From 1782d1d032e0c284884a6f26d3a43b4608d5360a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?P=C3=A9ter=20Dimitrov?= <peterdmv@erlang.org>
Date: Wed, 10 Apr 2019 11:37:14 +0200
Subject: ssl: Handle legacy algorithms in signature_scheme/1

Handle legacy signature algorithms in TLS 1.3 ClientHello to
improve debug logging.

Change-Id: If5548c828aabab83a2b147dffa7e937bd98916c6
---
 lib/ssl/src/ssl_cipher.erl | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/lib/ssl/src/ssl_cipher.erl b/lib/ssl/src/ssl_cipher.erl
index 850dee7d4f..2238b5290d 100644
--- a/lib/ssl/src/ssl_cipher.erl
+++ b/lib/ssl/src/ssl_cipher.erl
@@ -939,6 +939,11 @@ signature_scheme(?RSA_PSS_PSS_SHA384) -> rsa_pss_pss_sha384;
 signature_scheme(?RSA_PSS_PSS_SHA512) -> rsa_pss_pss_sha512;
 signature_scheme(?RSA_PKCS1_SHA1) -> rsa_pkcs1_sha1;
 signature_scheme(?ECDSA_SHA1) -> ecdsa_sha1;
+%% Handling legacy signature algorithms for logging purposes. These algorithms
+%% cannot be used in TLS 1.3 handshakes.
+signature_scheme(SignAlgo) when is_integer(SignAlgo) ->
+    <<?BYTE(Hash),?BYTE(Sign)>> = <<?UINT16(SignAlgo)>>,
+    {ssl_cipher:hash_algorithm(Hash), ssl_cipher:sign_algorithm(Sign)};
 signature_scheme(_) -> unassigned.
 %% TODO: reserved code points?
 
-- 
cgit v1.2.3