diff options
author | Péter Dimitrov <[email protected]> | 2018-09-24 17:10:11 +0200 |
---|---|---|
committer | Péter Dimitrov <[email protected]> | 2018-10-15 10:21:23 +0200 |
commit | c115250a755cabfce3cd24429e9eaec70c8d8a59 (patch) | |
tree | 79a0822df9d7539b1b51e04351baa6e1af40c96d /lib/ssl/src/dtls_handshake.erl | |
parent | d106d1fc65d3c2b0c1b27450936895ab0e039c45 (diff) | |
download | otp-c115250a755cabfce3cd24429e9eaec70c8d8a59.tar.gz otp-c115250a755cabfce3cd24429e9eaec70c8d8a59.tar.bz2 otp-c115250a755cabfce3cd24429e9eaec70c8d8a59.zip |
ssl: Implement Signature Algorithms (TLS 1.3)
Implement handling of the signature algorithms extension described by
RFC 8446. This commit updates the behavior of legacy TLS versions to
align them with RFC 8446 (TLS 1.3) and RFC 5246 (TLS 1.2).
- TLS 1.0/1.1 clients validate the client certificate against the
certificate_type field of the CertificateRequest message.
- TLS 1.2 client verifies the hash/signature algorithm pair of the
client certificate when processing a CertificateRequest. Old
behavior only checked the signature algorithms.
- TLS 1.2 server verifies that the server certificate is signed by
a hash/signature algorithm pair that appears in the
"singature_algorithms" or "signature_algorithms_cert" (RFC 8446)
extensions of the ClientHello.
Change-Id: I3e0a0d7408984f5e5b1233968934fe34d64eb2b7
Diffstat (limited to 'lib/ssl/src/dtls_handshake.erl')
-rw-r--r-- | lib/ssl/src/dtls_handshake.erl | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/ssl/src/dtls_handshake.erl b/lib/ssl/src/dtls_handshake.erl index c8daa11433..55aa8174a3 100644 --- a/lib/ssl/src/dtls_handshake.erl +++ b/lib/ssl/src/dtls_handshake.erl @@ -194,7 +194,7 @@ handle_client_hello(Version, ?ALERT_REC(?FATAL, ?INSUFFICIENT_SECURITY); _ -> #{key_exchange := KeyExAlg} = ssl_cipher_format:suite_definition(CipherSuite), - case ssl_handshake:select_hashsign(ClientHashSigns, Cert, KeyExAlg, + case ssl_handshake:select_hashsign({ClientHashSigns, undefined}, Cert, KeyExAlg, SupportedHashSigns, TLSVersion) of #alert{} = Alert -> Alert; |