crypto/tls: advertise support for SHA-512 signatures in 1.2

This is the equivalent change to 1c105980 but for SHA-512. SHA-512 certificates are already supported by default since b53bb2ca, but some servers will refuse connections if the algorithm is not advertised in the overloaded signatureAndHash extension (see 09b238f1). This required adding support for SHA-512 signatures on CertificateVerify and ServerKeyExchange messages, because of said overloading. Some testdata/Client-TLSv1{0,1} files changed because they send a 1.2 ClientHello even if the server picks a lower version. Closes #22422 Change-Id: I16282d03a3040260d203711ec21e6b20a0e1e105 Reviewed-on: https://go-review.googlesource.com/74950 Run-TryBot: Filippo Valsorda <hi@filippo.io> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Adam Langley <agl@golang.org>
2025-04-03 20:17:36 +03:00 · 2017-10-31 19:43:05 -04:00 · 2017-10-31 19:43:05 -04:00 · ca44103d11
commit ca44103d11
parent 90f8fc90bd
48 changed files with 1902 additions and 2108 deletions
--- a/testdata/Client-TLSv10-ClientCert-ECDSA-RSA
+++ b/testdata/Client-TLSv10-ClientCert-ECDSA-RSA
@ -1,20 +1,20 @@
 >>> Flow 1 (client to server)
-00000000  16 03 01 00 91 01 00 00  8d 03 03 00 00 00 00 00  |................|
+00000000  16 03 01 00 95 01 00 00  91 03 03 00 00 00 00 00  |................|
 00000010  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
 00000020  00 00 00 00 00 00 00 00  00 00 00 00 00 2c cc a8  |.............,..|
 00000030  cc a9 c0 2f c0 2b c0 30  c0 2c c0 27 c0 13 c0 23  |.../.+.0.,.'...#|
 00000040  c0 09 c0 14 c0 0a 00 9c  00 9d 00 3c 00 2f 00 35  |...........<./.5|
-00000050  c0 12 00 0a 00 05 c0 11  c0 07 01 00 00 38 00 05  |.............8..|
+00000050  c0 12 00 0a 00 05 c0 11  c0 07 01 00 00 3c 00 05  |.............<..|
 00000060  00 05 01 00 00 00 00 00  0a 00 0a 00 08 00 1d 00  |................|
-00000070  17 00 18 00 19 00 0b 00  02 01 00 00 0d 00 0e 00  |................|
-00000080  0c 04 01 04 03 05 01 05  03 02 01 02 03 ff 01 00  |................|
-00000090  01 00 00 12 00 00                                 |......|
+00000070  17 00 18 00 19 00 0b 00  02 01 00 00 0d 00 12 00  |................|
+00000080  10 04 01 04 03 05 01 05  03 06 01 06 03 02 01 02  |................|
+00000090  03 ff 01 00 01 00 00 12  00 00                    |..........|
 >>> Flow 2 (server to client)
-00000000  16 03 01 00 59 02 00 00  55 03 01 32 7c 5c ac bd  |....Y...U..2|\..|
-00000010  77 70 c2 f8 f0 20 37 e4  e8 45 db be 97 22 e4 f3  |wp... 7..E..."..|
-00000020  24 1c c1 29 8f 02 e1 bc  ba 4a 1e 20 81 6f b5 12  |$..).....J. .o..|
-00000030  c0 9d 9e de 2f b6 04 b2  74 34 da 2b 04 55 2c 4f  |..../...t4.+.U,O|
-00000040  dd 01 8a 30 d9 67 45 9f  f1 31 f1 78 c0 13 00 00  |...0.gE..1.x....|
+00000000  16 03 01 00 59 02 00 00  55 03 01 af af 0f 49 f7  |....Y...U.....I.|
+00000010  fa 29 30 cb 90 30 b4 70  d2 94 96 db 99 f9 4d 10  |.)0..0.p......M.|
+00000020  4c 14 67 a0 2f ac cc e6  7f 89 c2 20 d8 e0 15 ba  |L.g./...... ....|
+00000030  55 99 b7 20 04 e2 84 e4  5d 97 4b ea 6e d5 6b db  |U.. ....].K.n.k.|
+00000040  dc 23 2a a1 76 4c fd c0  5f a6 4a e1 c0 13 00 00  |.#*.vL.._.J.....|
 00000050  0d ff 01 00 01 00 00 0b  00 04 03 00 01 02 16 03  |................|
 00000060  01 02 59 0b 00 02 55 00  02 52 00 02 4f 30 82 02  |..Y...U..R..O0..|
 00000070  4b 30 82 01 b4 a0 03 02  01 02 02 09 00 e8 f0 9d  |K0..............|
@ -54,17 +54,17 @@
 00000290  77 8d 0c 1c f1 0f a1 d8  40 83 61 c9 4c 72 2b 9d  |w.......@.a.Lr+.|
 000002a0  ae db 46 06 06 4d f4 c1  b3 3e c0 d1 bd 42 d4 db  |..F..M...>...B..|
 000002b0  fe 3d 13 60 84 5c 21 d3  3b e9 fa e7 16 03 01 00  |.=.`.\!.;.......|
-000002c0  aa 0c 00 00 a6 03 00 1d  20 2f f7 3b 44 1a 47 85  |........ /.;D.G.|
-000002d0  d7 db 40 28 4e 6a f1 2f  1e b5 cc b0 58 0d 92 93  |..@(Nj./....X...|
-000002e0  30 41 65 08 05 f7 51 23  57 00 80 87 0d c3 22 ff  |0Ae...Q#W.....".|
-000002f0  aa d1 3f 55 09 cf 98 dc  91 f8 d0 63 58 da dc 52  |..?U.......cX..R|
-00000300  03 f0 06 a6 4e 7e 5b 96  a1 3b d7 8e 1e 68 50 ef  |....N~[..;...hP.|
-00000310  59 3f 78 06 eb 9a 33 c5  01 3c e0 fb c6 f1 b6 bc  |Y?x...3..<......|
-00000320  5a bc 95 e8 43 d9 ab 36  05 26 13 c5 a6 68 9b e2  |Z...C..6.&...h..|
-00000330  b1 42 6e 89 60 5c b3 91  02 c5 8b ab 53 d1 d9 79  |.Bn.`\......S..y|
-00000340  d0 37 b5 5e 2c 16 72 29  f8 9c d0 4a 46 87 46 f4  |.7.^,.r)...JF.F.|
-00000350  01 2b e8 6a 4f 59 d1 2d  3d de 4b 3b 0e c7 cd 42  |.+.jOY.-=.K;...B|
-00000360  ae d2 94 e9 a6 6b 65 ad  3f 77 57 16 03 01 00 0a  |.....ke.?wW.....|
+000002c0  aa 0c 00 00 a6 03 00 1d  20 b7 12 77 ce bd 55 19  |........ ..w..U.|
+000002d0  d6 16 92 11 72 ad dc b4  9c fd 7a cd dc 31 53 0f  |....r.....z..1S.|
+000002e0  bc bf 12 0a 9f 32 c9 e3  09 00 80 6e 49 99 f1 c2  |.....2.....nI...|
+000002f0  6c 4e cd c1 bb cc b1 db  fd e5 3a 12 c9 94 dd 11  |lN........:.....|
+00000300  84 b3 5f 43 15 7c f5 05  a0 13 90 05 0e bb 13 60  |.._C.|.........`|
+00000310  c5 ef 30 e6 cb 5d b2 50  10 99 1f 01 13 43 37 e8  |..0..].P.....C7.|
+00000320  6c 95 aa ae 3e f6 53 25  92 48 d1 f6 e1 7d 88 0e  |l...>.S%.H...}..|
+00000330  23 fb ee 72 e8 84 83 6b  bc d6 96 3c 1d 62 98 3e  |#..r...k...<.b.>|
+00000340  89 c7 19 cc cd 08 d3 cb  b2 fe 39 51 f0 62 89 71  |..........9Q.b.q|
+00000350  d7 83 78 33 0d de f8 81  5a e4 f3 ea 55 e9 58 41  |..x3....Z...U.XA|
+00000360  94 b2 1b b9 1f 3b 52 f1  d3 d0 51 16 03 01 00 0a  |.....;R...Q.....|
 00000370  0d 00 00 06 03 01 02 40  00 00 16 03 01 00 04 0e  |.......@........|
 00000380  00 00 00                                          |...|
 >>> Flow 3 (client to server)
@ -104,29 +104,29 @@
 00000210  03 01 00 25 10 00 00 21  20 2f e5 7d a3 47 cd 62  |...%...! /.}.G.b|
 00000220  43 15 28 da ac 5f bb 29  07 30 ff f6 84 af c4 cf  |C.(.._.).0......|
 00000230  c2 ed 90 99 5f 58 cb 3b  74 16 03 01 00 91 0f 00  |...._X.;t.......|
-00000240  00 8d 00 8b 30 81 88 02  42 01 b3 df 59 06 71 e6  |....0...B...Y.q.|
-00000250  74 c9 9d d5 2c b0 a7 f8  1e ac bc f3 5a e2 ed 0b  |t...,.......Z...|
-00000260  f2 e9 37 82 c6 fe 7c 23  b9 63 6e 88 1d 63 31 ad  |..7...|#.cn..c1.|
-00000270  d3 29 48 eb f3 5d 52 f5  76 ab fc 16 9e 09 4f 49  |.)H..]R.v.....OI|
-00000280  cf b4 03 6a ed db e5 13  ea 67 74 02 42 01 8e 2f  |...j.....gt.B../|
-00000290  b8 12 38 c9 a6 8c 77 40  85 89 ef d8 ac 08 00 c0  |..8...w@........|
-000002a0  ee 70 68 a6 88 1f d1 67  0d 1b 7b 1f be e0 a7 b9  |.ph....g..{.....|
-000002b0  c3 7d ff 6a 39 3c b9 aa  f6 78 ac 9a ca 67 55 0c  |.}.j9<...x...gU.|
-000002c0  38 23 cc ab 18 c0 b9 ea  9c 84 61 32 0a 0d f3 14  |8#........a2....|
-000002d0  03 01 00 01 01 16 03 01  00 30 73 12 76 94 30 37  |.........0s.v.07|
-000002e0  e5 e3 30 59 88 2f 5f e9  f2 7b 3d 02 88 65 09 14  |..0Y./_..{=..e..|
-000002f0  68 23 02 d0 ae e5 7f 7f  8d 95 3b 1c 75 f5 1f 24  |h#........;.u..$|
-00000300  43 60 29 bb 0e 69 88 36  a9 68                    |C`)..i.6.h|
+00000240  00 8d 00 8b 30 81 88 02  42 01 8b 84 b3 ac 64 4e  |....0...B.....dN|
+00000250  77 d2 47 77 13 2f 45 ec  0b 3f 92 ef 55 cc 78 8e  |w.Gw./E..?..U.x.|
+00000260  d9 c1 ae 4b c5 6f 01 d0  55 ca 0b 12 cf 3c ac c8  |...K.o..U....<..|
+00000270  46 7b 6a c4 22 f3 16 85  1a 2a ea 4f f6 65 1c c9  |F{j."....*.O.e..|
+00000280  90 7b d1 c5 9f c8 59 73  43 47 bd 02 42 00 93 a3  |.{....YsCG..B...|
+00000290  35 0a 1f 14 de 23 fa 92  a4 d6 5e dc fd c0 85 87  |5....#....^.....|
+000002a0  fb 23 12 bd 8e d7 f3 98  33 49 fc 88 92 13 8a 7d  |.#......3I.....}|
+000002b0  ee 12 e5 d6 b3 ff bf 04  7e 48 ff 83 6b 76 70 b8  |........~H..kvp.|
+000002c0  8c 1f f5 44 4b a7 fb 48  81 87 a0 6b 66 45 15 14  |...DK..H...kfE..|
+000002d0  03 01 00 01 01 16 03 01  00 30 83 d6 1c 9f e9 ef  |.........0......|
+000002e0  49 45 e4 97 17 2c af 6f  4e 59 0e 4d 43 69 88 fd  |IE...,.oNY.MCi..|
+000002f0  3d 99 00 9e 02 3c 33 78  d6 37 6e f9 55 43 ac 16  |=....<3x.7n.UC..|
+00000300  2e 14 0e 0e 44 a1 f7 1e  fc 09                    |....D.....|
 >>> Flow 4 (server to client)
-00000000  14 03 01 00 01 01 16 03  01 00 30 a0 5f 7f 59 e0  |..........0._.Y.|
-00000010  b1 7e ed ad de 6a 47 94  21 e5 1b 77 a7 d0 88 fd  |.~...jG.!..w....|
-00000020  9e 4e 48 87 1d cf 40 e4  b9 38 a3 2e e4 00 c3 94  |.NH...@..8......|
-00000030  95 20 1c 97 d2 a9 3a 11  86 30 5f                 |. ....:..0_|
+00000000  14 03 01 00 01 01 16 03  01 00 30 75 1b 70 70 73  |..........0u.pps|
+00000010  c3 2d d5 7a a5 ca 63 b3  b7 b1 57 a8 bc fd 5c 95  |.-.z..c...W...\.|
+00000020  ed e7 88 26 b3 9b a6 8d  c7 3f 02 70 a7 98 1c 33  |...&.....?.p...3|
+00000030  86 67 f7 ca 76 42 53 99  3b 17 ef                 |.g..vBS.;..|
 >>> Flow 5 (client to server)
-00000000  17 03 01 00 20 ca 4c f5  cb 81 66 2f 97 e3 5d 8b  |.... .L...f/..].|
-00000010  dd 7d dd fa fe 8c 98 45  3f 3d 16 17 98 4d b5 15  |.}.....E?=...M..|
-00000020  6c 91 8a 79 7a 17 03 01  00 20 96 ec 30 cb d3 78  |l..yz.... ..0..x|
-00000030  b9 0a a1 ab fd 12 25 d5  82 7b 7a 3c 17 56 7b b7  |......%..{z<.V{.|
-00000040  c4 6e ea a2 5b d7 6b b6  22 a9 15 03 01 00 20 ba  |.n..[.k."..... .|
-00000050  ff fe 2b 60 83 34 ad 45  75 15 d5 95 b3 27 92 46  |..+`.4.Eu....'.F|
-00000060  47 ae f1 d4 a4 9d 63 ef  db d9 b5 37 0f f1 74     |G.....c....7..t|
+00000000  17 03 01 00 20 61 40 b2  4d fe 8d 3c a1 d2 4b 36  |.... a@.M..<..K6|
+00000010  bb 5d 6c 77 65 6e 66 55  57 12 a5 62 9d 56 f6 53  |.]lwenfUW..b.V.S|
+00000020  dd a6 38 7c 32 17 03 01  00 20 e5 98 82 47 a0 cc  |..8|2.... ...G..|
+00000030  a7 02 98 71 01 00 d7 ee  1c 35 16 d6 7a 03 80 95  |...q.....5..z...|
+00000040  d0 69 9a e9 bb 4c 9c 0a  92 59 15 03 01 00 20 a2  |.i...L...Y.... .|
+00000050  96 8a 21 a9 a4 28 83 f8  fb 3c aa 6e 53 fb 23 7e  |..!..(...<.nS.#~|
+00000060  a1 08 4f 16 8f 34 02 27  34 e2 c2 71 1e a2 c7     |..O..4.'4..q...|