crypto/tls: support AES-128-CBC cipher suites with SHA-256.

These were new with TLS 1.2 and, reportedly, some servers require it. Since it's easy, this change adds suport for three flavours of AES-128-CBC with SHA-256 MACs. Other testdata/ files have to be updated because this changes the list of cipher suites offered by default by the client. Fixes #15487. Change-Id: I1b14330c31eeda20185409a37072343552c3464f Reviewed-on: https://go-review.googlesource.com/27315 Run-TryBot: Adam Langley <agl@golang.org> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> Reviewed-by: Jonathan Rudenberg <jonathan@titanous.com> TryBot-Result: Gobot Gobot <gobot@golang.org>
2025-04-04 04:27:36 +03:00 · 2016-08-17 16:45:47 -07:00 · 2016-08-17 16:45:47 -07:00 · e099795efd
commit e099795efd
parent 5ad0511ca2
34 changed files with 2043 additions and 1717 deletions
--- a/testdata/Client-TLSv12-AES128-GCM-SHA256
+++ b/testdata/Client-TLSv12-AES128-GCM-SHA256
@ -1,19 +1,19 @@
 >>> Flow 1 (client to server)
-00000000  16 03 01 00 85 01 00 00  81 03 03 00 00 00 00 00  |................|
+00000000  16 03 01 00 8b 01 00 00  87 03 03 00 00 00 00 00  |................|
 00000010  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
-00000020  00 00 00 00 00 00 00 00  00 00 00 00 00 22 c0 2f  |............."./|
-00000030  c0 2b c0 30 c0 2c c0 11  c0 07 c0 13 c0 09 c0 14  |.+.0.,..........|
-00000040  c0 0a 00 9c 00 9d 00 05  00 2f 00 35 c0 12 00 0a  |........./.5....|
-00000050  01 00 00 36 00 05 00 05  01 00 00 00 00 00 0a 00  |...6............|
-00000060  08 00 06 00 17 00 18 00  19 00 0b 00 02 01 00 00  |................|
-00000070  0d 00 0e 00 0c 04 01 04  03 05 01 05 03 02 01 02  |................|
-00000080  03 ff 01 00 01 00 00 12  00 00                    |..........|
+00000020  00 00 00 00 00 00 00 00  00 00 00 00 00 28 c0 2f  |.............(./|
+00000030  c0 2b c0 30 c0 2c c0 27  c0 13 c0 23 c0 09 c0 14  |.+.0.,.'...#....|
+00000040  c0 0a 00 9c 00 9d 00 3c  00 2f 00 35 c0 12 00 0a  |.......<./.5....|
+00000050  00 05 c0 11 c0 07 01 00  00 36 00 05 00 05 01 00  |.........6......|
+00000060  00 00 00 00 0a 00 08 00  06 00 17 00 18 00 19 00  |................|
+00000070  0b 00 02 01 00 00 0d 00  0e 00 0c 04 01 04 03 05  |................|
+00000080  01 05 03 02 01 02 03 ff  01 00 01 00 00 12 00 00  |................|
 >>> Flow 2 (server to client)
-00000000  16 03 03 00 51 02 00 00  4d 03 03 40 b4 e4 93 12  |....Q...M..@....|
-00000010  93 e8 72 80 9a 5b 49 8f  0a a4 b9 da 48 3c f8 3e  |..r..[I.....H<.>|
-00000020  61 8b 0d 63 e6 ca d1 28  9f 76 5b 20 e9 d2 9f 81  |a..c...(.v[ ....|
-00000030  11 5b b9 41 4e 93 d4 7b  8c fa fc 07 82 eb d2 a2  |.[.AN..{........|
-00000040  fc 35 59 c8 41 c2 b5 9f  e1 0d ad 82 00 9c 00 00  |.5Y.A...........|
+00000000  16 03 03 00 51 02 00 00  4d 03 03 a3 21 43 88 85  |....Q...M...!C..|
+00000010  1c 79 0b 73 68 bb 9d 21  9b 9e 1b 35 ba f0 b9 23  |.y.sh..!...5...#|
+00000020  98 cc 58 c9 91 d5 d4 0b  a3 34 f4 20 1f 0b 14 7f  |..X......4. ....|
+00000030  3e b0 95 a8 3e 55 80 d3  72 81 39 72 79 11 59 8e  |>...>U..r.9ry.Y.|
+00000040  9e 5d 57 14 00 fd 48 6a  a1 76 f5 83 00 9c 00 00  |.]W...Hj.v......|
 00000050  05 ff 01 00 01 00 16 03  03 02 59 0b 00 02 55 00  |..........Y...U.|
 00000060  02 52 00 02 4f 30 82 02  4b 30 82 01 b4 a0 03 02  |.R..O0..K0......|
 00000070  01 02 02 09 00 e8 f0 9d  3f e2 5b ea a6 30 0d 06  |........?.[..0..|
@ -63,17 +63,17 @@
 00000060  c5 70 0f 08 83 48 e9 48  ef 6e 50 8b 05 7e e5 84  |.p...H.H.nP..~..|
 00000070  25 fa 55 c7 ae 31 02 27  00 ef 3f 98 86 20 12 89  |%.U..1.'..?.. ..|
 00000080  91 59 28 b4 f7 d7 af d2  69 61 35 14 03 03 00 01  |.Y(.....ia5.....|
-00000090  01 16 03 03 00 28 00 00  00 00 00 00 00 00 fe 7f  |.....(..........|
-000000a0  ef 65 01 85 ef 6a de d3  81 dd 0a 05 25 bd bf db  |.e...j......%...|
-000000b0  6a 65 f0 c6 d4 cb 40 ec  8d 39 fa 08 60 89        |je....@..9..`.|
+00000090  01 16 03 03 00 28 00 00  00 00 00 00 00 00 71 ea  |.....(........q.|
+000000a0  6e 5a 0e 2b bf 1e b6 c8  ca 92 04 e4 b3 cc f7 00  |nZ.+............|
+000000b0  79 a1 5f 96 a5 a5 a7 26  e6 0c a1 b0 7c 1f        |y._....&....|.|
 >>> Flow 4 (server to client)
-00000000  14 03 03 00 01 01 16 03  03 00 28 3b ec 4d 30 2e  |..........(;.M0.|
-00000010  8e f1 51 6d 34 3c 08 64  d2 30 07 60 20 bd fd e2  |..Qm4<.d.0.` ...|
-00000020  0f 9f dd b0 79 22 ff db  de ed e6 e0 25 0b c1 86  |....y"......%...|
-00000030  a2 04 08                                          |...|
+00000000  14 03 03 00 01 01 16 03  03 00 28 55 d1 d6 5c df  |..........(U..\.|
+00000010  83 67 63 7f 50 f9 d7 1b  f1 93 ee fa 98 60 ab 06  |.gc.P........`..|
+00000020  b4 7e e7 d3 44 8e 7d 90  2f b9 fb 2b 35 3b 20 76  |.~..D.}./..+5; v|
+00000030  38 4e ea                                          |8N.|
 >>> Flow 5 (client to server)
-00000000  17 03 03 00 1e 00 00 00  00 00 00 00 01 ea c5 33  |...............3|
-00000010  1b ba ad 0b 84 8f 76 f2  94 be a9 7f 1a 96 23 ff  |......v.......#.|
-00000020  a6 0a e0 15 03 03 00 1a  00 00 00 00 00 00 00 02  |................|
-00000030  e0 07 5d 5a 71 54 ae 2a  2a 7c 1a 7c 62 d4 53 44  |..]ZqT.**|.|b.SD|
-00000040  aa 3e                                             |.>|
+00000000  17 03 03 00 1e 00 00 00  00 00 00 00 01 26 42 83  |.............&B.|
+00000010  2e a6 ab c2 34 5e 8c 8e  11 bf 3c e6 86 ec 90 46  |....4^....<....F|
+00000020  b1 66 a1 15 03 03 00 1a  00 00 00 00 00 00 00 02  |.f..............|
+00000030  8e f6 8a 98 ae 2d 7d 36  e4 cc 11 aa ea 41 21 7c  |.....-}6.....A!||
+00000040  fc fe                                             |..|