Selecting a cipher based on "signature_algorithms" #193
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Function credentialCanDecrypt allowed a non-RSA credential when the certificate did not have a key usage.
Now that signature_algorithms extension is used to sign the ServerKeyXchg, this creates a possibility that client and server don't agree on the hash algorithm. When this happens a cipher with a different key-exchange should have been selected. We now skip ciphers when the key-exchange is not possible because of this reason.
core/Network/TLS/Handshake/Server.hs
Outdated
| TLS12 -> let -- Build a list of all signature algorithms with at least | ||
| -- one hash algorithm common between client and server. | ||
| -- May contain duplicates, as it is only used for `elem`. | ||
| sigAlgExt = extensionLookup extensionID_SignatureAlgorithms exts >>= extensionDecode False |
There was a problem hiding this comment.
The code here is a copy-and-paste.
They should be a function to avoid redundancy.
There was a problem hiding this comment.
Yes you're right. I added that function.
|
I guess that it's time to release a new version. |
|
Thanks. I created two new issues for things we could continue further, but I don't plan to work on them immediately. Anyone can self-assign. A new release is a good idea, we have already 70 commits since 1.3.9. |
|
@vincenthz Let's release a new version. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This extends #177 so that the "signature_algorithms" extension impacts cipher selection as discussed in #191.
I added a new test case specific to TLS 1.2 where handshake can either succeed or fail depending on client and server
supportedHashSignatures. This could be further extended to test more TLS 1.2 extensions like "supported_groups" when we implement it.I also added code for DSA certificates, so that the QuickCheck properties can test more combinations.