Wireshark seems couldn't handle TLS 1.2 "signature algorithm" correctly, it seems always "RSA_PKCS1_SHA256 (0X0401)"
Summary
TLS 1.2 "signature algorithm" seems always "RSA_PKCS1_SHA256 (0X0401)", even though website using RSA-PSS-SHA256 actually.
Steps to reproduce
- Wireshark start capturing
- Visit a website which is using RSA-PSS-SHA256 for signature algorithm, such as https://cr.yp.to , you can verify in Firefox F12 tools -> network.
- Wireshark says signature slgorithm is "rsa_pkcs1_sha256 (0x0401)"
What is the current bug behavior?
Wireshark seems couldn't handle TLS 1.2 "signature algorithm" correctly, it seems always "RSA_PKCS1_SHA256 (0X0401)"
What is the expected correct behavior?
Handle TLS 1.2 "signature algorithm" correctly.
Sample capture file
Relevant logs and/or screenshots
Build information
3.6.3 (v3.6.3-0-g6d348e46)
Compiled (64-bit) using Microsoft Visual Studio 2019 (VC++ 14.29, build 30139), with Qt 5.15.2, with libpcap, with GLib 2.66.4, with zlib 1.2.11, with Lua 5.2.4, with GnuTLS 3.6.3 and PKCS #11 (closed) support, with Gcrypt 1.8.3, with MIT Kerberos, with MaxMind DB resolver, with nghttp2 1.44.0, with brotli, with LZ4, with Zstandard, with Snappy, with libxml2 2.9.10, with libsmi 0.4.8, with QtMultimedia, with automatic updates using WinSparkle 0.5.7, with AirPcap, with SpeexDSP (using bundled resampler), with Minizip.
Running on 64-bit Windows 10 (21H2), build 19044, with Intel(R) Pentium(R) CPU G3250 @ 3.20GHz (with SSE4.2), with 16296 MB of physical memory, with GLib 2.66.4, with Qt 5.15.2, with Npcap version 1.60, based on libpcap version 1.10.2-PRE-GIT, with c-ares 1.17.0, with GnuTLS 3.6.3, with Gcrypt 1.8.3, with nghttp2 1.44.0, with brotli 1.0.9, with LZ4 1.9.3, with Zstandard 1.4.0, without AirPcap, with light display mode, without HiDPI, with LC_TYPE=Chinese (Simplified)_China.utf8, binary plugins supported (21 loaded).