mirrors/utls
1
0
Fork 0
mirror of https://github.com/refraction-networking/utls.git synced 2025-04-03 20:17:36 +03:00
Code Issues Projects Releases Packages Wiki Activity

crypto/tls: re-enable RSA-PSS in TLS 1.2 again

Browse source 
TLS 1.3, which requires RSA-PSS, is now enabled without a GODEBUG
opt-out, and with the introduction of
Certificate.SupportedSignatureAlgorithms (#28660) there is a
programmatic way to avoid RSA-PSS (disable TLS 1.3 with MaxVersion and
use that field to specify only PKCS#1 v1.5 SignatureSchemes).

This effectively reverts 0b3a57b5374bba3fdf88258e2be4c8be65e6a5de,
although following CL 205061 all of the signing-side logic is
conveniently centralized in signatureSchemesForCertificate.

Fixes #32425

Change-Id: I7c9a8893bb5d518d86eae7db82612b9b2cd257d7
Reviewed-on: https://go-review.googlesource.com/c/go/+/205063
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Katie Hockman <katie@golang.org>
Reviewed-by: Adam Langley <agl@golang.org>
This commit is contained in:
Filippo Valsorda 2019-11-03 21:28:47 -05:00
parent 555e9b864b
commit 6bb85fe4e7
28 changed files with 1264 additions and 1244 deletions
Download patch file Download diff file Expand all files Collapse all files

78
testdata/Client-TLSv12-ClientCert-RSA-RSAPSS vendored
View file

@ -16,11 +16,11 @@
000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0|
000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t|
>>> Flow 2 (server to client)
00000000 16 03 03 00 59 02 00 00 55 03 03 be 63 44 bb 7e |....Y...U...cD.~|
00000010 0d 88 88 15 b1 ed 7e 75 03 57 25 1a 0c 52 42 31 |......~u.W%..RB1|
00000020 f8 e1 46 e3 11 27 ff 05 5e 26 2e 20 e6 31 d0 a6 |..F..'..^&. .1..|
00000030 d9 7c 69 a6 57 09 ee 50 c5 3c 5e 1d a0 a7 2b 7a |.|i.W..P.<^...+z|
00000040 7c dd 04 b4 38 45 c9 90 a0 98 33 68 c0 2f 00 00 ||...8E....3h./..|
00000000 16 03 03 00 59 02 00 00 55 03 03 29 bc e2 fe ae |....Y...U..)....|
00000010 0a db 37 e6 39 d5 48 24 3d 0f e5 d7 6b a3 69 dd |..7.9.H$=...k.i.|
00000020 ce 09 fd 28 03 c2 7e 38 db c9 ec 20 d2 5e 3f 94 |...(..~8... .^?.|
00000030 b0 2c 5e 4c 77 c2 94 c3 f2 a9 d0 91 4f 96 45 0e |.,^Lw.......O.E.|
00000040 d3 34 fc 9f e0 a5 e6 fc 1e 8a c1 00 c0 2f 00 00 |.4.........../..|
00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................|
00000060 03 02 66 0b 00 02 62 00 02 5f 00 02 5c 30 82 02 |..f...b.._..\0..|
00000070 58 30 82 01 8d a0 03 02 01 02 02 11 00 f2 99 26 |X0.............&|
@ -61,18 +61,18 @@
000002a0 11 89 66 79 d1 8e 88 0e 0b a0 9e 30 2a c0 67 ef |..fy.......0*.g.|
000002b0 ca 46 02 88 e9 53 81 22 69 22 97 ad 80 93 d4 f7 |.F...S."i"......|
000002c0 dd 70 14 24 d7 70 0a 46 a1 16 03 03 00 ac 0c 00 |.p.$.p.F........|
000002d0 00 a8 03 00 1d 20 60 8e 8a 17 8a fc b4 4f 01 ad |..... `......O..|
000002e0 f8 ef 44 f3 fc af 2a 90 57 7d ba 1d dd a6 17 cc |..D...*.W}......|
000002f0 c6 4a 5f a2 fb 47 08 04 00 80 46 d8 62 04 19 4a |.J_..G....F.b..J|
00000300 29 9b cc 3c 2c 0d 7e 67 3d 97 c0 32 65 90 28 e2 |)..<,.~g=..2e.(.|
00000310 e9 df 7d 9b e1 62 82 a9 0b 22 99 a0 ae b9 7a 31 |..}..b..."....z1|
00000320 75 c2 6e 61 e7 a5 64 b9 72 ce b8 04 b2 ca 14 78 |u.na..d.r......x|
00000330 d4 b4 c2 b4 57 b4 a4 70 f9 d1 bf d0 77 e3 f5 66 |....W..p....w..f|
00000340 c0 3f dd b2 40 30 3d d5 e9 a6 d1 49 79 ac ea b9 |.?..@0=....Iy...|
00000350 38 43 52 3c a0 1c be 0d 18 a2 fc c0 a6 43 80 91 |8CR<.........C..|
00000360 3f c5 c2 3a 43 31 92 ff 58 a8 40 52 b3 99 0f c4 |?..:C1..X.@R....|
00000370 c6 00 89 0b b9 f4 9e 28 cd bf 16 03 03 00 0c 0d |.......(........|
00000380 00 00 08 01 01 00 02 04 01 00 00 16 03 03 00 04 |................|
000002d0 00 a8 03 00 1d 20 9e e4 39 3a b3 d5 f9 51 16 d4 |..... ..9:...Q..|
000002e0 a8 e1 0a 6d ad 3c ca 01 97 d6 a1 ce 03 2a 67 4a |...m.<.......*gJ|
000002f0 49 06 eb ed c6 24 08 04 00 80 b3 b7 9e fd 97 9b |I....$..........|
00000300 b0 d6 35 89 21 53 ff a8 4b 59 59 26 37 ac 2f 36 |..5.!S..KYY&7./6|
00000310 27 3d 5a 04 3f 50 ed 36 e0 5f 1a d7 1b 36 47 94 |'=Z.?P.6._...6G.|
00000320 45 ec 8c 0b 8f 0f fc df ec 3c 56 f0 d0 28 45 94 |E........<V..(E.|
00000330 96 c7 35 bb 42 31 a6 6e eb 27 cf cf 7e 21 cf 2f |..5.B1.n.'..~!./|
00000340 a1 90 5d 2b 32 23 b3 de 40 a7 b6 56 c1 73 29 56 |..]+2#..@..V.s)V|
00000350 3d 73 fe 34 b2 0b 58 97 16 e6 a1 1c 47 0e 24 a7 |=s.4..X.....G.$.|
00000360 0d c9 a0 51 70 82 b1 d1 a6 a1 bc b4 49 77 c4 c4 |...Qp.......Iw..|
00000370 87 ae c8 49 e6 80 ae d0 dd ca 16 03 03 00 0c 0d |...I............|
00000380 00 00 08 01 01 00 02 08 04 00 00 16 03 03 00 04 |................|
00000390 0e 00 00 00 |....|
>>> Flow 3 (client to server)
00000000 16 03 03 02 66 0b 00 02 62 00 02 5f 00 02 5c 30 |....f...b.._..\0|
@ -116,27 +116,27 @@
00000260 d4 f7 dd 70 14 24 d7 70 0a 46 a1 16 03 03 00 25 |...p.$.p.F.....%|
00000270 10 00 00 21 20 2f e5 7d a3 47 cd 62 43 15 28 da |...! /.}.G.bC.(.|
00000280 ac 5f bb 29 07 30 ff f6 84 af c4 cf c2 ed 90 99 |._.).0..........|
00000290 5f 58 cb 3b 74 16 03 03 00 88 0f 00 00 84 04 01 |_X.;t...........|
000002a0 00 80 d5 bf 41 e0 65 7b 32 16 bb a3 92 48 f6 0e |....A.e{2....H..|
000002b0 31 eb ca a2 b7 1c b3 3a b4 8f 91 0e 44 e8 9e ad |1......:....D...|
000002c0 f7 71 4c 71 20 da 59 29 09 4f 0b 1e fb 92 c5 ce |.qLq .Y).O......|
000002d0 7b a3 26 de 89 be f5 cc b6 be dc af 09 6a f9 a2 |{.&..........j..|
000002e0 f0 65 5c 39 2d ad 2c 46 ce df 26 09 2e 99 5d 9e |.e\9-.,F..&...].|
000002f0 58 2b cf 1f ed b5 1a 4b 21 0b d8 ec 14 fb bb f2 |X+.....K!.......|
00000300 eb 41 9d 1c 6a 06 d8 38 b9 68 fc 1d 90 ad ff 9c |.A..j..8.h......|
00000310 91 c1 4a ff b0 49 59 8a 0b 25 26 eb 28 b1 a5 f8 |..J..IY..%&.(...|
00000320 0d 8e 14 03 03 00 01 01 16 03 03 00 28 00 00 00 |............(...|
00000330 00 00 00 00 00 cd a4 31 83 38 57 c8 91 98 4c 6c |.......1.8W...Ll|
00000340 76 c7 e1 d8 af f9 47 ee 45 75 f4 51 6c e5 7e da |v.....G.Eu.Ql.~.|
00000350 00 0f da 44 49 |...DI|
00000290 5f 58 cb 3b 74 16 03 03 00 88 0f 00 00 84 08 04 |_X.;t...........|
000002a0 00 80 a6 6b 99 15 5e 97 33 4f a8 0e 59 af 15 22 |...k..^.3O..Y.."|
000002b0 f3 6e be 02 6e e4 20 d5 81 c0 b4 74 5a e2 20 32 |.n..n. ....tZ. 2|
000002c0 2b 7f 9c e6 94 32 4d 30 bf 93 86 9b 75 4d f1 9f |+....2M0....uM..|
000002d0 e4 48 28 00 27 fa 7c 45 2e fe d7 0b dc 03 c4 6b |.H(.'.|E.......k|
000002e0 42 ad a2 32 d7 9d ea d6 52 05 3f ed 87 fd b9 9d |B..2....R.?.....|
000002f0 58 fd d6 9f 28 6d 45 07 de 5b 4a 8e f4 4d 19 0b |X...(mE..[J..M..|
00000300 cf 4e 64 75 73 ae cd e9 ae f9 af 27 d0 b9 eb 4c |.Ndus......'...L|
00000310 98 ad 66 6d 4e bf 2c 39 87 f3 72 3e 4e bc a1 8f |..fmN.,9..r>N...|
00000320 a8 1e 14 03 03 00 01 01 16 03 03 00 28 00 00 00 |............(...|
00000330 00 00 00 00 00 04 3c cc ae cd 19 52 6b 1e 0e cc |......<....Rk...|
00000340 dd a9 ac 2f 2a c6 94 4c 09 f3 ee 2f b5 5a 13 1e |.../*..L.../.Z..|
00000350 4f 54 a0 ae c2 |OT...|
>>> Flow 4 (server to client)
00000000 14 03 03 00 01 01 16 03 03 00 28 7f 1d 85 46 4c |..........(...FL|
00000010 7f 93 d7 e3 c1 3f a7 71 69 16 90 9a a6 f8 9a 22 |.....?.qi......"|
00000020 a5 8b 0e 6d 6a f2 08 7e 40 6d ba 87 74 e4 e6 1d |...mj..~@m..t...|
00000030 ba 5e ff |.^.|
00000000 14 03 03 00 01 01 16 03 03 00 28 6d 44 cb 35 8b |..........(mD.5.|
00000010 15 5c f9 f8 1e ae 4f 8c 8c d9 90 9e 6c cf 13 f6 |.\....O.....l...|
00000020 12 29 f5 f7 d6 ff da e2 48 7d 68 ec ad 1a 6c 39 |.)......H}h...l9|
00000030 c5 77 6c |.wl|
>>> Flow 5 (client to server)
00000000 17 03 03 00 1e 00 00 00 00 00 00 00 01 2a 5a a1 |.............*Z.|
00000010 d5 31 ba 8b 9d 3f f1 54 e0 53 cf 84 70 3b f5 bf |.1...?.T.S..p;..|
00000020 11 3c ad 15 03 03 00 1a 00 00 00 00 00 00 00 02 |.<..............|
00000030 1b ad 23 3d 37 69 87 9d b5 60 f1 8a 13 d6 09 ab |..#=7i...`......|
00000040 a4 9b |..|
00000000 17 03 03 00 1e 00 00 00 00 00 00 00 01 2a ce da |.............*..|
00000010 11 1c 7d 49 0d aa 44 d4 d6 d4 7f 64 2b 49 47 20 |..}I..D....d+IG |
00000020 5a 21 bb 15 03 03 00 1a 00 00 00 00 00 00 00 02 |Z!..............|
00000030 fc 10 75 a7 22 f9 74 1c 3a d2 b2 a8 04 2d 37 5f |..u.".t.:....-7_|
00000040 c2 76 |.v|