crypto/tls: advertise support for SHA-512 signatures in 1.2

This is the equivalent change to 1c105980 but for SHA-512. SHA-512 certificates are already supported by default since b53bb2ca, but some servers will refuse connections if the algorithm is not advertised in the overloaded signatureAndHash extension (see 09b238f1). This required adding support for SHA-512 signatures on CertificateVerify and ServerKeyExchange messages, because of said overloading. Some testdata/Client-TLSv1{0,1} files changed because they send a 1.2 ClientHello even if the server picks a lower version. Closes #22422 Change-Id: I16282d03a3040260d203711ec21e6b20a0e1e105 Reviewed-on: https://go-review.googlesource.com/74950 Run-TryBot: Filippo Valsorda <hi@filippo.io> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Adam Langley <agl@golang.org>
2025-04-03 20:17:36 +03:00 · 2017-10-31 19:43:05 -04:00 · 2017-10-31 19:43:05 -04:00 · ca44103d11
commit ca44103d11
parent 90f8fc90bd
48 changed files with 1902 additions and 2108 deletions
--- a/testdata/Client-TLSv12-ClientCert-RSA-RSA
+++ b/testdata/Client-TLSv12-ClientCert-RSA-RSA
@ -1,20 +1,20 @@
 >>> Flow 1 (client to server)
-00000000  16 03 01 00 91 01 00 00  8d 03 03 00 00 00 00 00  |................|
+00000000  16 03 01 00 95 01 00 00  91 03 03 00 00 00 00 00  |................|
 00000010  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
 00000020  00 00 00 00 00 00 00 00  00 00 00 00 00 2c cc a8  |.............,..|
 00000030  cc a9 c0 2f c0 2b c0 30  c0 2c c0 27 c0 13 c0 23  |.../.+.0.,.'...#|
 00000040  c0 09 c0 14 c0 0a 00 9c  00 9d 00 3c 00 2f 00 35  |...........<./.5|
-00000050  c0 12 00 0a 00 05 c0 11  c0 07 01 00 00 38 00 05  |.............8..|
+00000050  c0 12 00 0a 00 05 c0 11  c0 07 01 00 00 3c 00 05  |.............<..|
 00000060  00 05 01 00 00 00 00 00  0a 00 0a 00 08 00 1d 00  |................|
-00000070  17 00 18 00 19 00 0b 00  02 01 00 00 0d 00 0e 00  |................|
-00000080  0c 04 01 04 03 05 01 05  03 02 01 02 03 ff 01 00  |................|
-00000090  01 00 00 12 00 00                                 |......|
+00000070  17 00 18 00 19 00 0b 00  02 01 00 00 0d 00 12 00  |................|
+00000080  10 04 01 04 03 05 01 05  03 06 01 06 03 02 01 02  |................|
+00000090  03 ff 01 00 01 00 00 12  00 00                    |..........|
 >>> Flow 2 (server to client)
-00000000  16 03 03 00 59 02 00 00  55 03 03 92 93 45 4c f9  |....Y...U....EL.|
-00000010  93 bf ee 78 58 e0 42 b6  df 32 c2 63 6d ec 89 66  |...xX.B..2.cm..f|
-00000020  5a 11 7c 0d 31 2f b5 90  22 ab 3d 20 65 f3 40 c4  |Z.|.1/..".= e.@.|
-00000030  f8 31 fa 80 f3 fb a7 f6  9e dc 0c 94 67 48 d9 2b  |.1..........gH.+|
-00000040  cb 94 82 5f 4e 8b 41 5e  c6 63 27 da c0 2f 00 00  |..._N.A^.c'../..|
+00000000  16 03 03 00 59 02 00 00  55 03 03 cd 8e 54 03 73  |....Y...U....T.s|
+00000010  80 fb 7a 0a 38 a0 cd d3  5c 1a 84 a2 66 43 47 68  |..z.8...\...fCGh|
+00000020  7b d9 c0 5b c3 14 2f 51  45 12 62 20 9e 32 b0 17  |{..[../QE.b .2..|
+00000030  85 6e 8a de ae 7a f7 09  76 79 5f 74 eb b1 3c e9  |.n...z..vy_t..<.|
+00000040  4f 36 09 ef b2 f9 8f 25  c1 db 37 46 c0 2f 00 00  |O6.....%..7F./..|
 00000050  0d ff 01 00 01 00 00 0b  00 04 03 00 01 02 16 03  |................|
 00000060  03 02 59 0b 00 02 55 00  02 52 00 02 4f 30 82 02  |..Y...U..R..O0..|
 00000070  4b 30 82 01 b4 a0 03 02  01 02 02 09 00 e8 f0 9d  |K0..............|
@ -54,17 +54,17 @@
 00000290  77 8d 0c 1c f1 0f a1 d8  40 83 61 c9 4c 72 2b 9d  |w.......@.a.Lr+.|
 000002a0  ae db 46 06 06 4d f4 c1  b3 3e c0 d1 bd 42 d4 db  |..F..M...>...B..|
 000002b0  fe 3d 13 60 84 5c 21 d3  3b e9 fa e7 16 03 03 00  |.=.`.\!.;.......|
-000002c0  ac 0c 00 00 a8 03 00 1d  20 66 49 44 2b 04 fe f5  |........ fID+...|
-000002d0  41 68 60 09 81 0e 24 c4  46 68 33 87 41 dd 48 69  |Ah`...$.Fh3.A.Hi|
-000002e0  4c be c8 22 2d 4e ff 80  20 04 01 00 80 30 85 40  |L.."-N.. ....0.@|
-000002f0  30 56 d5 1d 41 14 9d e8  27 39 a2 18 d5 eb 92 27  |0V..A...'9.....'|
-00000300  63 4b 05 85 1a 9e 5f 60  2c 80 a3 20 9f 9c 57 29  |cK...._`,.. ..W)|
-00000310  ba 5f ac 0a aa 89 98 fc  ca 8e 37 6b 44 bc 0f 33  |._........7kD..3|
-00000320  5d 47 91 46 55 d4 f9 4f  76 73 51 c4 f6 a9 90 e4  |]G.FU..OvsQ.....|
-00000330  95 10 92 94 f1 33 11 3d  83 0a eb 5d ff e6 9d 9c  |.....3.=...]....|
-00000340  19 ec e1 65 11 ad d7 7b  6a a4 f9 d8 b6 0c 53 8a  |...e...{j.....S.|
-00000350  16 d5 1f a7 0b 80 6f c5  d8 6a 57 11 2f b1 84 65  |......o..jW./..e|
-00000360  24 8a 02 de aa 10 40 bd  9b 68 a2 b7 b6 16 03 03  |$.....@..h......|
+000002c0  ac 0c 00 00 a8 03 00 1d  20 57 b6 34 6b 1c 97 1f  |........ W.4k...|
+000002d0  51 f1 d5 38 68 a2 2f 69  fb 9e 94 cf 7e c3 25 97  |Q..8h./i....~.%.|
+000002e0  82 e9 32 c0 0e 99 0c 7c  50 04 01 00 80 2d 08 85  |..2....|P....-..|
+000002f0  c5 bc d6 3b 94 c5 7e 26  80 bc 0d 63 50 84 d0 77  |...;..~&...cP..w|
+00000300  f8 4b cd 2c d4 cb e0 f2  7c 63 dc 9e 42 4e 3f 3c  |.K.,....|c..BN?<|
+00000310  a3 b7 c7 41 e6 e9 2c da  ff 06 6d ec b5 f3 57 22  |...A..,...m...W"|
+00000320  3a 6b cc 6b 00 d0 53 6e  b1 89 7c 09 cc db 8e f1  |:k.k..Sn..|.....|
+00000330  00 32 d1 68 2f ae 7a 83  00 71 a8 81 e6 66 c2 e7  |.2.h/.z..q...f..|
+00000340  13 94 bf 9b 30 84 23 3d  95 03 11 4d 3a e7 4c 0a  |....0.#=...M:.L.|
+00000350  43 c7 6d 31 c1 92 b1 ab  7d 11 a1 2f 4a 2d bd fe  |C.m1....}../J-..|
+00000360  f5 d4 b1 ab ef 2d e3 79  ee 2f 6b 44 29 16 03 03  |.....-.y./kD)...|
 00000370  00 2a 0d 00 00 26 03 01  02 40 00 1e 06 01 06 02  |.*...&...@......|
 00000380  06 03 05 01 05 02 05 03  04 01 04 02 04 03 03 01  |................|
 00000390  03 02 03 03 02 01 02 02  02 03 00 00 16 03 03 00  |................|
@ -105,26 +105,26 @@
 00000200  e5 35 16 03 03 00 25 10  00 00 21 20 2f e5 7d a3  |.5....%...! /.}.|
 00000210  47 cd 62 43 15 28 da ac  5f bb 29 07 30 ff f6 84  |G.bC.(.._.).0...|
 00000220  af c4 cf c2 ed 90 99 5f  58 cb 3b 74 16 03 03 00  |......._X.;t....|
-00000230  88 0f 00 00 84 05 01 00  80 05 9b 97 90 30 0b 21  |.............0.!|
-00000240  ed 52 16 19 e0 54 7d 59  42 17 94 81 9b 2c b6 5b  |.R...T}YB....,.[|
-00000250  7f 7c 8e a5 bf 27 a9 25  14 74 f0 37 fa 6e 2b 84  |.|...'.%.t.7.n+.|
-00000260  80 a4 cd ae a6 8a 1b 62  2d 5e 03 ff 70 55 d7 99  |.......b-^..pU..|
-00000270  68 3c b3 0e 03 41 ae af  c6 3e 09 d4 16 8e 06 71  |h<...A...>.....q|
-00000280  14 f8 90 97 cd f6 eb 7d  90 3c d1 f3 95 db 35 3c  |.......}.<....5<|
-00000290  c9 7d dc 30 55 e1 a0 66  8e 26 20 4f 43 89 08 6f  |.}.0U..f.& OC..o|
-000002a0  95 58 42 ae e8 6c b6 77  45 c6 8c c7 ad e5 ed ff  |.XB..l.wE.......|
-000002b0  09 6f 2e 7e b0 e4 5c f2  db 14 03 03 00 01 01 16  |.o.~..\.........|
-000002c0  03 03 00 28 00 00 00 00  00 00 00 00 c0 2c cc 32  |...(.........,.2|
-000002d0  78 5e 6c 3e e9 a3 83 65  b4 bb 4e 79 b2 04 08 30  |x^l>...e..Ny...0|
-000002e0  09 e9 04 99 70 48 44 95  26 b0 37 c9              |....pHD.&.7.|
+00000230  88 0f 00 00 84 06 01 00  80 72 5e f2 3f d2 7d 33  |.........r^.?.}3|
+00000240  ec 01 70 e5 91 5b 71 ac  48 88 99 5a af ad 40 82  |..p..[q.H..Z..@.|
+00000250  a7 de 2f 25 16 67 e1 e3  7d e6 d5 0f 79 63 63 56  |../%.g..}...yccV|
+00000260  1b 45 da 38 f7 99 4d a2  8e 6f 70 02 92 21 da 69  |.E.8..M..op..!.i|
+00000270  ba 2d 95 ea e5 5a f1 be  23 bb d2 8c 8b 36 b8 bf  |.-...Z..#....6..|
+00000280  c3 b5 c8 48 3c 27 26 c8  52 9c a4 53 d0 4e a6 7e  |...H<'&.R..S.N.~|
+00000290  cf 95 01 20 62 e1 47 59  82 b0 f1 64 e7 8e f4 f4  |... b.GY...d....|
+000002a0  c7 50 67 83 ec 56 10 9d  0b 54 60 5a 1a 0f 0d 31  |.Pg..V...T`Z...1|
+000002b0  31 c6 2d 12 e6 e4 22 77  6a 14 03 03 00 01 01 16  |1.-..."wj.......|
+000002c0  03 03 00 28 00 00 00 00  00 00 00 00 91 d6 08 d4  |...(............|
+000002d0  74 3f 02 78 ed c3 9d 0b  a7 f0 10 c7 e8 4a a3 a7  |t?.x.........J..|
+000002e0  d7 b7 c1 ca d4 fc e9 dc  b5 ca 35 39              |..........59|
 >>> Flow 4 (server to client)
-00000000  14 03 03 00 01 01 16 03  03 00 28 5f 80 e2 f1 78  |..........(_...x|
-00000010  0f cb 58 5c 3c 50 4c 1e  33 8a 1f b7 89 92 37 11  |..X\<PL.3.....7.|
-00000020  a3 8a 76 39 4a 3d b0 1f  a3 e9 ba 52 f8 2b e5 a3  |..v9J=.....R.+..|
-00000030  59 7c ac                                          |Y|.|
+00000000  14 03 03 00 01 01 16 03  03 00 28 d8 3b 3c 00 02  |..........(.;<..|
+00000010  7d c2 88 cf 6e 9b b3 99  cb b6 60 74 da 07 cb 6d  |}...n.....`t...m|
+00000020  95 ce dd 08 d4 a3 5f 0d  79 89 40 8f 71 03 76 0a  |......_.y.@.q.v.|
+00000030  c3 c0 d3                                          |...|
 >>> Flow 5 (client to server)
-00000000  17 03 03 00 1e 00 00 00  00 00 00 00 01 75 dc 54  |.............u.T|
-00000010  d9 c5 b1 c2 c9 64 9a ea  20 e5 76 61 6c 05 af 33  |.....d.. .val..3|
-00000020  6b bc d7 15 03 03 00 1a  00 00 00 00 00 00 00 02  |k...............|
-00000030  24 6b 03 76 d3 da d0 ee  a6 32 c3 58 a1 5e a5 21  |$k.v.....2.X.^.!|
-00000040  b8 3a                                             |.:|
+00000000  17 03 03 00 1e 00 00 00  00 00 00 00 01 3e 3d cd  |.............>=.|
+00000010  9b 8c 53 b7 86 e1 60 bc  3c 3a 7b b1 cf a5 d1 c8  |..S...`.<:{.....|
+00000020  1b d1 92 15 03 03 00 1a  00 00 00 00 00 00 00 02  |................|
+00000030  83 58 15 c4 87 a3 bf 7b  cf e6 e0 b4 10 37 ad 3b  |.X.....{.....7.;|
+00000040  d9 9a                                             |..|