25519': return { name: 'Ed25519' }
+         case 'RSA_PSS_PSS_SHA384': return {
+            name: "RSA-PSS",// RSAprivateKey.algorithm.name,
+            saltLength: 384 / 8
+         }
+         case 'RSA_PSS_PSS_SHA512': return {
+            name: "RSA-PSS",// RSAprivateKey.algorithm.name,
+            saltLength: 512 / 8
+         }
+         case 'RSA_PSS_PSS_SHA256':
+         default: return {
+            name: "RSA-PSS",// RSAprivateKey.algorithm.name,
+            saltLength: 256 / 8
+         }
+      }
+      return {
+         name: "RSA-PSS",// RSAprivateKey.algorithm.name,
+         saltLength: 256 / 8
+      }
+   }
+
+   async certificateVerify(clientHelloMsg, serverHelloMsg, encryptedExtensionsMsg, certificateMsg, RSAprivateKey) {
+      const signature = await signatureFrom(clientHelloMsg, serverHelloMsg, encryptedExtensionsMsg, certificateMsg, RSAprivateKey, this.algo)
       return new CertificateVerify(this, signature)
    }
 }
@@ -114,7 +149,7 @@ export class Signature extends Constrained {
    }
 }
 
-async function signatureFrom(clientHelloMsg, serverHelloMsg, encryptedExtensionsMsg, certificateMsg, RSAprivateKey, sha = 256) {
+async function signatureFrom(clientHelloMsg, serverHelloMsg, encryptedExtensionsMsg, certificateMsg, RSAprivateKey, algo) {
    const leading = Uint8Array.of(
       //NOTE 64 space characters 
       32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32,
@@ -124,10 +159,8 @@ async function signatureFrom(clientHelloMsg, serverHelloMsg, encryptedExtensions
       0
    )
 
-   const hash = sha == 256 ? sha256.create() : 
-   sha == 384 ? sha384.create() :
-   sha == 512 ? sha512.create() : sha256.create();
-   
+   const hash = hashFromAlgo(algo)
+
    const transcriptHash = hash
       .update(clientHelloMsg)
       .update(serverHelloMsg)
@@ -141,10 +174,7 @@ async function signatureFrom(clientHelloMsg, serverHelloMsg, encryptedExtensions
    )
 
    const signBuffer = await crypto.subtle.sign(
-      {
-         name: "RSA-PSS",// RSAprivateKey.algorithm.name,
-         saltLength: sha / 8
-      },
+      algo,
       RSAprivateKey,
       data
    )
@@ -161,6 +191,21 @@ async function signatureFrom(clientHelloMsg, serverHelloMsg, encryptedExtensions
    return new Uint8Array(signBuffer)
 }
 
+function hashFromAlgo(algo) {
+   let sha
+   const { hash, saltLength } = algo;
+   if (hash) { sha = parseInt(hash.split("-")[1]); }
+   else if (saltLength) { sha = saltLength * 8 }
+   else { sha = 256 };
+   switch (sha) {
+      case 384: return sha384.create();
+      case 512: return sha512.create();
+      case 256:
+      default:
+         return sha256.create();
+   }
+}
+
 export async function finished(finishedKey, sha = 256, ...messages) {
    //const finishedKey = hkdfExpandLabel(serverHS_secret, 'finished', new Uint8Array, 32);
    const finishedKeyCrypto = await crypto.subtle.importKey(
@@ -174,8 +219,8 @@ export async function finished(finishedKey, sha = 256, ...messages) {
       ["sign", "verify"]
    );
 
-   const hash = sha == 256 ? sha256.create() : 
-   sha == 384 ? sha384.create() : sha256.create();
+   const hash = sha == 256 ? sha256.create() :
+      sha == 384 ? sha384.create() : sha256.create();
 
    const messagesStruct = Struct.createFrom(...messages);
 
@@ -195,18 +240,18 @@ export async function finished(finishedKey, sha = 256, ...messages) {
       verify_data,
       transcriptHash
    ) */
-   verify_data.transcriptHash = transcriptHash;
+   //verify_data.transcriptHash = transcriptHash;
    return new Finished(verify_data);
 }
 
 export class Finished extends Uint8Array {
-   static fromMsg(message){
+   static fromMsg(message) {
       const copy = Uint8Array.from(message)
       return new Finished(copy.subarray(4))
    }
-   constructor(verify_data){
+   constructor(verify_data) {
       super(verify_data);
-      this.verify_data = verify_data 
+      this.verify_data = verify_data
       return HandshakeType.FINISHED.handshake(this)
    }
 }

test/signaturescheme_test.js

@@ -93,6 +93,36 @@ Deno.test("Finished", async () => {
    assertEquals(_finished.toString(), finishedBack.toString())
 })
 
+const hash = "SHA-256";
+const sha = parseInt(hash.split("-")[1]);
+
+const certificateVerifyMsg = HexaDecimal.fromString(`0f 00 00 84 08 04 00 80 5a 74 7c
+   5d 88 fa 9b d2 e5 5a b0 85 a6 10 15 b7 21 1f 82 4c d4 84 14 5a
+   b3 ff 52 f1 fd a8 47 7b 0b 7a bc 90 db 78 e2 d3 3a 5c 14 1a 07
+   86 53 fa 6b ef 78 0c 5e a2 48 ee aa a7 85 c4 f3 94 ca b6 d3 0b
+   be 8d 48 59 ee 51 1f 60 29 57 b1 54 11 ac 02 76 71 45 9e 46 44
+   5c 9e a5 8c 18 1e 81 8e 95 b8 c3 fb 0b f3 27 84 09 d3 be 15 2a
+   3d a5 04 3e 06 3d da 65 cd f5 ae a2 0d 53 df ac d4 2f 74 f3`).byte
+
+const finishedMsg = HexaDecimal.fromString(
+   `14 00 00 20 9b 9b 14 1d 90 63 37 fb d2 cb
+   dc e7 1d f4 de da 4a b4 2c 30 95 72 cb 7f ff ee 54 54 b7 8f 07
+   18`).byte
+
+const rsaPrivateKeyJwk = JSON.parse('{"kty":"RSA","alg":"PS256","key_ops":["sign"],"ext":true,"n":"tLtJj4J5MD2YCDY5mzbGmIwMaN5V4b24JtOQGiRh6v0t5JqR0BWrvJqVE3rObBrxnqpq-Yx87UMSCZjhh6gO4MywUksbAYw-C2MmTUSabTjiKl_aQwhGdIAwUw7wRhyMqdnvv66OptHQPivRk-_wq5qAAsR0KKbTWo2I159_Hj8","e":"AQAB","d":"BN6nBdQ6bqcgndgHIRGoPIHjIqWSeLM0gGQer3wKaYW44xxE9t5i4bTCMJ9hJud7fEHpIzFLv6OIEwXcEhfxbIGc5TjpIvNpgo0OVxldjISIRgIHsvqnJrz3CLvX239nn4k0kvwqYi4IlwqsRBzk4MMIjfJa5nkjPfijvaL_mUE","p":"5DX7fMg3N3VtrOqWq39ZoswQadt96xkOF-M6UysnPzCjJ6oKqrxYzWdGavmEX63Gdf4JSvksS9Hywbwz3S4FFQ","q":"yr07wOBDhmTI1MyfmZd6lNm7_q2OQ4cKuuP364tODu6K8dm0cZumGWzyy7ru6_izSQr-np_6dKiKpR_GRWKTAw","dp":"P1c0XCf-G2h-bnYWJ7eLG4JkM912D6C-pqas85SQqhtHzaSGnWj1hN1bUCm9Mgk7glhmH-cVAl5dcKRaCNPTGQ","dq":"GD2gE2O9LyiFysvcmWS_R2TxUXY2-GQBKG9xiTxSzP5ApsI9DQhrR8b7ENj9EEHgTe9-mkDOlXxBd5ThBBLROQ","qi":"g5ypoIXkKGsskORmmXosaB8hM5qjR3gU5N7BGDMFDtUN0TzAOASKQ8WbKsxBaInAN2Zf5a-mBZafjAHfpcqWnQ"}');
+
+const rsaPrivateKey = await crypto.subtle.importKey('jwk', rsaPrivateKeyJwk, { name: 'RSA-PSS', hash: 'SHA-256' }, true, ['sign'])
+
+const certificateVerifyMsg_0 = await SignatureScheme.RSA_PSS_PSS_SHA256.certificateVerify(clientHelloMsg, serverHelloMsg, encryptedExtensionsMsg, certificateMsg, rsaPrivateKey)
+
+const finished_key = HexaDecimal.fromString(
+   `00 8d 3b 66 f8 16 ea 55 9f 96 b5 37 e8 85
+   c3 1f c0 68 bf 49 2c 65 2f 01 f2 88 a1 d8 cd c1 9f c8`).byte
+
+const finished_0 = await finished(finished_key, 256, clientHelloMsg, serverHelloMsg, encryptedExtensionsMsg, certificateMsg);
+
+
+debugger;
 
 
 

type/signaturescheme.d.ts

@@ -1,147 +1,133 @@
 import { Constrained, Uint16 } from "../src/dep.ts";
 import { Enum } from "../src/enum.js";
+import { sha256, sha384, sha512 } from "@noble/hashes/sha2";
 
 /**
  * Enumeration of signature schemes as defined in RFC 8446.
  * @see https://datatracker.ietf.org/doc/html/rfc8446#section-4.2.3
  */
-export class SignatureScheme extends Enum {
-  /** RSASSA-PKCS1-v1_5 algorithms */
+export declare class SignatureScheme extends Enum {
   static RSA_PKCS1_SHA256: SignatureScheme;
   static RSA_PKCS1_SHA384: SignatureScheme;
   static RSA_PKCS1_SHA512: SignatureScheme;
-
-  /** ECDSA algorithms */
   static ECDSA_SECP256R1_SHA256: SignatureScheme;
   static ECDSA_SECP384R1_SHA384: SignatureScheme;
   static ECDSA_SECP521R1_SHA512: SignatureScheme;
-
-  /** RSASSA-PSS algorithms with public key OID rsaEncryption */
   static RSA_PSS_RSAE_SHA256: SignatureScheme;
   static RSA_PSS_RSAE_SHA384: SignatureScheme;
   static RSA_PSS_RSAE_SHA512: SignatureScheme;
-
-  /** EdDSA algorithms */
   static ED25519: SignatureScheme;
   static ED448: SignatureScheme;
-
-  /** RSASSA-PSS algorithms with public key OID RSASSA-PSS */
   static RSA_PSS_PSS_SHA256: SignatureScheme;
   static RSA_PSS_PSS_SHA384: SignatureScheme;
   static RSA_PSS_PSS_SHA512: SignatureScheme;
-
-  /** Legacy algorithms */
   static RSA_PKCS1_SHA1: SignatureScheme;
   static ECDSA_SHA1: SignatureScheme;
-
-  /** Reserved Code Points */
   static dsa_sha1_RESERVED: SignatureScheme;
   static dsa_sha256_RESERVED: SignatureScheme;
   static dsa_sha384_RESERVED: SignatureScheme;
   static dsa_sha512_RESERVED: SignatureScheme;
 
   /**
    * Parses an octet array and returns a valid SignatureScheme.
-   * @param {Uint8Array} octet - The octet array to parse.
-   * @returns {SignatureScheme} The corresponding SignatureScheme instance.
+   * @param octet The octet array to parse.
+   * @returns The corresponding SignatureScheme instance.
    * @throws {Error} If the octet does not correspond to a known SignatureScheme.
    */
   static from(octet: Uint8Array): SignatureScheme;
 
   /**
-   * Returns the bit length of the SignatureScheme.
-   * @returns {number} The bit length, which is always 16.
+   * The bit length of the SignatureScheme.
+   * @returns The bit length, which is always 16.
    */
   get bit(): number;
 
   /**
    * Converts the SignatureScheme to a Uint16 representation.
-   * @returns {Uint16} The Uint16 representation of the SignatureScheme.
+   * @returns The Uint16 representation of the SignatureScheme.
    */
   get Uint16(): Uint16;
 
   /**
-   * Creates a CertificateVerify handshake instance.
-   * @param clientHelloMsg The ClientHello message.
-   * @param serverHelloMsg The ServerHello message.
-   * @param encryptedExtensionsMsg The EncryptedExtensions message.
-   * @param certificateMsg The Certificate message.
-   * @param RSAprivateKey The RSA private key.
-   * @param sha The SHA variant (256, 384, or 512).
+   * Retrieves the algorithm details for the SignatureScheme.
+   * @returns An object describing the algorithm and hash details.
+   */
+  get algo(): { name: string; hash?: string; saltLength?: number };
+
+  /**
+   * Verifies a certificate using the provided messages and private key.
+   * @param clientHelloMsg The client hello message.
+   * @param serverHelloMsg The server hello message.
+   * @param encryptedExtensionsMsg The encrypted extensions message.
+   * @param certificateMsg The certificate message.
+   * @param RSAprivateKey The private RSA key.
+   * @returns A promise that resolves to a CertificateVerify instance.
    */
   certificateVerify(
     clientHelloMsg: Uint8Array,
     serverHelloMsg: Uint8Array,
     encryptedExtensionsMsg: Uint8Array,
     certificateMsg: Uint8Array,
-    RSAprivateKey: CryptoKey,
-    sha: number,
+    RSAprivateKey: CryptoKey
   ): Promise<CertificateVerify>;
 }
 
-/**
- * Represents a CertificateVerify message.
- */
 export declare class CertificateVerify extends Uint8Array {
-  /**
-   * Creates a CertificateVerify instance from an array.
-   * @param array The input array.
-   */
   static fromMsg(array: Uint8Array): CertificateVerify;
-
   constructor(signatureScheme: SignatureScheme, signature: Uint8Array);
-
   algorithm: SignatureScheme;
   signature: Uint8Array;
 }
 
-/**
- * Represents a constrained Signature.
- */
 export declare class Signature extends Constrained {
-  /**
-   * Creates a Signature instance from an array.
-   * @param array The input array.
-   */
   static from(array: Uint8Array): Signature;
-
   constructor(opaque: Uint8Array);
-
   opaque: Uint8Array;
 }
 
 /**
- * Generates a signature for the CertificateVerify message.
+ * Generates a signature from the provided messages and key.
+ * @param clientHelloMsg The client hello message.
+ * @param serverHelloMsg The server hello message.
+ * @param encryptedExtensionsMsg The encrypted extensions message.
+ * @param certificateMsg The certificate message.
+ * @param RSAprivateKey The private RSA key.
+ * @param algo The algorithm to use for signing.
+ * @returns A promise that resolves to the generated signature as a Uint8Array.
  */
 export declare function signatureFrom(
   clientHelloMsg: Uint8Array,
   serverHelloMsg: Uint8Array,
   encryptedExtensionsMsg: Uint8Array,
   certificateMsg: Uint8Array,
   RSAprivateKey: CryptoKey,
-  sha?: number,
+  algo: { name: string; hash?: string; saltLength?: number }
 ): Promise<Uint8Array>;
 
 /**
- * Generates a Finished message.
+ * Computes the hash function based on the provided algorithm.
+ * @param algo The algorithm details.
+ * @returns The appropriate hash instance.
+ */
+export declare function hashFromAlgo(
+  algo: { hash?: string; saltLength?: number }
+): ReturnType<typeof sha256.create | typeof sha384.create | typeof sha512.create>;
+
+/**
+ * Creates a Finished instance from the provided key and messages.
+ * @param finishedKey The HMAC key used for the finished computation.
+ * @param sha The SHA variant to use (256, 384, etc.).
+ * @param messages The messages to include in the transcript.
+ * @returns A promise that resolves to a Finished instance.
  */
 export declare function finished(
   finishedKey: Uint8Array,
   sha: number,
   ...messages: Uint8Array[]
 ): Promise<Finished>;
 
-/**
- * Represents a Finished handshake message.
- */
 export declare class Finished extends Uint8Array {
-  /**
-   * Creates a Finished instance from a message.
-   * @param message The input message.
-   */
   static fromMsg(message: Uint8Array): Finished;
-
   constructor(verify_data: Uint8Array);
-
   verify_data: Uint8Array;
 }