New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
crypto/tls: advertise SHA512/RSA in SignatureHashAlgorithm #22422
Labels
Comments
/cc @FiloSottile |
This required adding support for SHA-512 signatures on CertificateVerify and ServerKeyExchange messages, because of the signatureAndHash extension overloading, which I'm not enthusiastic about. To @agl for decision. |
Change https://golang.org/cl/74950 mentions this issue: |
FiloSottile
added a commit
to FiloSottile/go
that referenced
this issue
Oct 12, 2018
This is the equivalent change to 1c10598 but for SHA-512. SHA-512 certificates are already supported by default since b53bb2c, but some servers will refuse connections if the algorithm is not advertised in the overloaded signatureAndHash extension (see 09b238f). This required adding support for SHA-512 signatures on CertificateVerify and ServerKeyExchange messages, because of said overloading. Some testdata/Client-TLSv1{0,1} files changed because they send a 1.2 ClientHello even if the server picks a lower version. Closes golang#22422 Change-Id: I16282d03a3040260d203711ec21e6b20a0e1e105 Reviewed-on: https://go-review.googlesource.com/74950 Run-TryBot: Filippo Valsorda <hi@filippo.io> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Adam Langley <agl@golang.org>
FiloSottile
added a commit
to FiloSottile/go
that referenced
this issue
Oct 12, 2018
This is the equivalent change to 1c10598 but for SHA-512. SHA-512 certificates are already supported by default since b53bb2c, but some servers will refuse connections if the algorithm is not advertised in the overloaded signatureAndHash extension (see 09b238f). This required adding support for SHA-512 signatures on CertificateVerify and ServerKeyExchange messages, because of said overloading. Some testdata/Client-TLSv1{0,1} files changed because they send a 1.2 ClientHello even if the server picks a lower version. Closes golang#22422 Change-Id: I16282d03a3040260d203711ec21e6b20a0e1e105 Reviewed-on: https://go-review.googlesource.com/74950 Run-TryBot: Filippo Valsorda <hi@filippo.io> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Adam Langley <agl@golang.org>
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
This issue relates to #9757
What version of Go are you using (
go version
)?go 1.8.3
Does this issue reproduce with the latest release?
Yes
What operating system and processor architecture are you using (
go env
)?Windows, x64
What did you do?
Tried to connect to SQL Server with go-mssql library with TLS 1.2. SQL server has a signed certificate using SHA512/RSA signature algorithm.
What did you expect to see?
Expect the communication to succeed.
What did you see instead?
Handshake fails with
TLS Handshake failed: Cannot read handshake packet: EOF
The handshake failure is due to SQL server closing the connection because the signature algorithm SHA512/RSA is not in the list of supported signature algorithms in the tls library sent in the ClientHello message. The list of supported signature algorithms currently is defined here: https://github.com/golang/go/blob/master/src/crypto/tls/common.go#L139
Interestingly enough the tls library does work with SHA512/RSA if SQL server is configured to use TLS 1.1 where the server basically gets to choose which signature algorithm it uses (decided by the SSL certificate) and it is up to the client to reject an unknown signature algorithm.
Because the tls library works with SHA512/RSA it should advertise that as a supported signature algorithm.
The text was updated successfully, but these errors were encountered: