mirrors/utls
1
0
Fork 0
mirror of https://github.com/refraction-networking/utls.git synced 2025-04-03 20:17:36 +03:00
Code Issues Projects Releases Packages Wiki Activity

crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3

Browse source 
Support for Ed25519 certificates was added in CL 175478, this wires them
up into the TLS stack according to RFC 8422 (TLS 1.2) and RFC 8446 (TLS 1.3).

RFC 8422 also specifies support for TLS 1.0 and 1.1, and I initially
implemented that, but even OpenSSL doesn't take the complexity, so I
just dropped it. It would have required keeping a buffer of the
handshake transcript in order to do the direct Ed25519 signatures. We
effectively need to support TLS 1.2 because it shares ClientHello
signature algorithms with TLS 1.3.

While at it, reordered the advertised signature algorithms in the rough
order we would want to use them, also based on what curves have fast
constant-time implementations.

Client and client auth tests changed because of the change in advertised
signature algorithms in ClientHello and CertificateRequest.

Fixes #25355

Change-Id: I9fdd839afde4fd6b13fcbc5cc7017fd8c35085ee
Reviewed-on: https://go-review.googlesource.com/c/go/+/177698
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Adam Langley <agl@golang.org>
This commit is contained in:
Filippo Valsorda 2019-05-16 19:13:29 -04:00
parent 6c11745f0b
commit 28958b0da6
84 changed files with 4977 additions and 3938 deletions
Download patch file Download diff file Expand all files Collapse all files

90
testdata/Client-TLSv12-ClientCert-RSA-RSA vendored
View file

@ -1,5 +1,5 @@
>>> Flow 1 (client to server)
00000000 16 03 01 00 f8 01 00 00 f4 03 03 00 00 00 00 00 |................|
00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................|
00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....|
00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
@ -7,20 +7,20 @@
00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#|
00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5|
00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................|
00000080 01 00 00 79 00 05 00 05 01 00 00 00 00 00 0a 00 |...y............|
00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............|
00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................|
000000a0 00 00 0d 00 18 00 16 08 04 08 05 08 06 04 01 04 |................|
000000b0 03 05 01 05 03 06 01 06 03 02 01 02 03 ff 01 00 |................|
000000c0 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 03 03 |.......+........|
000000d0 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f e5 7d |....3.&.$... /.}|
000000e0 a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 ff f6 |.G.bC.(.._.).0..|
000000f0 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |........_X.;t|
000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................|
000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................|
000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......|
000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /|
000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0|
000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t|
>>> Flow 2 (server to client)
00000000 16 03 03 00 59 02 00 00 55 03 03 82 19 ee 7f ef |....Y...U.......|
00000010 86 a3 70 b1 75 84 05 bc 43 ed 52 df bf 42 c4 e3 |..p.u...C.R..B..|
00000020 87 50 59 5d 88 4f df b6 85 0c 5d 20 c3 1b c3 9d |.PY].O....] ....|
00000030 a0 2c 6b 16 1c 35 7a 3b 98 eb ba 8a 55 7a 10 af |.,k..5z;....Uz..|
00000040 c4 7f cd 74 e5 f2 e4 6b c1 58 5f 18 c0 2f 00 00 |...t...k.X_../..|
00000000 16 03 03 00 59 02 00 00 55 03 03 34 d6 64 e9 90 |....Y...U..4.d..|
00000010 47 32 62 4a 36 f9 2f 2b c9 04 24 8d 9d 71 e1 ec |G2bJ6./+..$..q..|
00000020 63 c3 14 73 e6 db 33 53 6e 79 3b 20 10 6c f9 58 |c..s..3Sny; .l.X|
00000030 c2 2a c8 26 39 1c 33 75 f7 7b ab e0 82 ab e1 f1 |.*.&9.3u.{......|
00000040 11 8b d3 58 18 39 11 4f b8 08 12 6b c0 2f 00 00 |...X.9.O...k./..|
00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................|
00000060 03 02 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 |..Y...U..R..O0..|
00000070 4b 30 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d |K0..............|
@ -60,17 +60,17 @@
00000290 77 8d 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d |w.......@.a.Lr+.|
000002a0 ae db 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db |..F..M...>...B..|
000002b0 fe 3d 13 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 |.=.`.\!.;.......|
000002c0 ac 0c 00 00 a8 03 00 1d 20 5f 4e f4 61 c0 7a 45 |........ _N.a.zE|
000002d0 82 9e 8e d4 dc cc cf 75 7e 22 47 c4 61 17 fc ae |.......u~"G.a...|
000002e0 b0 0b 10 eb 4b b5 74 38 25 08 04 00 80 d1 db f1 |....K.t8%.......|
000002f0 bf 1a 22 33 54 0f 85 11 3d 07 05 63 c7 1c 71 90 |.."3T...=..c..q.|
00000300 e5 30 8d e6 3b 48 b3 42 e4 2e 72 9d 3e 6b 10 09 |.0..;H.B..r.>k..|
00000310 d6 32 ae 37 d4 37 5e 46 52 52 40 e5 d2 03 a9 db |.2.7.7^FRR@.....|
00000320 89 06 11 db be 67 73 3c 80 51 ce 09 df b0 ea 2a |.....gs<.Q.....*|
00000330 e3 aa 3e c0 4a c4 7d 88 ec 45 7d e8 a8 1e 46 28 |..>.J.}..E}...F(|
00000340 26 9e 38 d2 2a 97 dc a2 90 1a 7c 98 01 d9 f6 22 |&.8.*.....|...."|
00000350 9e 46 4a a2 2f ae 6e a4 3d 00 82 46 8e 8e 04 21 |.FJ./.n.=..F...!|
00000360 e7 39 23 de f6 51 6c 59 5c 63 40 c5 57 16 03 03 |.9#..QlY\c@.W...|
000002c0 ac 0c 00 00 a8 03 00 1d 20 7e 32 3b e9 c4 9d 93 |........ ~2;....|
000002d0 d9 b1 b3 fc 04 33 a6 1b b9 e8 1a 24 79 5e 0d bc |.....3.....$y^..|
000002e0 e2 f9 ba cc 18 15 64 0a 69 08 04 00 80 73 c1 81 |......d.i....s..|
000002f0 fe 44 26 be 95 56 d6 89 59 3d 5f 84 69 31 50 ed |.D&..V..Y=_.i1P.|
00000300 77 a2 67 4a 16 3c dc f2 28 14 4e 3a 90 15 b3 db |w.gJ.<..(.N:....|
00000310 f1 d8 e1 75 7d 61 a6 a0 33 28 72 62 3a 09 93 75 |...u}a..3(rb:..u|
00000320 16 63 a2 8b 89 5d 83 e4 e4 d8 89 4b 82 b5 66 b6 |.c...].....K..f.|
00000330 09 2f 30 3f 66 36 bb ae a1 67 c9 de 40 8d c3 6a |./0?f6...g..@..j|
00000340 5c 96 74 c4 29 c1 3e 6d a0 84 f8 8d d3 0d a5 70 |\.t.).>m.......p|
00000350 fe 38 dc 01 f0 75 64 be bf 38 ab 70 28 e2 06 b0 |.8...ud..8.p(...|
00000360 ea 27 14 3f 0f 4e 4f fc 01 29 b0 40 64 16 03 03 |.'.?.NO..).@d...|
00000370 00 3a 0d 00 00 36 03 01 02 40 00 2e 04 03 05 03 |.:...6...@......|
00000380 06 03 08 07 08 08 08 09 08 0a 08 0b 08 04 08 05 |................|
00000390 08 06 04 01 05 01 06 01 03 03 02 03 03 01 02 01 |................|
@ -112,26 +112,26 @@
00000200 e5 35 16 03 03 00 25 10 00 00 21 20 2f e5 7d a3 |.5....%...! /.}.|
00000210 47 cd 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 |G.bC.(.._.).0...|
00000220 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 16 03 03 00 |......._X.;t....|
00000230 88 0f 00 00 84 08 04 00 80 41 a2 d2 32 db ce 5b |.........A..2..[|
00000240 04 45 ad 1c 31 7d f0 bc bb c0 53 65 38 b6 75 10 |.E..1}....Se8.u.|
00000250 de 25 38 c2 3b 54 5b 1e 3d bb d2 6a 70 77 16 62 |.%8.;T[.=..jpw.b|
00000260 c2 e8 d0 17 bd 01 89 89 26 28 75 69 ba 5e a1 4a |........&(ui.^.J|
00000270 6d 7e e6 be 6c 64 7e 8b 0c 45 3b 4b ef 1d 75 69 |m~..ld~..E;K..ui|
00000280 1f 51 4b 02 8e a0 19 de 47 41 44 14 4f e7 1e 23 |.QK.....GAD.O..#|
00000290 b0 c0 41 3f 6a 64 0e 30 80 01 ea d8 a9 75 6d 97 |..A?jd.0.....um.|
000002a0 28 4c ae df b1 6e 53 3b c3 aa 48 f1 5a e8 1c 8f |(L...nS;..H.Z...|
000002b0 ed 8c 59 5d e1 0e 57 b1 7d 14 03 03 00 01 01 16 |..Y]..W.}.......|
000002c0 03 03 00 28 00 00 00 00 00 00 00 00 ee 41 37 7b |...(.........A7{|
000002d0 ea 1e c3 d1 a7 7d 76 5c f8 b6 70 57 3c 02 71 49 |.....}v\..pW<.qI|
000002e0 c5 14 35 bb c3 43 63 61 6c 46 6c 11 |..5..CcalFl.|
00000230 88 0f 00 00 84 08 04 00 80 5f d8 fc 5f fb e6 09 |........._.._...|
00000240 b6 2f ff 22 c5 4c bd 42 99 cb e7 ff 86 95 11 99 |./.".L.B........|
00000250 8f 3e 4a b3 72 78 26 02 2f af 03 a2 39 e7 e2 29 |.>J.rx&./...9..)|
00000260 ce 66 9a 72 1d bf fc 27 87 75 bf f1 ee 18 62 bd |.f.r...'.u....b.|
00000270 47 bc ee 39 fa 9c c2 c5 59 f6 f5 59 09 34 48 a9 |G..9....Y..Y.4H.|
00000280 02 25 e9 66 a8 d5 a6 a6 e2 67 8e a9 53 c1 2e 66 |.%.f.....g..S..f|
00000290 a8 64 3e 5e a7 63 c0 10 36 5e 77 47 23 8f 6f 14 |.d>^.c..6^wG#.o.|
000002a0 59 08 36 e4 2a 47 4d ff 12 b4 be bb 76 8c 21 5e |Y.6.*GM.....v.!^|
000002b0 08 36 34 6d 9e 01 0c 7c 85 14 03 03 00 01 01 16 |.64m...|........|
000002c0 03 03 00 28 00 00 00 00 00 00 00 00 e4 36 4e c9 |...(.........6N.|
000002d0 5c ea e3 59 ae a1 45 74 17 b1 1e fe e4 a9 b8 da |\..Y..Et........|
000002e0 b5 ce 4a 24 39 93 d7 ac 8f fb 74 a0 |..J$9.....t.|
>>> Flow 4 (server to client)
00000000 14 03 03 00 01 01 16 03 03 00 28 87 e9 a4 2c 0f |..........(...,.|
00000010 b5 52 a7 1b d0 99 86 27 d0 20 3e b5 44 77 0b 8f |.R.....'. >.Dw..|
00000020 d5 4e db dc 52 ab 01 c0 1c fd 85 2c 41 3b d0 14 |.N..R......,A;..|
00000030 11 26 29 |.&)|
00000000 14 03 03 00 01 01 16 03 03 00 28 8c 03 68 37 28 |..........(..h7(|
00000010 47 c5 6c d6 33 ef 18 7e f0 5e 93 fe a5 8a 2e 2a |G.l.3..~.^.....*|
00000020 72 e3 20 4d 98 d5 c5 a1 e2 55 a4 81 2b 0b b1 75 |r. M.....U..+..u|
00000030 6c 02 20 |l. |
>>> Flow 5 (client to server)
00000000 17 03 03 00 1e 00 00 00 00 00 00 00 01 e7 09 a0 |................|
00000010 90 12 35 3f 8f 87 41 fc aa 13 24 50 9f 69 a5 c7 |..5?..A...$P.i..|
00000020 37 38 02 15 03 03 00 1a 00 00 00 00 00 00 00 02 |78..............|
00000030 08 53 f5 80 5c eb b2 3b 9d be a3 49 46 24 da 5a |.S..\..;...IF$.Z|
00000040 7d 84 |}.|
00000000 17 03 03 00 1e 00 00 00 00 00 00 00 01 1c 99 25 |...............%|
00000010 ba ae 73 88 34 3e 85 49 d3 b9 00 77 6e c4 fc 67 |..s.4>.I...wn..g|
00000020 9d c8 e2 15 03 03 00 1a 00 00 00 00 00 00 00 02 |................|
00000030 34 5f 22 7e 6f ee e7 03 fd 9e 30 9d 0f 63 85 d7 |4_"~o.....0..c..|
00000040 c5 b7 |..|