New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Unsupported algorithm on RTCDtlsTransport.start #752

Closed
lgrahl opened this Issue Aug 30, 2017 · 3 comments

Comments

Projects
None yet
3 participants
@lgrahl
Contributor

lgrahl commented Aug 30, 2017

In the RTCDtlsTransport.start method, the implementation should check whether the fingerprint algorithm is supported and raise an appropriate exception.

For example, implementations may decide to not support SHA-1 but that does not make the DTLS parameters invalid. So, I don't think InvalidParameters is what we want to raise. My proposal would be NotSupportedError as it is also used in RTCCertificate.generateCertificate and in the Web Cryptography API for that purpose.

Related tweet from @ibc: https://twitter.com/ibc_tw/status/902121596613271552

@lgrahl

This comment has been minimized.

Contributor

lgrahl commented Aug 30, 2017

Having said this, IIRC there can be multiple fingerprints. So, if all of the provided fingerprints have been created by an unsupported algorithm, NotSupportedError should be raised.

@ibc

This comment has been minimized.

Contributor

ibc commented Aug 30, 2017

The issue is much worse in Edge. If you call setRemoteParameters by passing sha-1 (not supported in Edge) , sha-224 (not supported in Edge) and the others sha-256, sha-384 and sha-512 (all of them supported in Edge), Edge raises InvalidParameters, so it seems that it just takes the first algorithm.

@lgrahl

This comment has been minimized.

Contributor

lgrahl commented Aug 30, 2017

But that's Edge-specific then.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment