如何在TLS1.2握手期间忽略服务器请求的签名哈希算法?
[英]How to ignore signature hash algorithm requested by server during TLS1.2 handshake?
问题描述
I have a C# application making a successful TCP TLS 1.0 connection with mutual authentication to another company's server. 
我有一个C#应用程序与另一家公司的服务器进行相互身份验证成功的TCP TLS 1.0连接。 It is implemented using SslStream class. 它是使用SslStream类实现的。 We are just one of many clients of this very large organisation. 我们只是这个大型组织的众多客户之一。
This TCP link above must undergo TLS 1.2 + SHA2 upgrade. 上面的TCP链接必须经过TLS 1.2 + SHA2升级。 After doing all necessary steps on our side and successful testing with our local servers we are still failing all attempts to connect to the remote server. 在我们这边做了所有必要的步骤并使用我们的本地服务器成功测试之后,我们仍然没有尝试连接到远程服务器。 A lengthy investigation revealed that during TLS Handshake the server is sending to us a certificate request with only option for Signature Hash Algorithm = SHA1-RSA (see picture below). 一项冗长的调查显示,在TLS握手期间,服务器向我们发送证书请求, 只有签名哈希算法= SHA1-RSA选项(见下图)。 Our cerificate is SHA256. 我们的证书是SHA256。 As a result, SslStream is not sending our certificate to the server at all and the server sees this as a Handshake Failure and closes down the connection. 因此,SslStream根本不会将我们的证书发送到服务器,服务器将其视为握手失败并关闭连接。
The reason for this nuisance is that our counterparty uses very old (10.x) version of F5 firewall to terminate SSL. 造成这种麻烦的原因是我们的对手方使用非常旧的(10.x)版本的F5防火墙来终止SSL。 It only sends SHA1/RSA Signature Hash Algorithm in the certificate request although it supports the client's SHA2 certificates. 它仅在证书请求中发送SHA1 / RSA签名哈希算法,尽管它支持客户端的SHA2证书。
While admitting the facts above, our counterparty is unable to upgrade F5 soon enough. 在承认上述事实的同时,我们的对手方无法尽快升级F5。 They suggested to ignore the requested Signature Hash Algorithm and send our SHA256 certificate anyway. 他们建议忽略所请求的签名哈希算法并发送我们的SHA256证书。 Apparently other clients connecting to them were able to do that somehow. 显然,连接到他们的其他客户能够以某种方式做到这一点。
Unfortunately,.Net's SslStream does not provide that level of fine tuning for TLS handshake. 不幸的是,.Net的SslStream没有为TLS握手提供那种级别的微调。
Hence the question: is it possible to ignore the server's request for SHA1RSA-based certificate at all? 因此,问题是:是否可以忽略服务器对基于SHA1RSA的证书的请求? What options do I have? 我有什么选择? Are there SslStream alternatives that implement TLS 1.2? 是否存在实现TLS 1.2的SslStream替代方案? Is there an open-source third-party solution? 是否有开源的第三方解决方案? Any suggestion would be helpful. 任何建议都会有所帮助。 Thanks in advance. 提前致谢。
1 个解决方案
解决方案1
0 已采纳 2019-08-20 01:35:48
The issue above was eventually resolved without any special code changes: a proxy server added on our side. 上面的问题最终解决了,没有任何特殊的代码更改:我们这边添加了一个代理服务器。 It took care of communication with the other party. 它负责与对方的沟通。 The proxy server is able to ignore the specific SHA1/RSA Signature Hash Algorithm in the incoming certificate request. 代理服务器能够忽略传入证书请求中的特定SHA1 / RSA签名哈希算法。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.