diff options
Diffstat (limited to 'epan/dissectors/packet-tls-utils.c')
-rw-r--r-- | epan/dissectors/packet-tls-utils.c | 29 |
1 files changed, 27 insertions, 2 deletions
diff --git a/epan/dissectors/packet-tls-utils.c b/epan/dissectors/packet-tls-utils.c index a2572b7b..2a60d835 100644 --- a/epan/dissectors/packet-tls-utils.c +++ b/epan/dissectors/packet-tls-utils.c @@ -1403,6 +1403,18 @@ const value_string tls13_key_update_request[] = { }; /* RFC 5246 7.4.1.4.1 */ +/* https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml */ +/* Note that the TLS 1.3 SignatureScheme registry reserves all values + * with first octet 0x00-0x06 and all values with second octet 0x00-0x03 + * for backwards compatiblilty with TLS 1.2 SignatureAndHashAlgorithm. + * + * RFC 8422 and RFC 9189 add official support in TLS 1.2 for some algorithms + * originally defined for TLS 1.3, and extend the TLS SignatureAlgorithm + * and TLS HashAlgorithm registries, but the new values are not compatible + * with all of the TLS 1.3-only SignatureSchemes. Adding those values could + * cause confusion if used to interpret one of those schemes in a + * signature_algorithms extension offered in a TLS 1.3 ClientHello. + */ const value_string tls_hash_algorithm[] = { { 0, "None" }, { 1, "MD5" }, @@ -1411,7 +1423,14 @@ const value_string tls_hash_algorithm[] = { { 4, "SHA256" }, { 5, "SHA384" }, { 6, "SHA512" }, - { 7, "SM3" }, +#if 0 + /* RFC 8422 adds this to the HashAlgorithm registry, but it really + * only applies to 0x0807 and 0x0808, not for other TLS 1.3 + * SignatureSchemes with 0x08 in the octet used for Hash in TLS 1.2. + * E.g., we don't want to display this for 0x0806 rsa_pss_rsae_sha512. + */ + { 8, "Intrinsic" }, +#endif { 0, NULL } }; @@ -1420,7 +1439,13 @@ const value_string tls_signature_algorithm[] = { { 1, "RSA" }, { 2, "DSA" }, { 3, "ECDSA" }, - { 4, "SM2" }, +#if 0 + /* As above. */ + { 7, "ED25519" }, + { 8, "ED448" }, + { 64, "GOSTR34102012_256" }, + { 65, "GOSTR34102012_512" }, +#endif { 0, NULL } }; |