tris: advertise PSS in Client Hello for TLS 1.3

Until PSS support is finalized for TLS 1.2, let's not advertise support
for that. Since TLS 1.3 however mandates PSS, we have no other option
than advertising this even if we have not added complete support.

Another reason why I apply it to just TLS 1.3 and not 1.2 is because the
latter would require updating the testdata.
This commit is contained in:
Peter Wu 2017-11-27 16:44:01 +00:00
parent 928e35b73a
commit 92d04f3ebd
2 changed files with 17 additions and 0 deletions

View File

@ -184,6 +184,22 @@ var supportedSignatureAlgorithms = []SignatureScheme{
ECDSAWithSHA1, ECDSAWithSHA1,
} }
// supportedSignatureAlgorithms13 lists the advertised signature algorithms
// allowed for digital signatures. It includes TLS 1.2 + PSS.
var supportedSignatureAlgorithms13 = []SignatureScheme{
PSSWithSHA256,
PKCS1WithSHA256,
ECDSAWithP256AndSHA256,
PSSWithSHA384,
PKCS1WithSHA384,
ECDSAWithP384AndSHA384,
PSSWithSHA512,
PKCS1WithSHA512,
ECDSAWithP521AndSHA512,
PKCS1WithSHA1,
ECDSAWithSHA1,
}
// ConnectionState records basic TLS details about the connection. // ConnectionState records basic TLS details about the connection.
type ConnectionState struct { type ConnectionState struct {
ConnectionID []byte // Random unique connection id ConnectionID []byte // Random unique connection id

View File

@ -105,6 +105,7 @@ NextCipherSuite:
// set legacy_version to TLS 1.2 for backwards compatibility. // set legacy_version to TLS 1.2 for backwards compatibility.
hello.vers = VersionTLS12 hello.vers = VersionTLS12
hello.supportedVersions = config.getSupportedVersions() hello.supportedVersions = config.getSupportedVersions()
hello.supportedSignatureAlgorithms = supportedSignatureAlgorithms13
} }
return hello, nil return hello, nil