rsa_pkcs1_* signature algorithms are not offered in CertificateRequest
Categories
(NSS :: Libraries, defect, P2)
Tracking
(Not tracked)
People
(Reporter: inikolch, Assigned: ueno)
Details
Attachments
(1 file)
User Agent: Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0
Steps to reproduce:
Setup nss server which will request client certificate and make a connection with a client.
I think this change was made with this commit:
https://hg.mozilla.org/projects/nss/rev/9b418f0a4912e0a7c928d0b0774e1815238984ee
In the bug that is linked with the commit hkario also brings up this issue but it was not addressed.
https://bugzilla.mozilla.org/show_bug.cgi?id=1549225#c4
Actual results:
The server doesn't offer rsa_pkcs1_* signature algorithms in CertificateRequest
Expected results:
Server offers rsa_pkcs1_* sigalgs in CertificateRequest.
|
||
Updated•5 years ago
|
|
Assignee | |
Comment 1•5 years ago
|
||
In TLS 1.3, unless "signature_algorithms_cert" is advertised, the
"signature_algorithms" extension is used as an indication of supported
algorithms for signatures on certificates. While rsa_pkcs1_*
signatures schemes cannot be used for signing handshake messages, they
should be advertised if the peer wants to to support certificates
signed with RSA PKCS#1.
This adds a flag to ssl3_EncodeSigAlgs() and ssl3_FilterSigAlgs() to
preserve rsa_pkcs1_* schemes in the output.
|
||
Updated•5 years ago
|
|
|
||
Comment 2•5 years ago
|
||
Description
•