[TLS] TLSv1.2 - Is zero signature allowed in client CertificateVerify message?

Viktor Dukhovni openssl-users at dukhovni.org
Tue Sep 3 15:38:25 UTC 2019

> On Sep 3, 2019, at 11:27 AM, M K Saravanan <mksarav at gmail.com> wrote:
> Thanks Richard for the reply.  Let me rephrase my question:
> If a client encounter any error condition (e.g. does not have access to the private key for whatever reason) in generating the signature, can it send zero bytes in the signature field of CertificateVerify message to indicate the error condition?  Is this allowed in TLS 1.2 RFC?

There is nothing special about an all zero or any other
sequence of characters in the signature.  A signature is
either valid or not.  A client that does not possess the
private key for its certificate can decline the server's
request for a client certificate, by sending a zero-length
ClientCertificate and no ClientVerify.


More information about the openssl-users mailing list