From 3c202136bcc8fcc94ef2b45bd24548f08012da50 Mon Sep 17 00:00:00 2001 From: Yang Wang Date: Wed, 4 Dec 2024 18:49:32 -0800 Subject: [PATCH] add PKCS1.5 and Legacy algorithms to fizz::toString Summary: Fizz does not support these algorithms, but since Fizz is often used to read the initial TLS ClientHello, which may be from an older version of TLS, it is helpful to be able to print these values. Reviewed By: mingtaoy Differential Revision: D66736193 fbshipit-source-id: 8b3b5403d0fa09c873e59aac463e4f171b14e17a --- fizz/record/Types.cpp | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/fizz/record/Types.cpp b/fizz/record/Types.cpp index 256e9cc73cd..513a50e666c 100644 --- a/fizz/record/Types.cpp +++ b/fizz/record/Types.cpp @@ -236,6 +236,25 @@ std::string toString(SignatureScheme sigScheme) { case SignatureScheme::rsa_pss_sha256_batch: return "rsa_pss_sha256_batch"; } + // Handle legacy/compatibility algorithms + uint16_t val = static_cast(sigScheme); + switch (val) { + // RSASSA-PKCS1-v1_5 algorithms + case 0x0401: + return "rsa_pkcs1_sha256"; + case 0x0501: + return "rsa_pkcs1_sha384"; + case 0x0601: + return "rsa_pkcs1_sha512"; + // Fizz does not support these algorithms. They are listed + // here solely to aid in debugging when printing non-TLS 1.3 + // ClientHellos (for example, in the fizzHandshakeFallback + // path) + case 0x0201: + return "rsa_pkcs1_sha1"; + case 0x0203: + return "ecdsa_sha1"; + } return enumToHex(sigScheme); }