[openssl-dev] Using TLSv1.2

[Dr. Stephen Henson]

On Tue, Mar 24, 2015, ???????????? ?????????????????? wrote:

> I use the openssl library in the project and use client certificate
> verification. When using protocol TLSv1.2 I have a problem with data
> encryption, using the private key of the client certificate. This is due to
> the fact that the certificate validation server selected encryption
> algorithm that is not supported by the crypt used to encrypt the signature
> on the client certificate (failure in method capi_rsa_sign of e_capi.c
> file).
> Now I have corrected the behavior as follows:
> - the method ssl3_send_client_certificate after selecting a client
> certificate makes cleaning pkeys [i].digest
> - the method ssl_set_cert if pkeys [i] .digest not specified, specify it.
> 
> After that I worked with an application protocol TLSv1.2
> 
> Is this correct or am I wrong to fix the library using openssl?

There are two ways to address this. One is to fix e_capi.c to use more digest
algorithms (though this wont help if the underlying CSP doesn't support them).
There is a fix in RT for this but it isn't in OpenSSL itself yet.

The other requires OpenSSL 1.0.2 where you can set a list of supported
signature algorithms for client authentication and OpenSSL will only use those
common to server and client for client authentication.

For that latter solution you  can use SSL_CTX_set1_client_sigalgs_list() which
takes a string argument in the same format as that used for the
SignatureAlgorithms command of SSL_CONF:

"The value argument should be a colon separated list of signature
algorithms in order of decreasing preference of the form algorithm+hash.
algorithm is one of RSA, DSA or ECDSA and hash is a supported
algorithm OID short name such as SHA1, SHA224, SHA256, SHA384 of
SHA512. Note: algorithm and hash names are case sensitive."

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org