crypto/tls: advertise support for SHA-512 signatures in 1.2

This is the equivalent change to 1c105980 but for SHA-512. SHA-512 certificates are already supported by default since b53bb2ca, but some servers will refuse connections if the algorithm is not advertised in the overloaded signatureAndHash extension (see 09b238f1). This required adding support for SHA-512 signatures on CertificateVerify and ServerKeyExchange messages, because of said overloading. Some testdata/Client-TLSv1{0,1} files changed because they send a 1.2 ClientHello even if the server picks a lower version. Closes #22422 Change-Id: I16282d03a3040260d203711ec21e6b20a0e1e105 Reviewed-on: https://go-review.googlesource.com/74950 Run-TryBot: Filippo Valsorda <hi@filippo.io> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Adam Langley <agl@golang.org>
2025-04-03 20:17:36 +03:00 · 2017-10-31 19:43:05 -04:00 · 2017-10-31 19:43:05 -04:00 · ca44103d11
commit ca44103d11
parent 90f8fc90bd
48 changed files with 1902 additions and 2108 deletions
--- a/testdata/Client-TLSv12-AES256-GCM-SHA384
+++ b/testdata/Client-TLSv12-AES256-GCM-SHA384
@ -1,20 +1,20 @@
 >>> Flow 1 (client to server)
-00000000  16 03 01 00 91 01 00 00  8d 03 03 00 00 00 00 00  |................|
+00000000  16 03 01 00 95 01 00 00  91 03 03 00 00 00 00 00  |................|
 00000010  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
 00000020  00 00 00 00 00 00 00 00  00 00 00 00 00 2c cc a8  |.............,..|
 00000030  cc a9 c0 2f c0 2b c0 30  c0 2c c0 27 c0 13 c0 23  |.../.+.0.,.'...#|
 00000040  c0 09 c0 14 c0 0a 00 9c  00 9d 00 3c 00 2f 00 35  |...........<./.5|
-00000050  c0 12 00 0a 00 05 c0 11  c0 07 01 00 00 38 00 05  |.............8..|
+00000050  c0 12 00 0a 00 05 c0 11  c0 07 01 00 00 3c 00 05  |.............<..|
 00000060  00 05 01 00 00 00 00 00  0a 00 0a 00 08 00 1d 00  |................|
-00000070  17 00 18 00 19 00 0b 00  02 01 00 00 0d 00 0e 00  |................|
-00000080  0c 04 01 04 03 05 01 05  03 02 01 02 03 ff 01 00  |................|
-00000090  01 00 00 12 00 00                                 |......|
+00000070  17 00 18 00 19 00 0b 00  02 01 00 00 0d 00 12 00  |................|
+00000080  10 04 01 04 03 05 01 05  03 06 01 06 03 02 01 02  |................|
+00000090  03 ff 01 00 01 00 00 12  00 00                    |..........|
 >>> Flow 2 (server to client)
-00000000  16 03 03 00 51 02 00 00  4d 03 03 98 b0 4a 9a c8  |....Q...M....J..|
-00000010  8f f9 1f f9 70 03 d9 1a  ee 7c 29 30 6a 71 7c 6c  |....p....|)0jq|l|
-00000020  ea 2c de 84 f9 ee 4d 2c  d7 58 12 20 a4 e2 1b f3  |.,....M,.X. ....|
-00000030  42 b8 9a 0b 71 8c 27 57  61 98 c5 c5 1b 04 01 5b  |B...q.'Wa......[|
-00000040  a0 bc 88 64 d9 ce 5a a1  b2 7b 6c 4e 00 9d 00 00  |...d..Z..{lN....|
+00000000  16 03 03 00 51 02 00 00  4d 03 03 de 31 eb 89 cf  |....Q...M...1...|
+00000010  06 df 45 b2 68 3c 70 8e  ef ec 11 14 d1 f3 8c 95  |..E.h<p.........|
+00000020  c7 11 b6 f9 63 d1 f3 12  5e ec 4b 20 b9 eb 00 03  |....c...^.K ....|
+00000030  2b 2e ff 13 96 50 36 9e  9c 38 ce a7 c8 1b a3 5b  |+....P6..8.....[|
+00000040  a2 c2 99 af c7 0b cb 71  17 56 23 e8 00 9d 00 00  |.......q.V#.....|
 00000050  05 ff 01 00 01 00 16 03  03 02 59 0b 00 02 55 00  |..........Y...U.|
 00000060  02 52 00 02 4f 30 82 02  4b 30 82 01 b4 a0 03 02  |.R..O0..K0......|
 00000070  01 02 02 09 00 e8 f0 9d  3f e2 5b ea a6 30 0d 06  |........?.[..0..|
@ -64,17 +64,17 @@
 00000060  c5 70 0f 08 83 48 e9 48  ef 6e 50 8b 05 7e e5 84  |.p...H.H.nP..~..|
 00000070  25 fa 55 c7 ae 31 02 27  00 ef 3f 98 86 20 12 89  |%.U..1.'..?.. ..|
 00000080  91 59 28 b4 f7 d7 af d2  69 61 35 14 03 03 00 01  |.Y(.....ia5.....|
-00000090  01 16 03 03 00 28 00 00  00 00 00 00 00 00 57 97  |.....(........W.|
-000000a0  64 ef 80 07 b0 31 02 c8  2a a2 b7 1f d6 a3 7c 7a  |d....1..*.....|z|
-000000b0  e9 c4 e1 55 9f 0a ef 0d  8f 0a 57 13 f5 a4        |...U......W...|
+00000090  01 16 03 03 00 28 00 00  00 00 00 00 00 00 26 0c  |.....(........&.|
+000000a0  81 5b e0 e4 c5 0f 8b b4  53 f3 84 f8 7c 63 76 2e  |.[......S...|cv.|
+000000b0  47 23 b3 48 a4 2b c0 e8  30 68 0c 34 42 03        |G#.H.+..0h.4B.|
 >>> Flow 4 (server to client)
-00000000  14 03 03 00 01 01 16 03  03 00 28 42 49 9c 67 4f  |..........(BI.gO|
-00000010  36 75 b8 34 0e ee 00 98  1a ba 52 d5 96 7b 91 d7  |6u.4......R..{..|
-00000020  ba ec e4 5e 2e 42 e3 72  a0 ea 60 24 31 30 3d a2  |...^.B.r..`$10=.|
-00000030  c5 6c 8f                                          |.l.|
+00000000  14 03 03 00 01 01 16 03  03 00 28 f0 52 59 4b c1  |..........(.RYK.|
+00000010  54 7c 0d 0c 4a 82 96 0a  50 d2 6d ce 7c 2f e9 3c  |T|..J...P.m.|/.<|
+00000020  55 ea da ea 8a 1a 6f 1d  fe 96 01 0f 42 61 61 45  |U.....o.....BaaE|
+00000030  ef 31 97                                          |.1.|
 >>> Flow 5 (client to server)
-00000000  17 03 03 00 1e 00 00 00  00 00 00 00 01 42 9f da  |.............B..|
-00000010  a1 e6 98 48 a8 6c 78 a0  f7 fd e7 0f bc df 97 ef  |...H.lx.........|
-00000020  b8 62 4c 15 03 03 00 1a  00 00 00 00 00 00 00 02  |.bL.............|
-00000030  99 ac 35 a4 d9 1f 58 26  51 c6 6a b9 1f 53 ec 19  |..5...X&Q.j..S..|
-00000040  90 78                                             |.x|
+00000000  17 03 03 00 1e 00 00 00  00 00 00 00 01 cb 28 8f  |..............(.|
+00000010  dd 5d cf 29 ef 92 72 71  43 85 c1 1b fe 41 a4 f8  |.].)..rqC....A..|
+00000020  07 f7 96 15 03 03 00 1a  00 00 00 00 00 00 00 02  |................|
+00000030  25 52 2c d6 5a f4 95 ea  21 bb 35 70 d1 78 cc 15  |%R,.Z...!.5p.x..|
+00000040  d5 79                                             |.y|