Tomas Mraz via RT
2014-10-08 17:12:41 UTC
When connecting to a virtual, SNI defined host openssl selects SHA1
digest instead of SHA512, as it does for the default host.
Steps to Reproduce:
1. openssl req -x509 -newkey rsa:2048 -keyout localhost.key -out localhost.crt -subj /CN=localhost -nodes -batch
2. openssl req -x509 -newkey rsa:2048 -keyout server.key -out server.crt -subj /CN=server -nodes -batch
3. openssl s_server -key localhost.key -cert localhost.crt -key2 server.key -cert2 server.crt -servername server
In other console, using OpenSSL 1.0.2:
1. openssl s_client -connect localhost:4433 </dev/null 2>/dev/null| grep 'Peer signing digest'
2. openssl s_client -connect localhost:4433 -servername server </dev/null 2>/dev/null| grep 'Peer signing digest'
Actual results:
1. Peer signing digest: SHA512
2. Peer signing digest: SHA1
Expected results:
1. Peer signing digest: SHA512
2. Peer signing digest: SHA512
See also: https://bugzilla.redhat.com/show_bug.cgi?id=1150033
I've investigated this a little and found that the second SSL context
that is used when the server receives the servername extension does not
have full copy of settings from the main context. Namely the
tls1_process_sigalgs() is not properly called for it. I am not sure what
would be the proper fix though.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
(You'll never know whether the road is wrong though.)
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-***@openssl.org
Automated List Manager ***@openssl.org
digest instead of SHA512, as it does for the default host.
Steps to Reproduce:
1. openssl req -x509 -newkey rsa:2048 -keyout localhost.key -out localhost.crt -subj /CN=localhost -nodes -batch
2. openssl req -x509 -newkey rsa:2048 -keyout server.key -out server.crt -subj /CN=server -nodes -batch
3. openssl s_server -key localhost.key -cert localhost.crt -key2 server.key -cert2 server.crt -servername server
In other console, using OpenSSL 1.0.2:
1. openssl s_client -connect localhost:4433 </dev/null 2>/dev/null| grep 'Peer signing digest'
2. openssl s_client -connect localhost:4433 -servername server </dev/null 2>/dev/null| grep 'Peer signing digest'
Actual results:
1. Peer signing digest: SHA512
2. Peer signing digest: SHA1
Expected results:
1. Peer signing digest: SHA512
2. Peer signing digest: SHA512
See also: https://bugzilla.redhat.com/show_bug.cgi?id=1150033
I've investigated this a little and found that the second SSL context
that is used when the server receives the servername extension does not
have full copy of settings from the main context. Namely the
tls1_process_sigalgs() is not properly called for it. I am not sure what
would be the proper fix though.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
(You'll never know whether the road is wrong though.)
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-***@openssl.org
Automated List Manager ***@openssl.org