On 09/11/2018 08:38, Viktor Dukhovni wrote: > On the client side of a TLS connection, I'm easily able to find all > the primary parameters of interest: > > * The cipher used. > * The server signature algorithm (digest, and public key) > * The server key exchange algorithm (public key) > > enabling logging such as: > > TLS connection established to 127.0.0.1[127.0.0.1]:25: > TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) > signature ECDSA(P-256) digest SHA256 key-exchange X25519 > > I am having a bit of trouble finding the equivalent information for > the 3rd line on the server side. Anyone know how, in TLS 1.3 where > these are not implied by the ciphersuite, to determine the signature > algorithm (and curve for ECDSA), the hash algorithm and key exchange > public key (with bit count for DH or curve name for ECDSA)? I don't believe we currently expose the signature algorithm selected on the server side. It's held in s->s3->tmp.sigalg, but AFAICT that is only ever used internally. Similarly the key exchange public key is held in s->s3->peer_tmp. We do expose that via SSL_get_server_tmp_key(), but its a client side only function. We explicitly check that and return 0 if called on the server side. Matt > > Are these available for inspection by the server application? If > not, that may be an omission we need to address. > -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
