signature_algorithms in client hello in FIPS mode

Previous Topic Next Topic
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

signature_algorithms in client hello in FIPS mode

OpenSSL removes the RSA/MD5 combination from the tls12_sigalgs[] table in the tls12_get_req_sig_algs() function when FIPS mode is in effect.  (This reduced set of signature/hash algorithm pairs is used to fill in the "supported_signature_algorithms" field in the TLS 1.2 Certificate Request message when client authentication is in play.)

Shouldn't that same logic apply to ssl_add_clienthello_tlsext() and the "signature_algorithms" extension when FIPS mode is in effect?

        if (TLS1_get_client_version(s) >= TLS1_2_VERSION)
                if ((size_t)(limit - ret) < sizeof(tls12_sigalgs) + 6)
                        return NULL;
                s2n(sizeof(tls12_sigalgs) + 2, ret);
                s2n(sizeof(tls12_sigalgs), ret);
- memcpy(ret, tls12_sigalgs, sizeof(tls12_sigalgs));
+ len = tls12_get_req_sig_algs(s, ret);
- ret += sizeof(tls12_sigalgs);
+ ret += len;

OpenSSL Project                       
Development Mailing List                       [hidden email]
Automated List Manager                           [hidden email]