Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Key agreement parameters not accessible #77064

Open
sruester mannequin opened this issue Feb 20, 2018 · 3 comments
Open

Key agreement parameters not accessible #77064

sruester mannequin opened this issue Feb 20, 2018 · 3 comments
Assignees
@tiran
Labels
3.8 only security fixes topic-SSL type-feature A feature request or enhancement

Comments

@sruester
Copy link
Mannequin

sruester mannequin commented Feb 20, 2018

BPO 32883
Nosy @tiran, @sruester
Superseder
  • bpo-32858: Improve OpenSSL ECDH support
    		•

    Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.

    Show more details

    GitHub fields:

    assignee = 'https://github.com/tiran'
closed_at = None
created_at = <Date 2018-02-20.09:58:42.741>
labels = ['expert-SSL', 'type-feature', '3.8']
title = 'Key agreement parameters not accessible'
updated_at = <Date 2018-02-26.08:45:35.019>
user = 'https://github.com/sruester'

    bugs.python.org fields:

    activity = <Date 2018-02-26.08:45:35.019>
actor = 'christian.heimes'
assignee = 'christian.heimes'
closed = False
closed_date = None
closer = None
components = ['SSL']
creation = <Date 2018-02-20.09:58:42.741>
creator = 'sruester'
dependencies = []
files = []
hgrepos = []
issue_num = 32883
keywords = []
message_count = 3.0
messages = ['312406', '312409', '312417']
nosy_count = 2.0
nosy_names = ['christian.heimes', 'sruester']
pr_nums = []
priority = 'normal'
resolution = None
stage = 'needs patch'
status = 'open'
superseder = '32858'
type = 'enhancement'
url = 'https://bugs.python.org/issue32883'
versions = ['Python 3.8']
    @sruester
    Copy link
    Mannequin Author

    sruester mannequin commented Feb 20, 2018

    Using python it is not possible to retrieve information about the key exchange/agreement method that was used during session setup.

    A method should be added to a suitable SSL* object that allows to retrieve information such as whether ECDH with which curves, or DH, or neither was used.

    @sruester sruester mannequin assigned tiran Feb 20, 2018
    @sruester sruester mannequin added topic-SSL type-feature A feature request or enhancement labels Feb 20, 2018
    @tiran
    Copy link
    Member

    tiran commented Feb 20, 2018

    I'd prefer to have a generic handshake info method that returns a structured object like a named tuple with handshake information. We could start with key exchange / key agreement, TLS version, cipher suite, etc. Later the method could be extended and include information such as signature algorithms, offered suites and versions (server-side), and more.

    @sruester
    Copy link
    Mannequin Author

    sruester mannequin commented Feb 20, 2018

    How about a new method crypto_information() and making cipher() a wrapper around that one? The former could return a named tupple with handshake information together with all other relevant crypto information about the current session.

    This would eliminate the need to define several new methods while keeping backwards compatibility of cipher().

    @tiran tiran added the 3.8 only security fixes label Feb 26, 2018
    @ezio-melotti ezio-melotti transferred this issue from another repository Apr 10, 2022
    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
    Assignees

    @tiran tiran

    Labels
    3.8 only security fixes topic-SSL type-feature A feature request or enhancement
    Projects
    None yet
    Milestone
    No milestone
    Development

    No branches or pull requests
    1 participant
    @tiran