search

eduardsui / tlse

Single C file TLS 1.2/1.3 implementation, using tomcrypt as crypto library
Other
540 stars 89 forks source link

nginx servers need signature algorithm extension #58

Open classilla opened 3 years ago

classilla commented 3 years ago

Without it they throw an ALERT MESSAGE 0x02 0x50 which is of course totally unhelpful. Increasing extension_len by 22 and then adding this extension to the hello seems to fix it. Note this pretty much allows any kind of cert; maybe we should pare it back to what TLSe actually supports.

                /* CK: accept any signature algorithm */
                tls_packet_uint16(packet, 0x000d);
                tls_packet_uint16(packet, 0x0012);
                tls_packet_uint16(packet, 0x0010);
                tls_packet_uint16(packet, 0x0401);
                tls_packet_uint16(packet, 0x0403);
                tls_packet_uint16(packet, 0x0501);
                tls_packet_uint16(packet, 0x0503);
                tls_packet_uint16(packet, 0x0601);
                tls_packet_uint16(packet, 0x0603);
                tls_packet_uint16(packet, 0x0201);
                tls_packet_uint16(packet, 0x0203);
eduardsui commented 3 years ago

Didn't know that. Can you provide an address to test it with?

This is the list of supported signatures:

            if (!context->is_server) {
                // signature algorithms
                tls_packet_uint16(packet, 0x0D);
                tls_packet_uint16(packet, 24);
                tls_packet_uint16(packet, 22);
                tls_packet_uint16(packet, 0x0403);
                tls_packet_uint16(packet, 0x0503);
                tls_packet_uint16(packet, 0x0603);
                tls_packet_uint16(packet, 0x0804);
                tls_packet_uint16(packet, 0x0805);
                tls_packet_uint16(packet, 0x0806);
                tls_packet_uint16(packet, 0x0401);
                tls_packet_uint16(packet, 0x0501);
                tls_packet_uint16(packet, 0x0601);
                tls_packet_uint16(packet, 0x0203);
                tls_packet_uint16(packet, 0x0201);
            }
classilla commented 3 years ago

lobste.rs and ish.app were the ones I believe I ran into this first on.

eduardsui commented 3 years ago

Ok, so after a little debugging, ish.app and std.fyi are working. Not sure about lobste.rs. I think is the same problem that Ron is having. I'm comparing clienthello generated with openssl and TLSe. OpenSSl works, mine doesn't...

dpronin commented 1 month ago

@classilla this has helped me

dpronin commented 1 week ago

@classilla could we close the issue?

classilla commented 1 week ago

I have my own fork of TLSe now and made my own fix for this a long time ago, so I can't say if your fix works or not.