[openssl-users] Server-side visibility of signature algorithm and key exchange properties?
Matt Caswell
matt at openssl.org
Fri Nov 9 18:42:28 UTC 2018
On 09/11/2018 08:38, Viktor Dukhovni wrote:
> On the client side of a TLS connection, I'm easily able to find all
> the primary parameters of interest:
>
> * The cipher used.
> * The server signature algorithm (digest, and public key)
> * The server key exchange algorithm (public key)
>
> enabling logging such as:
>
> TLS connection established to 127.0.0.1[127.0.0.1]:25:
> TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
> signature ECDSA(P-256) digest SHA256 key-exchange X25519
>
> I am having a bit of trouble finding the equivalent information for
> the 3rd line on the server side. Anyone know how, in TLS 1.3 where
> these are not implied by the ciphersuite, to determine the signature
> algorithm (and curve for ECDSA), the hash algorithm and key exchange
> public key (with bit count for DH or curve name for ECDSA)?
I don't believe we currently expose the signature algorithm selected on
the server side. It's held in s->s3->tmp.sigalg, but AFAICT that is only
ever used internally.
Similarly the key exchange public key is held in s->s3->peer_tmp. We do
expose that via SSL_get_server_tmp_key(), but its a client side only
function. We explicitly check that and return 0 if called on the server
side.
Matt
>
> Are these available for inspection by the server application? If
> not, that may be an omission we need to address.
>
More information about the openssl-users
mailing list