Signature algorithm extension header in backend SSL handshake
Article ID: CTX227910
Updated On:
Description
As per the rfc5246 in tls1.2 during SSL handshake, a client sends a list of supported signature hash (sighash) algorithms. The client uses the "signature_algorithms" extension to indicate to the server which sighash algorithm pairs may be used in the SSL handshake messages. This value will be communicated in the client hello packet. If the server does not support any of these algorithms, the connection is dropped and server will close the connection by sending a Reset packet.
Till version 11.1 build 54.14 the Netscaler was supporting very limited signature hash algorithms in backend communication. The Netscaler was sending RSA-MD5, RSA-SHA1 and RSA-SHA256. In addition, the VPX appliance supported ECDSA-SHA1 and ECDSA-SHA12 during backend connection.
From 12.0 and 11.1 build 54.14 we support following signature hash algorithms.
- On a VPX instance:
- RSA-MD5
- RSA-SHA1
- RSA-SHA224
- RSA-SHA256
- RSA-SHA384
- RSA-SHA512
- DSA-SHA1
- DSA-SHA224
- DSA-SHA256
- DSA-SHA384
- DSA-SHA512
- On an MPX/SDX appliance with N3 chips:
- RSA-MD5
- RSA-SHA1
- RSA-SHA224
- RSA-SHA256
- RSA-SHA384
- RSA-SHA512
- ECDSA-SHA1
- ECDSA-SHA224
- ECDSA-SHA256
- ECDSA-SHA384
- ECDSA-SHA512
- On an MPX/SDX appliance without N3 chips:
- RSA-MD5
- RSA-SHA1
- RSA-SHA224
- RSA-SHA256
- RSA-SHA384
- RSA-SHA512
In these latest of 11.1 and 12.0 version we have additional ssl parameter called “Signature and Hash Algorithms supported by TLS1.2”. This parameter field defines the signature hash algorithms which will used during ssl handshake.
> sh ssl parameter
Advanced SSL Parameters
-----------------------
SSL quantum size : 8 KB
Max CRL memory size : 256 MB
Strict CA checks : NO
Encryption trigger timeout : 100 ms
Send Close-Notify : YES
Encryption trigger packet count : 45
Deny SSL Renegotiation : ALL
Subject/Issuer Name Insertion Format : Unicode
OCSP cache size : 10 MB
Push flag : 0x0 (Auto)
Strict Host Header check for SNI enabled SSL sessions : NO
PUSH encryption trigger timeout : 1 ms
Crypto Device Disable Limit : 0
Global undef action for control policies : CLIENTAUTH
Global undef action for data policies : NOOP
Default profile : DISABLED
SSL Insert Space in Certificate Header : YES
Disable TLS 1.1/1.2 for SSL_BRIDGE secure monitors : 0
Disable TLS 1.1/1.2 for dynamic and VPN services : 0
Software Crypto acceleration CPU Threshold : 0
Hybrid FIPS Mode : DISABLED
Signature and Hash Algorithms supported by TLS1.2 : ALL
By default the value for this parameter is “ALL”. If the requirement is to send some of signature algorithm extension then we can modify this parameter. For example if our requirement is to send the RSA-SHA224, RSA-SHA256, RSA-SHA384, RSA-SHA512 signature hash algorithm then we can use the below command to do the same.
set ssl parameter -sigDigestType RSA-SHA224 RSA-SHA256 RSA-SHA384 RSA-SHA512
Once we force the signature hash algorithm the change will be reflected in ssl parameter.
> sh ssl parameter
Advanced SSL Parameters
-----------------------
SSL quantum size : 8 KB
Max CRL memory size : 256 MB
Strict CA checks : NO
Encryption trigger timeout : 100 ms
Send Close-Notify : YES
Encryption trigger packet count : 45
Deny SSL Renegotiation : ALL
Subject/Issuer Name Insertion Format : Unicode
OCSP cache size : 10 MB
Push flag : 0x0 (Auto)
Strict Host Header check for SNI enabled SSL sessions : NO
PUSH encryption trigger timeout : 1 ms
Crypto Device Disable Limit : 0
Global undef action for control policies : CLIENTAUTH
Global undef action for data policies : NOOP
Default profile : DISABLED
SSL Insert Space in Certificate Header : YES
Disable TLS 1.1/1.2 for SSL_BRIDGE secure monitors : 0
Disable TLS 1.1/1.2 for dynamic and VPN services : 0
Software Crypto acceleration CPU Threshold : 0
Hybrid FIPS Mode : DISABLED
Signature and Hash Algorithms supported by TLS1.2 : RSA-SHA224 RSA-SHA256 RSA-SHA384 RSA-SHA512
In above example since we are restricting signature hash algorithm which we send. We can see the same in the below capture that the Netscaler is sending only configured signature hash algorithm.
Extension: signature_algorithms
Type: signature_algorithms (0x000d)
Length: 10
Signature Hash Algorithms Length: 8
Signature Hash Algorithms (4 algorithms)
Signature Hash Algorithm: 0x0601
Signature Hash Algorithm Hash: SHA512 (6)
Signature Hash Algorithm Signature: RSA (1)
Signature Hash Algorithm: 0x0501
Signature Hash Algorithm Hash: SHA384 (5)
Signature Hash Algorithm Signature: RSA (1)
Signature Hash Algorithm: 0x0401
Signature Hash Algorithm Hash: SHA256 (4)
Signature Hash Algorithm Signature: RSA (1)
Signature Hash Algorithm: 0x0301
Signature Hash Algorithm Hash: SHA224 (3)
Signature Hash Algorithm Signature: RSA (1)
Was this article helpful?
Yes
No
Powered by
