[openssl-users] TLS 1.3 handshake: Limit signature algorithm?
Matt Caswell
matt at openssl.org
Thu Nov 2 10:45:26 UTC 2017
On 02/11/17 10:32, Christian Heimes wrote:
> However this trick will not work with TLS 1.3. The new TLS 1.3 cipher
> suites no longer specify authentication algorithm or key
> agreement/exchange. TLS 1.3 RFC specifies a signature_algorithms
> extension [5]. I could not find any API call in OpenSSL master to set
> the extension for TLS 1.3 handshakes.
Probably you want to look at these functions:
https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set1_sigalgs.html
Matt
More information about the openssl-users
mailing list