Message signature

The list of algorithm pairs restricts which signature and hash algorithms can be used for handshake message digital signatures. A handshake message signature algorithm might be different from the signature algorithm of the certificate that is used for the session.

For instance, the handshake message might be protected by SHA256 even though a SHA1 certificate is selected for the session.

System TLS has the infrastructure to support the following message signature algorithms:

ECDSA_SHA512
ECDSA_SHA384
ECDSA_SHA256
ECDSA_SHA224
ECDSA_SHA1
RSA_PSS_SHA512
RSA_PSS_SHA384
RSA_PSS_SHA256
RSA_SHA512
RSA_SHA384
RSA_SHA256
RSA_SHA224
RSA_SHA1
RSA_MD5

Enabled signature algorithms

The System Service Tools (SST) Advanced Analysis command TLSCONFIG identifies the signature algorithms for use in handshake messages that are enabled on the system. Applications can negotiate secure sessions with only the signature algorithms that are listed for TLSCONFIG option supportedSignatureAlgorithmList.

To determine the current value of the enabled signature algorithm list on the system, use TLSCONFIG option display or the Retrieve TLS Attributes (QsoRtvTLSA) API.

If the enabled signature algorithm list must be changed on the system, use TLSCONFIG option supportedSignatureAlgorithmList to change the value. TLSCONFIG option h displays the help text that describes how to set the signature algorithm list. Only signature algorithm values that are listed in the help text can be added to the list.

Note: The TLSCONFIG supportedSignatureAlgorithmList setting is reset by installing the Licensed Internal Code (LIC).

Example of setting the ECDSA signature algorithms as the supported signature algorithms on the system:

TLSCONFIG -supportedSignatureAlgorithmList:36,35,34

System TLS with the latest PTF CUM package installed has the following list of supported signature algorithms:

ECDSA_SHA512
ECDSA_SHA384
ECDSA_SHA256
RSA_PSS_SHA512
RSA_PSS_SHA384
RSA_PSS_SHA256
RSA_SHA512
RSA_SHA384
RSA_SHA256

Default signature algorithms

When an application does not specify a signature algorithm list, the System TLS default signature algorithm list is used. Applications use this design to pick up new TLS support without requiring application code changes. The default signature algorithm list has no meaning for applications that explicitly specify the signature algorithm list for the application.

The default signature algorithm list on a system is the intersection of the enabled signature algorithm list and the eligible default signature algorithm list. The eligible default signature algorithm list is configured by using TLSCONFIG option defaultSignatureAlgorithmList.

To determine the current value of the eligible default signature algorithm list on the system, use TLSCONFIG option display or the Retrieve TLS Attributes (QsoRtvTLSA) API.

Consider changing the default signature algorithm settings only when no other configuration setting allows an application to interoperate with peers successfully. It is preferred to enable an older signature algorithm for only the specific application that requires it. When the application has an “application definition,” then this enablement is accomplished through the Digital Certificate Manager (DCM).

If the default signature algorithm list must be changed on the system, use TLSCONFIG option defaultSignatureAlgorithmList to change the value. TLSCONFIG option h displays the help text that describes how to set the signature algorithm list. Only signature algorithm values that are listed in the help text can be added to the list.

Note: The TLSCONFIG defaultSignatureAlgorithmList setting is reset by installing the Licensed Internal Code (LIC).

Example of setting the ECDSA signature algorithms as the default signature algorithms on the system:

TLSCONFIG -signatureAlgorithmList:36,35,34

The following displays the order of the shipped default signature algorithm list with the latest PTF CUM package installed:

ECDSA_SHA512
ECDSA_SHA384
ECDSA_SHA256
RSA_PSS_SHA512
RSA_PSS_SHA384
RSA_PSS_SHA256
RSA_SHA512
RSA_SHA384
RSA_SHA256