Fix #89: Clarify SignatureAndHash ambiguity in report output #138
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This commit addresses the ambiguity in the TLS-Scanner report where "Supported Signature and Hash Algorithms" didn't clearly distinguish between handshake signature algorithms (used in Server Key Exchange) and certificate signature algorithms. Changes: - Updated ServerReportPrinter to display "Supported Handshake Signature Algorithms (Server Key Exchange)" instead of the generic "Supported Signature and Hash Algorithms" - Updated ServerContainerReportCreator with the same clarification - Also updated the TLS 1.3 section title to "Supported Handshake Signature Algorithms TLS 1.3" for consistency This makes it clear that these algorithms are specifically for handshake signatures, not certificate signatures. Certificate signature algorithms continue to be displayed within each certificate's details as before.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
This PR addresses issue #89 by clarifying the ambiguity in TLS-Scanner reports regarding signature and hash algorithms.
Problem
The report section titled "Supported Signature and Hash Algorithms" was ambiguous because it didn't clearly indicate whether these were:
This could cause confusion when analyzing scan results, as noted in the issue.
Solution
Updated the report headings to be more specific:
These changes make it clear that the displayed algorithms are specifically for handshake signatures, not certificate signatures. Certificate signature algorithms continue to be displayed within each certificate's details section as before.
Changes Made
ServerReportPrinter.java: Updated heading text inappendSignatureAndHashAlgorithms()methodServerContainerReportCreator.java: Updated heading text inappendSignatureAndHashAlgorithms()methodTesting
mvn clean compilemvn spotless:applyFixes #89