crypto/tls: re-enable RSA-PSS in TLS 1.2 again

TLS 1.3, which requires RSA-PSS, is now enabled without a GODEBUG opt-out, and with the introduction of Certificate.SupportedSignatureAlgorithms (#28660) there is a programmatic way to avoid RSA-PSS (disable TLS 1.3 with MaxVersion and use that field to specify only PKCS#1 v1.5 SignatureSchemes). This effectively reverts 0b3a57b5374bba3fdf88258e2be4c8be65e6a5de, although following CL 205061 all of the signing-side logic is conveniently centralized in signatureSchemesForCertificate. Fixes #32425 Change-Id: I7c9a8893bb5d518d86eae7db82612b9b2cd257d7 Reviewed-on: https://go-review.googlesource.com/c/go/+/205063 Run-TryBot: Filippo Valsorda <filippo@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Katie Hockman <katie@golang.org> Reviewed-by: Adam Langley <agl@golang.org>
2025-04-03 20:17:36 +03:00 · 2019-11-03 21:28:47 -05:00 · 2019-11-03 21:28:47 -05:00 · 6bb85fe4e7
commit 6bb85fe4e7
parent 555e9b864b
28 changed files with 1264 additions and 1244 deletions
--- a/handshake_server_test.go
+++ b/handshake_server_test.go
@ -1181,16 +1181,10 @@ func TestHandshakeServerRSAPKCS1v15(t *testing.T) {

 func TestHandshakeServerRSAPSS(t *testing.T) {
 	test := &serverTest{
-		name:                          "RSA-RSAPSS",
-		command:                       []string{"openssl", "s_client", "-no_ticket", "-sigalgs", "rsa_pss_rsae_sha256"},
-		expectHandshakeErrorIncluding: "peer doesn't support any of the certificate's signature algorithms", // See Issue 32425.
-	}
-	runServerTestTLS12(t, test)
-
-	test = &serverTest{
 		name:    "RSA-RSAPSS",
 		command: []string{"openssl", "s_client", "-no_ticket", "-sigalgs", "rsa_pss_rsae_sha256"},
 	}
+	runServerTestTLS12(t, test)
 	runServerTestTLS13(t, test)
 }

@ -1349,14 +1343,6 @@ func TestClientAuth(t *testing.T) {
 	runServerTestTLS12(t, test)
 	runServerTestTLS13(t, test)

-	test = &serverTest{
-		name: "ClientAuthRequestedAndGiven",
-		command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA",
-			"-cert", certPath, "-key", keyPath, "-client_sigalgs", "rsa_pss_rsae_sha256"},
-		config:            config,
-		expectedPeerCerts: []string{}, // See Issue 32425.
-	}
-	runServerTestTLS12(t, test)
 	test = &serverTest{
 		name: "ClientAuthRequestedAndGiven",
 		command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA",
@ -1364,6 +1350,7 @@ func TestClientAuth(t *testing.T) {
 		config:            config,
 		expectedPeerCerts: []string{clientCertificatePEM},
 	}
+	runServerTestTLS12(t, test)
 	runServerTestTLS13(t, test)

 	test = &serverTest{
@ -1656,12 +1643,6 @@ T+E0J8wlH24pgwQHzy7Ko2qLwn1b5PW8ecrlvP1g
 	err = client.Handshake()
 	expectError(t, err, "handshake failure")
 	<-done
-
-	// In TLS 1.2 RSA-PSS is not used, so this should succeed. See Issue 32425.
-	serverConfig := testConfig.Clone()
-	serverConfig.Certificates = []Certificate{cert}
-	serverConfig.MaxVersion = VersionTLS12
-	testHandshake(t, testConfig, serverConfig)
 }

 func TestMultipleCertificates(t *testing.T) {