mirror of
https://github.com/refraction-networking/utls.git
synced 2025-04-04 04:27:36 +03:00
crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3
Support for Ed25519 certificates was added in CL 175478, this wires them up into the TLS stack according to RFC 8422 (TLS 1.2) and RFC 8446 (TLS 1.3). RFC 8422 also specifies support for TLS 1.0 and 1.1, and I initially implemented that, but even OpenSSL doesn't take the complexity, so I just dropped it. It would have required keeping a buffer of the handshake transcript in order to do the direct Ed25519 signatures. We effectively need to support TLS 1.2 because it shares ClientHello signature algorithms with TLS 1.3. While at it, reordered the advertised signature algorithms in the rough order we would want to use them, also based on what curves have fast constant-time implementations. Client and client auth tests changed because of the change in advertised signature algorithms in ClientHello and CertificateRequest. Fixes #25355 Change-Id: I9fdd839afde4fd6b13fcbc5cc7017fd8c35085ee Reviewed-on: https://go-review.googlesource.com/c/go/+/177698 Run-TryBot: Filippo Valsorda <filippo@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Adam Langley <agl@golang.org>
This commit is contained in:
Filippo Valsorda
parent
6c11745f0b
commit
28958b0da6
84 changed files with 4977 additions and 3938 deletions
80
testdata/Client-TLSv11-ECDHE-ECDSA-AES
vendored
80
testdata/Client-TLSv11-ECDHE-ECDSA-AES
vendored
|
|
@ -1,5 +1,5 @@
|
|||
>>> Flow 1 (client to server)
|
||||
00000000 16 03 01 00 f8 01 00 00 f4 03 03 00 00 00 00 00 |................|
|
||||
00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................|
|
||||
00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
|
||||
00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....|
|
||||
00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
|
||||
|
|
@ -7,20 +7,20 @@
|
|||
00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#|
|
||||
00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5|
|
||||
00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................|
|
||||
00000080 01 00 00 79 00 05 00 05 01 00 00 00 00 00 0a 00 |...y............|
|
||||
00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............|
|
||||
00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................|
|
||||
000000a0 00 00 0d 00 18 00 16 08 04 08 05 08 06 04 01 04 |................|
|
||||
000000b0 03 05 01 05 03 06 01 06 03 02 01 02 03 ff 01 00 |................|
|
||||
000000c0 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 03 03 |.......+........|
|
||||
000000d0 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f e5 7d |....3.&.$... /.}|
|
||||
000000e0 a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 ff f6 |.G.bC.(.._.).0..|
|
||||
000000f0 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |........_X.;t|
|
||||
000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................|
|
||||
000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................|
|
||||
000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......|
|
||||
000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /|
|
||||
000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0|
|
||||
000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t|
|
||||
>>> Flow 2 (server to client)
|
||||
00000000 16 03 02 00 59 02 00 00 55 03 02 48 df b9 04 7d |....Y...U..H...}|
|
||||
00000010 92 50 cb 8f f7 03 8d 34 76 f5 4f 3a a0 d3 8e cc |.P.....4v.O:....|
|
||||
00000020 2a cd 5d 31 1a 55 d8 08 48 3f d9 20 0c 3b c2 e1 |*.]1.U..H?. .;..|
|
||||
00000030 8f 94 68 6e e2 31 e4 f9 a6 3d bf 27 84 38 43 95 |..hn.1...=.'.8C.|
|
||||
00000040 b6 d9 d3 4b fa 0a a2 c6 5a ae 83 bd c0 09 00 00 |...K....Z.......|
|
||||
00000000 16 03 02 00 59 02 00 00 55 03 02 23 a8 e7 14 3f |....Y...U..#...?|
|
||||
00000010 64 61 3c ee 80 a2 94 84 ab b8 66 76 30 84 06 78 |da<.......fv0..x|
|
||||
00000020 96 ba a7 d3 1e 81 1b 16 64 76 88 20 3d 21 21 b3 |........dv. =!!.|
|
||||
00000030 45 dd fe cb 5b d7 9a 86 39 ee 4f f8 60 eb 95 ea |E...[...9.O.`...|
|
||||
00000040 ab 64 48 14 74 16 fd e9 47 07 66 60 c0 09 00 00 |.dH.t...G.f`....|
|
||||
00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................|
|
||||
00000060 02 02 0e 0b 00 02 0a 00 02 07 00 02 04 30 82 02 |.............0..|
|
||||
00000070 00 30 82 01 62 02 09 00 b8 bf 2d 47 a0 d2 eb f4 |.0..b.....-G....|
|
||||
|
|
@ -55,39 +55,39 @@
|
|||
00000240 13 83 0d 94 06 bb d4 37 7a f6 ec 7a c9 86 2e dd |.......7z..z....|
|
||||
00000250 d7 11 69 7f 85 7c 56 de fb 31 78 2b e4 c7 78 0d |..i..|V..1x+..x.|
|
||||
00000260 ae cb be 9e 4e 36 24 31 7b 6a 0f 39 95 12 07 8f |....N6$1{j.9....|
|
||||
00000270 2a 16 03 02 00 b4 0c 00 00 b0 03 00 1d 20 1d 08 |*............ ..|
|
||||
00000280 90 e5 39 31 40 7a 35 73 66 ff 41 e5 02 1f 8d a0 |..91@z5sf.A.....|
|
||||
00000290 12 e6 14 c8 24 b0 cc 1e 0f ad 4b 1b f9 1a 00 8a |....$.....K.....|
|
||||
000002a0 30 81 87 02 42 00 bf 9d 0c 38 71 af 56 52 d7 5d |0...B....8q.VR.]|
|
||||
000002b0 35 98 50 d2 fa 31 29 83 6d 53 9d 2a ef ae 6a 5f |5.P..1).mS.*..j_|
|
||||
000002c0 4d aa 8b 27 a4 73 51 e7 eb 2d c2 13 54 87 41 23 |M..'.sQ..-..T.A#|
|
||||
000002d0 98 0b 47 96 ba 50 95 c2 58 ed 23 8e 0b 78 9f cf |..G..P..X.#..x..|
|
||||
000002e0 6c 61 e6 e5 2b 0e b9 02 41 4b e0 f9 d6 03 cf b4 |la..+...AK......|
|
||||
000002f0 fa 6f 08 51 b7 3a 2a 60 d0 76 72 c8 28 8e 6e 67 |.o.Q.:*`.vr.(.ng|
|
||||
00000300 69 42 e3 e0 49 85 e9 cc 6a a0 c4 30 52 3b 3e 46 |iB..I...j..0R;>F|
|
||||
00000310 a7 a7 2b 95 7f bf 25 6e 54 ea 3c 48 1e 1d 28 96 |..+...%nT.<H..(.|
|
||||
00000320 86 ed 12 18 3c 68 6f 72 31 e9 16 03 02 00 04 0e |....<hor1.......|
|
||||
00000270 2a 16 03 02 00 b4 0c 00 00 b0 03 00 1d 20 a7 a4 |*............ ..|
|
||||
00000280 33 20 48 6a 74 8e 07 fc c0 b6 10 61 84 d6 67 d1 |3 Hjt......a..g.|
|
||||
00000290 ae cf 65 36 4d d5 13 a1 07 fc 1f aa 77 44 00 8a |..e6M.......wD..|
|
||||
000002a0 30 81 87 02 42 01 02 5b f9 4a af 8d 0a d5 a3 de |0...B..[.J......|
|
||||
000002b0 11 62 d8 f1 db 49 7a 0c 34 3e 2d 61 f9 6f 6b c2 |.b...Iz.4>-a.ok.|
|
||||
000002c0 1d 32 4b 88 93 9b 22 b0 3d 09 c3 93 9e 25 31 d6 |.2K...".=....%1.|
|
||||
000002d0 5f 06 3a f0 4a 61 0b 06 03 5d 6c 0e b3 5e 48 5a |_.:.Ja...]l..^HZ|
|
||||
000002e0 f0 5b 21 48 58 8f b2 02 41 1c 57 f1 51 04 d6 f8 |.[!HX...A.W.Q...|
|
||||
000002f0 a2 51 e6 e6 3e e0 99 63 aa d2 1c 7b 92 be 44 ec |.Q..>..c...{..D.|
|
||||
00000300 86 c3 31 fa e7 9b 98 1a 59 a5 93 3e a9 73 f0 ec |..1.....Y..>.s..|
|
||||
00000310 03 22 37 19 db 78 30 27 ab bf 52 07 6c 3a 79 f5 |."7..x0'..R.l:y.|
|
||||
00000320 ad 70 59 76 84 44 f0 47 e0 3d 16 03 02 00 04 0e |.pYv.D.G.=......|
|
||||
00000330 00 00 00 |...|
|
||||
>>> Flow 3 (client to server)
|
||||
00000000 16 03 02 00 25 10 00 00 21 20 2f e5 7d a3 47 cd |....%...! /.}.G.|
|
||||
00000010 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 af c4 |bC.(.._.).0.....|
|
||||
00000020 cf c2 ed 90 99 5f 58 cb 3b 74 14 03 02 00 01 01 |....._X.;t......|
|
||||
00000030 16 03 02 00 40 00 00 00 00 00 00 00 00 00 00 00 |....@...........|
|
||||
00000040 00 00 00 00 00 3b 28 96 4f 03 dd 04 4e a3 73 73 |.....;(.O...N.ss|
|
||||
00000050 48 40 ef e3 4f 9d ab 39 3b db c6 0e fa 7f 0c 18 |H@..O..9;.......|
|
||||
00000060 f5 94 cd 55 23 2f f5 5c 69 14 bb 0b 49 e3 98 d7 |...U#/.\i...I...|
|
||||
00000070 c0 db 9e 3a 8b |...:.|
|
||||
00000040 00 00 00 00 00 ef 0f 92 ac 11 fe 97 1a 46 69 e4 |.............Fi.|
|
||||
00000050 b3 26 8d d7 92 46 02 25 5b 2e 86 3e 96 3d 64 ed |.&...F.%[..>.=d.|
|
||||
00000060 37 92 dd ae a5 a6 9f 03 f0 c2 42 78 9f b9 78 ac |7.........Bx..x.|
|
||||
00000070 97 ab 82 25 e2 |...%.|
|
||||
>>> Flow 4 (server to client)
|
||||
00000000 14 03 02 00 01 01 16 03 02 00 40 76 98 c8 7d 95 |..........@v..}.|
|
||||
00000010 ac 40 73 36 c1 49 ae 20 f4 a0 ef 70 59 bf d3 5e |.@s6.I. ...pY..^|
|
||||
00000020 71 ec 2e f8 c5 ea 9d cc 4d 06 44 e3 aa 46 cd c3 |q.......M.D..F..|
|
||||
00000030 c9 1b a0 5a 9a 76 ce 3b b5 16 85 33 cf ba 46 08 |...Z.v.;...3..F.|
|
||||
00000040 b8 c0 a7 da 2a 4d 23 b9 02 cc 3f |....*M#...?|
|
||||
00000000 14 03 02 00 01 01 16 03 02 00 40 df a9 23 37 74 |..........@..#7t|
|
||||
00000010 47 d8 98 87 53 b4 0a 4d b0 a5 fb cb d6 37 c8 7c |G...S..M.....7.||
|
||||
00000020 61 95 81 ef b3 63 78 2b 53 c2 86 fc 39 df c4 5f |a....cx+S...9.._|
|
||||
00000030 e4 4b af 1d fe bc 4c fe 1b 6a 28 c3 46 6f 24 94 |.K....L..j(.Fo$.|
|
||||
00000040 a8 bf ef ce e8 e8 ad 2c d9 10 32 |.......,..2|
|
||||
>>> Flow 5 (client to server)
|
||||
00000000 17 03 02 00 30 00 00 00 00 00 00 00 00 00 00 00 |....0...........|
|
||||
00000010 00 00 00 00 00 03 dd b7 03 45 4d 4c 0a 7a e7 36 |.........EML.z.6|
|
||||
00000020 a0 93 82 4e 15 73 b1 b8 18 17 35 c6 e1 84 47 4b |...N.s....5...GK|
|
||||
00000030 8c 3f 5c a2 9d 15 03 02 00 30 00 00 00 00 00 00 |.?\......0......|
|
||||
00000040 00 00 00 00 00 00 00 00 00 00 c2 f9 0f cb 78 53 |..............xS|
|
||||
00000050 43 55 f3 fd 8a cc 16 32 19 0b 81 5d 90 a4 31 ff |CU.....2...]..1.|
|
||||
00000060 58 ea 70 73 92 ad e8 ed 0c e3 |X.ps......|
|
||||
00000010 00 00 00 00 00 34 50 ce 9c 7f f5 2d a2 c1 e4 5c |.....4P....-...\|
|
||||
00000020 fa d1 a0 f4 38 e8 4f 51 54 36 07 da f1 af 6d ef |....8.OQT6....m.|
|
||||
00000030 b8 b0 bc bc a6 15 03 02 00 30 00 00 00 00 00 00 |.........0......|
|
||||
00000040 00 00 00 00 00 00 00 00 00 00 0b d4 8e e8 69 64 |..............id|
|
||||
00000050 53 38 7c 72 d8 1d 9f d5 8a 83 74 a7 37 6b e2 c0 |S8|r......t.7k..|
|
||||
00000060 8f 26 e7 5d 0e 06 ae e0 db fb |.&.]......|
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue