mirror of
https://github.com/refraction-networking/utls.git
synced 2025-04-03 20:17:36 +03:00
crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3
Support for Ed25519 certificates was added in CL 175478, this wires them up into the TLS stack according to RFC 8422 (TLS 1.2) and RFC 8446 (TLS 1.3). RFC 8422 also specifies support for TLS 1.0 and 1.1, and I initially implemented that, but even OpenSSL doesn't take the complexity, so I just dropped it. It would have required keeping a buffer of the handshake transcript in order to do the direct Ed25519 signatures. We effectively need to support TLS 1.2 because it shares ClientHello signature algorithms with TLS 1.3. While at it, reordered the advertised signature algorithms in the rough order we would want to use them, also based on what curves have fast constant-time implementations. Client and client auth tests changed because of the change in advertised signature algorithms in ClientHello and CertificateRequest. Fixes #25355 Change-Id: I9fdd839afde4fd6b13fcbc5cc7017fd8c35085ee Reviewed-on: https://go-review.googlesource.com/c/go/+/177698 Run-TryBot: Filippo Valsorda <filippo@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Adam Langley <agl@golang.org>
This commit is contained in:
Filippo Valsorda
parent
6c11745f0b
commit
28958b0da6
84 changed files with 4977 additions and 3938 deletions
100
testdata/Client-TLSv10-ClientCert-ECDSA-ECDSA
vendored
100
testdata/Client-TLSv10-ClientCert-ECDSA-ECDSA
vendored
|
|
@ -1,5 +1,5 @@
|
|||
>>> Flow 1 (client to server)
|
||||
00000000 16 03 01 00 f8 01 00 00 f4 03 03 00 00 00 00 00 |................|
|
||||
00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................|
|
||||
00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
|
||||
00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....|
|
||||
00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
|
||||
|
|
@ -7,20 +7,20 @@
|
|||
00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#|
|
||||
00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5|
|
||||
00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................|
|
||||
00000080 01 00 00 79 00 05 00 05 01 00 00 00 00 00 0a 00 |...y............|
|
||||
00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............|
|
||||
00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................|
|
||||
000000a0 00 00 0d 00 18 00 16 08 04 08 05 08 06 04 01 04 |................|
|
||||
000000b0 03 05 01 05 03 06 01 06 03 02 01 02 03 ff 01 00 |................|
|
||||
000000c0 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 03 03 |.......+........|
|
||||
000000d0 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f e5 7d |....3.&.$... /.}|
|
||||
000000e0 a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 ff f6 |.G.bC.(.._.).0..|
|
||||
000000f0 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |........_X.;t|
|
||||
000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................|
|
||||
000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................|
|
||||
000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......|
|
||||
000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /|
|
||||
000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0|
|
||||
000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t|
|
||||
>>> Flow 2 (server to client)
|
||||
00000000 16 03 01 00 59 02 00 00 55 03 01 80 87 8d 86 82 |....Y...U.......|
|
||||
00000010 b7 ab d8 7d 1c b5 86 ca 1c af 7e c0 07 6d 43 3e |...}......~..mC>|
|
||||
00000020 10 59 aa 08 19 ae d0 b8 a1 f5 23 20 b6 3d 32 8b |.Y........# .=2.|
|
||||
00000030 f9 52 1a 01 eb 69 35 7c be 2d a9 ca 55 21 f3 b3 |.R...i5|.-..U!..|
|
||||
00000040 87 89 1e 05 cb cb 5d af 97 84 7e 07 c0 09 00 00 |......]...~.....|
|
||||
00000000 16 03 01 00 59 02 00 00 55 03 01 94 1f ba 79 da |....Y...U.....y.|
|
||||
00000010 4b 58 3e 08 2c c5 31 36 a4 7e 32 bf e1 a0 f7 71 |KX>.,.16.~2....q|
|
||||
00000020 01 48 63 3c 5f cb 08 7a 25 80 c7 20 35 0c c0 8b |.Hc<_..z%.. 5...|
|
||||
00000030 df 30 fc dc 3d f1 48 96 0d b6 ff a8 cd 35 29 57 |.0..=.H......5)W|
|
||||
00000040 7d 3f c2 9d e2 32 b1 c2 4c 05 5e 3b c0 09 00 00 |}?...2..L.^;....|
|
||||
00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................|
|
||||
00000060 01 02 0e 0b 00 02 0a 00 02 07 00 02 04 30 82 02 |.............0..|
|
||||
00000070 00 30 82 01 62 02 09 00 b8 bf 2d 47 a0 d2 eb f4 |.0..b.....-G....|
|
||||
|
|
@ -55,18 +55,18 @@
|
|||
00000240 13 83 0d 94 06 bb d4 37 7a f6 ec 7a c9 86 2e dd |.......7z..z....|
|
||||
00000250 d7 11 69 7f 85 7c 56 de fb 31 78 2b e4 c7 78 0d |..i..|V..1x+..x.|
|
||||
00000260 ae cb be 9e 4e 36 24 31 7b 6a 0f 39 95 12 07 8f |....N6$1{j.9....|
|
||||
00000270 2a 16 03 01 00 b5 0c 00 00 b1 03 00 1d 20 db cd |*............ ..|
|
||||
00000280 1a f4 85 72 91 7c ee 8c 5c 02 c7 5b 09 c3 97 5b |...r.|..\..[...[|
|
||||
00000290 5a 5c 2a af 84 5d 40 e9 2a e6 71 29 85 5d 00 8b |Z\*..]@.*.q).]..|
|
||||
000002a0 30 81 88 02 42 00 ec 5a 5c b8 29 7d b6 58 15 62 |0...B..Z\.)}.X.b|
|
||||
000002b0 b4 45 21 84 d6 d8 3a cc b8 c5 ff 79 66 07 57 28 |.E!...:....yf.W(|
|
||||
000002c0 29 af 1d e3 cf db 1b 23 bb 5a 2f 23 8f 29 ed d4 |)......#.Z/#.)..|
|
||||
000002d0 6c 3b ab a4 09 76 38 cf 63 bf 74 f9 5b 87 a2 e2 |l;...v8.c.t.[...|
|
||||
000002e0 b7 1c 03 29 bd c6 1e 02 42 01 65 17 a6 34 04 01 |...)....B.e..4..|
|
||||
000002f0 f4 f6 57 95 85 44 57 f5 34 02 aa fa 8b 63 57 69 |..W..DW.4....cWi|
|
||||
00000300 6f e4 23 8a e6 c2 c4 4a b9 ac a9 44 3e c7 bc 47 |o.#....J...D>..G|
|
||||
00000310 77 ae fe 22 14 5f bc 1c e2 20 ab 3f f6 dd c3 8f |w.."._... .?....|
|
||||
00000320 ed dd 39 c3 47 01 28 66 33 e6 c6 16 03 01 00 0a |..9.G.(f3.......|
|
||||
00000270 2a 16 03 01 00 b5 0c 00 00 b1 03 00 1d 20 1a 74 |*............ .t|
|
||||
00000280 c4 96 9e 65 45 9a 0a 01 7c ed 7b 51 01 d8 ba 5b |...eE...|.{Q...[|
|
||||
00000290 3e 2f b1 4b 36 69 e8 47 75 7e 27 be b3 2f 00 8b |>/.K6i.Gu~'../..|
|
||||
000002a0 30 81 88 02 42 01 cb 20 d9 1e ae 05 6f 1f 37 ce |0...B.. ....o.7.|
|
||||
000002b0 dc 38 20 2f 8f 52 9a 92 f6 80 d6 f9 97 99 a5 8b |.8 /.R..........|
|
||||
000002c0 6e 73 0b 95 a4 4e 82 67 bd 1a 34 d9 5c 4e b4 d7 |ns...N.g..4.\N..|
|
||||
000002d0 35 e6 45 81 14 23 9c 4e 5a 4c 1b 93 fd 7f 43 18 |5.E..#.NZL....C.|
|
||||
000002e0 db 54 4b e0 d1 d3 fa 02 42 00 ab 8e 34 d5 c2 04 |.TK.....B...4...|
|
||||
000002f0 d0 a4 44 b1 b3 25 a0 af c8 80 b3 88 ae da b3 c6 |..D..%..........|
|
||||
00000300 4f 57 ae 31 54 c6 d9 ee 4e 21 56 01 cc b9 6a e9 |OW.1T...N!V...j.|
|
||||
00000310 e9 7e 62 2a 64 0e a4 a0 79 1e a3 64 52 70 b1 a5 |.~b*d...y..dRp..|
|
||||
00000320 19 2c a4 6d 4b 3b a3 63 ed 56 2f 16 03 01 00 0a |.,.mK;.c.V/.....|
|
||||
00000330 0d 00 00 06 03 01 02 40 00 00 16 03 01 00 04 0e |.......@........|
|
||||
00000340 00 00 00 |...|
|
||||
>>> Flow 3 (client to server)
|
||||
|
|
@ -105,30 +105,30 @@
|
|||
00000200 e4 fa cc b1 8a ce e2 23 a0 87 f0 e1 67 51 eb 16 |.......#....gQ..|
|
||||
00000210 03 01 00 25 10 00 00 21 20 2f e5 7d a3 47 cd 62 |...%...! /.}.G.b|
|
||||
00000220 43 15 28 da ac 5f bb 29 07 30 ff f6 84 af c4 cf |C.(.._.).0......|
|
||||
00000230 c2 ed 90 99 5f 58 cb 3b 74 16 03 01 00 91 0f 00 |...._X.;t.......|
|
||||
00000240 00 8d 00 8b 30 81 88 02 42 01 b1 4c 5b 98 0d 02 |....0...B..L[...|
|
||||
00000250 57 ed 5a 6a ba b2 25 b8 fe ab 0b c2 d2 f7 4f cf |W.Zj..%.......O.|
|
||||
00000260 05 fd 66 85 85 10 da 84 b5 30 76 92 70 5f 73 5b |..f......0v.p_s[|
|
||||
00000270 5e c1 ce 1d 3c 88 1d 50 b1 85 f8 66 07 a8 16 6a |^...<..P...f...j|
|
||||
00000280 f0 d5 61 80 e2 8e 75 dc e2 e1 45 02 42 01 2f 2f |..a...u...E.B.//|
|
||||
00000290 17 58 50 18 25 9e 99 9c 89 69 aa 55 69 26 6d 88 |.XP.%....i.Ui&m.|
|
||||
000002a0 8d c9 76 8b d5 40 5e 9d 0b f5 9f 6f dd 93 94 50 |..v..@^....o...P|
|
||||
000002b0 c0 6e c5 7a 4d 9e fb 64 61 31 88 be fa 0c 11 b8 |.n.zM..da1......|
|
||||
000002c0 ab 7e 7c 3d bf 4e da de aa aa 19 af 1c 1f 35 14 |.~|=.N........5.|
|
||||
000002d0 03 01 00 01 01 16 03 01 00 30 58 e2 f6 52 c6 6f |.........0X..R.o|
|
||||
000002e0 8d ba 2d be 84 8d fd 19 b7 2a e6 c4 b9 47 0d 3b |..-......*...G.;|
|
||||
000002f0 af a8 8d 91 90 9d ff a1 f0 65 af 8e fe 8a 9b 39 |.........e.....9|
|
||||
00000300 1c b1 e4 0b e3 c5 9a bf 86 18 |..........|
|
||||
00000230 c2 ed 90 99 5f 58 cb 3b 74 16 03 01 00 90 0f 00 |...._X.;t.......|
|
||||
00000240 00 8c 00 8a 30 81 87 02 42 01 89 0f 43 df a8 34 |....0...B...C..4|
|
||||
00000250 dd d7 c9 d4 2b 8d ec 29 77 7b 64 d0 0e 8c e8 2b |....+..)w{d....+|
|
||||
00000260 e3 25 1c ed 0a 1b 05 e0 66 42 37 c0 e6 fa 3e 81 |.%......fB7...>.|
|
||||
00000270 ec e1 06 99 f4 62 3f ea 55 79 ae 68 56 9e e3 3c |.....b?.Uy.hV..<|
|
||||
00000280 83 ba 9b 1c 65 b9 eb a6 e7 f7 4e 02 41 61 2c 52 |....e.....N.Aa,R|
|
||||
00000290 4c 48 92 b0 93 d8 31 58 c3 90 b0 e3 7d 55 94 fc |LH....1X....}U..|
|
||||
000002a0 70 bf 18 42 51 73 d0 45 17 2e 0e 00 b0 12 76 0d |p..BQs.E......v.|
|
||||
000002b0 35 78 cb fd 34 60 36 ff ed 19 ef 0a 1e 21 cc 4c |5x..4`6......!.L|
|
||||
000002c0 9a ff a0 f7 cf 72 03 cd 00 bb 73 0d 1d e5 14 03 |.....r....s.....|
|
||||
000002d0 01 00 01 01 16 03 01 00 30 69 76 1f 5b 81 5f 62 |........0iv.[._b|
|
||||
000002e0 cf d5 d9 2c 19 71 80 d0 2a 97 8a 89 21 7f 6d 02 |...,.q..*...!.m.|
|
||||
000002f0 b6 01 a4 ed fe 18 9f 34 ae 95 f6 a1 29 0b 9a 1c |.......4....)...|
|
||||
00000300 04 b6 ce c7 d1 0c 5a b5 3f |......Z.?|
|
||||
>>> Flow 4 (server to client)
|
||||
00000000 14 03 01 00 01 01 16 03 01 00 30 bc 72 19 6f bb |..........0.r.o.|
|
||||
00000010 a0 79 dd 23 cf 44 0c be 48 9e ef 94 f3 47 fb 03 |.y.#.D..H....G..|
|
||||
00000020 7d c6 af 0d 35 e2 4d 73 92 42 04 fa 5b 74 be 4d |}...5.Ms.B..[t.M|
|
||||
00000030 0e 1b bf 3d 4a c9 d9 66 10 02 9f |...=J..f...|
|
||||
00000000 14 03 01 00 01 01 16 03 01 00 30 7d 4b fc 73 20 |..........0}K.s |
|
||||
00000010 e4 ac c4 39 15 79 e3 89 e1 24 ce 28 30 e5 f1 87 |...9.y...$.(0...|
|
||||
00000020 cd c0 cc 39 a8 77 3b 06 a5 f9 b0 a1 3d 54 53 3b |...9.w;.....=TS;|
|
||||
00000030 53 ec ac b2 ea 24 1b 2d 6a ef c3 |S....$.-j..|
|
||||
>>> Flow 5 (client to server)
|
||||
00000000 17 03 01 00 20 96 d0 e8 8d 10 80 14 f0 61 fa a9 |.... ........a..|
|
||||
00000010 61 f0 52 a9 22 b3 78 66 9d a4 79 6f 77 1e dc 2f |a.R.".xf..yow../|
|
||||
00000020 0d f7 83 86 58 17 03 01 00 20 f9 91 e6 bf d9 c6 |....X.... ......|
|
||||
00000030 34 5c 2c a2 94 55 55 74 83 03 58 5f 02 a8 00 da |4\,..UUt..X_....|
|
||||
00000040 70 22 e8 1d 54 c8 43 17 4e b8 15 03 01 00 20 b1 |p"..T.C.N..... .|
|
||||
00000050 6f a7 15 cc e5 50 e3 ab 70 14 ed 7f 8d fc 3a ff |o....P..p.....:.|
|
||||
00000060 6a ea 4f bd b0 58 59 b7 38 36 2c b2 df 3c 4a |j.O..XY.86,..<J|
|
||||
00000000 17 03 01 00 20 9d 57 d2 4b 5b 7e 7d 7c 28 f7 8e |.... .W.K[~}|(..|
|
||||
00000010 00 0a b6 1c 3c 6b df 4d 06 c0 f8 db 86 2e 8f 8e |....<k.M........|
|
||||
00000020 28 a9 ab 6c c2 17 03 01 00 20 b4 4e cc 55 14 1c |(..l..... .N.U..|
|
||||
00000030 64 a4 3d 69 1a dc 3b 12 8e d8 15 f2 31 3a 71 1f |d.=i..;.....1:q.|
|
||||
00000040 eb fe c3 b3 22 f7 2c 6e 01 e9 15 03 01 00 20 2a |....".,n...... *|
|
||||
00000050 2e 34 ca 96 e5 a3 a0 53 c4 0c e2 0a b1 14 a3 c8 |.4.....S........|
|
||||
00000060 a5 db 72 09 31 25 11 11 2f ce 61 3a 55 48 0c |..r.1%../.a:UH.|
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue