Why does the iOS app with TLS 1.3 offer SHA-1 as signature algorithm

App & System Services Networking
tapework OP
Created Oct ’23
Replies 4
Boosts 0
Views 664
Participants 2

I was investigating the Client Hello for my iOS app and saw that the TLS 1.3 handshake with Client Hello sends Signature Algorithm: rsa_pkcs1_sha1 (0x0201) Signature Hash Algorithm Hash: SHA1 (2) Signature Hash Algorithm Signature: RSA (1)

I thought SHA-1 is not being used anymore.

The Full list of offered signature_algorithms from the client

in the Extension: signature_algorithms (len=24) Type: signature_algorithms (13) Length: 24 Signature Hash Algorithms Length: 22 Signature Hash Algorithms (11 algorithms) Signature Algorithm: ecdsa_secp256r1_sha256 (0x0403) Signature Hash Algorithm Hash: SHA256 (4) Signature Hash Algorithm Signature: ECDSA (3) Signature Algorithm: rsa_pss_rsae_sha256 (0x0804) Signature Hash Algorithm Hash: Unknown (8) Signature Hash Algorithm Signature: SM2 (4) Signature Algorithm: rsa_pkcs1_sha256 (0x0401) Signature Hash Algorithm Hash: SHA256 (4) Signature Hash Algorithm Signature: RSA (1) Signature Algorithm: ecdsa_secp384r1_sha384 (0x0503) Signature Hash Algorithm Hash: SHA384 (5) Signature Hash Algorithm Signature: ECDSA (3) Signature Algorithm: ecdsa_sha1 (0x0203) Signature Hash Algorithm Hash: SHA1 (2) Signature Hash Algorithm Signature: ECDSA (3) Signature Algorithm: rsa_pss_rsae_sha384 (0x0805) Signature Hash Algorithm Hash: Unknown (8) Signature Hash Algorithm Signature: Unknown (5) Signature Algorithm: rsa_pss_rsae_sha384 (0x0805) Signature Hash Algorithm Hash: Unknown (8) Signature Hash Algorithm Signature: Unknown (5) Signature Algorithm: rsa_pkcs1_sha384 (0x0501) Signature Hash Algorithm Hash: SHA384 (5) Signature Hash Algorithm Signature: RSA (1) Signature Algorithm: rsa_pss_rsae_sha512 (0x0806) Signature Hash Algorithm Hash: Unknown (8) Signature Hash Algorithm Signature: Unknown (6) Signature Algorithm: rsa_pkcs1_sha512 (0x0601) Signature Hash Algorithm Hash: SHA512 (6) Signature Hash Algorithm Signature: RSA (1) Signature Algorithm: rsa_pkcs1_sha1 (0x0201) Signature Hash Algorithm Hash: SHA1 (2) Signature Hash Algorithm Signature: RSA (1)

Answered by tapework in 769638022

Hi !

I am using standard URLSession . no custom ATS settings. I can be reproduced with all fresh created apps in Xcode 15.

struct ContentView: View {
    @StateObject var client = NetworkClient()
    @State var text: String
    var body: some View {
        VStack {
            Image(systemName: "globe")
                .imageScale(.large)
                .foregroundStyle(.tint)
            Text(text)
        }.task {
            do {
                let res = try await client.request()
                self.text = res
            } catch {}
        }
        .padding()
    }
}

class NetworkClient: ObservableObject {
    func request() async throws -> String {
        let (data, _) = try await URLSession.shared.data(for: .init(url: .init(string: "https://www.apple.com")!))
        return String(data: data, encoding: .utf8) ?? "empty"
    }
}
Replies  4
Boosts  0
Views  664
Participants  2
DTS Engineer OP
Apple
Oct ’23

What API are you using? Network framework? URLSession? Something else?

If it’s URLSession, have you changed the ATS settings?

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0
tapework OP
Oct ’23
Accepted Answer

Hi !

I am using standard URLSession . no custom ATS settings. I can be reproduced with all fresh created apps in Xcode 15.

struct ContentView: View {
    @StateObject var client = NetworkClient()
    @State var text: String
    var body: some View {
        VStack {
            Image(systemName: "globe")
                .imageScale(.large)
                .foregroundStyle(.tint)
            Text(text)
        }.task {
            do {
                let res = try await client.request()
                self.text = res
            } catch {}
        }
        .padding()
    }
}

class NetworkClient: ObservableObject {
    func request() async throws -> String {
        let (data, _) = try await URLSession.shared.data(for: .init(url: .init(string: "https://www.apple.com")!))
        return String(data: data, encoding: .utf8) ?? "empty"
    }
}
0
DTS Engineer OP
Apple
Oct ’23

These TLS cypher suites use SHA-1 within HMAC, and SHA-1 is still generally considered secure in that case [1].

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

[1] Quoting the Fount of All Knowledge™:

However, SHA-1 is still secure for HMAC.

0
tapework OP
Oct ’23

thanks for the hint

0
Why does the iOS app with TLS 1.3 offer SHA-1 as signature algorithm
First post date Last post date
 
 
Q