[erlang-questions] TLS 1.2 hash and signature selection
Andreas Schultz
aschultz@REDACTED
Thu Apr 28 09:57:10 CEST 2016
Hi,
I'm trying to understand how this code in tls_handshake.erl is
supposed to work:
available_signature_algs(undefined, SupportedHashSigns, _, {Major, Minor}) when (Major < 3) andalso (Minor < 3) ->
SupportedHashSigns;
available_signature_algs(#hash_sign_algos{hash_sign_algos = ClientHashSigns}, SupportedHashSigns,
_, {Major, Minor}) when (Major < 3) andalso (Minor < 3) ->
ordsets:intersection(ClientHashSigns, SupportedHashSigns);
available_signature_algs(_, _, _, _) ->
undefined.
The signature extension was introduce in TLS 1.2, but the
above code seems to perform signature algorithm filtering
only when the version is lower than TLS 1.2.
Or do I miss something?
Regards
Andreas
More information about the erlang-questions
mailing list