mirror of
https://github.com/refraction-networking/utls.git
synced 2025-04-04 20:47:36 +03:00
crypto/tls: advertise and accept rsa_pss_rsae signature algorithms
crypto/x509 already supports PSS signatures (with rsaEncryption OID), and crypto/tls support was added in CL 79736. Advertise support for the algorithms and accept them as a peer. Note that this is about PSS signatures from regular RSA public keys. RSA-PSS only public keys (with RSASSA-PSS OID) are supported in neither crypto/tls nor crypto/x509. See RFC 8446, Section 4.2.3. testdata/Server-TLSv12-ClientAuthRequested* got modified because the CertificateRequest carries the supported signature algorithms. The net/smtp tests changed because 512 bits keys are too small for PSS. Based on Peter Wu's CL 79738, who did all the actual work in CL 79736. Updates #9671 Change-Id: I4a31e9c6e152ff4c50a5c8a274edd610d5fff231 Reviewed-on: https://go-review.googlesource.com/c/146258 Run-TryBot: Filippo Valsorda <filippo@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Adam Langley <agl@golang.org>
This commit is contained in:
Filippo Valsorda
parent
6d1d147e90
commit
ed74f7823e
12 changed files with 766 additions and 131 deletions
|
|
@ -1039,6 +1039,22 @@ func TestHandshakeServerExportKeyingMaterial(t *testing.T) {
|
|||
runServerTestTLS12(t, test)
|
||||
}
|
||||
|
||||
func TestHandshakeServerRSAPKCS1v15(t *testing.T) {
|
||||
test := &serverTest{
|
||||
name: "RSA-RSAPKCS1v15",
|
||||
command: []string{"openssl", "s_client", "-no_ticket", "-sigalgs", "rsa_pkcs1_sha256"},
|
||||
}
|
||||
runServerTestTLS12(t, test)
|
||||
}
|
||||
|
||||
func TestHandshakeServerRSAPSS(t *testing.T) {
|
||||
test := &serverTest{
|
||||
name: "RSA-RSAPSS",
|
||||
command: []string{"openssl", "s_client", "-no_ticket", "-sigalgs", "rsa_pss_rsae_sha256"},
|
||||
}
|
||||
runServerTestTLS12(t, test)
|
||||
}
|
||||
|
||||
func benchmarkHandshakeServer(b *testing.B, cipherSuite uint16, curve CurveID, cert []byte, key crypto.PrivateKey) {
|
||||
config := testConfig.Clone()
|
||||
config.CipherSuites = []uint16{cipherSuite}
|
||||
|
|
@ -1120,10 +1136,6 @@ func BenchmarkHandshakeServer(b *testing.B) {
|
|||
})
|
||||
}
|
||||
|
||||
// clientCertificatePEM and clientKeyPEM were generated with generate_cert.go
|
||||
// Thus, they have no ExtKeyUsage fields and trigger an error when verification
|
||||
// is turned on.
|
||||
|
||||
const clientCertificatePEM = `
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIB7zCCAVigAwIBAgIQXBnBiWWDVW/cC8m5k5/pvDANBgkqhkiG9w0BAQsFADAS
|
||||
|
|
@ -1209,20 +1221,31 @@ func TestClientAuth(t *testing.T) {
|
|||
runServerTestTLS12(t, test)
|
||||
|
||||
test = &serverTest{
|
||||
name: "ClientAuthRequestedAndGiven",
|
||||
command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA", "-cert", certPath, "-key", keyPath},
|
||||
name: "ClientAuthRequestedAndGiven",
|
||||
command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA",
|
||||
"-cert", certPath, "-key", keyPath, "-sigalgs", "rsa_pss_rsae_sha256"},
|
||||
config: config,
|
||||
expectedPeerCerts: []string{clientCertificatePEM},
|
||||
}
|
||||
runServerTestTLS12(t, test)
|
||||
|
||||
test = &serverTest{
|
||||
name: "ClientAuthRequestedAndECDSAGiven",
|
||||
command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA", "-cert", ecdsaCertPath, "-key", ecdsaKeyPath},
|
||||
name: "ClientAuthRequestedAndECDSAGiven",
|
||||
command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA",
|
||||
"-cert", ecdsaCertPath, "-key", ecdsaKeyPath},
|
||||
config: config,
|
||||
expectedPeerCerts: []string{clientECDSACertificatePEM},
|
||||
}
|
||||
runServerTestTLS12(t, test)
|
||||
|
||||
test = &serverTest{
|
||||
name: "ClientAuthRequestedAndPKCS1v15Given",
|
||||
command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA",
|
||||
"-cert", certPath, "-key", keyPath, "-sigalgs", "rsa_pkcs1_sha256"},
|
||||
config: config,
|
||||
expectedPeerCerts: []string{clientCertificatePEM},
|
||||
}
|
||||
runServerTestTLS12(t, test)
|
||||
}
|
||||
|
||||
func TestSNIGivenOnFailure(t *testing.T) {
|
||||
|
|
@ -1417,6 +1440,11 @@ var testRSACertificate = fromHex("3082024b308201b4a003020102020900e8f09d3fe25bea
|
|||
|
||||
var testRSACertificateIssuer = fromHex("3082021930820182a003020102020900ca5e4e811a965964300d06092a864886f70d01010b0500301f310b3009060355040a1302476f3110300e06035504031307476f20526f6f74301e170d3136303130313030303030305a170d3235303130313030303030305a301f310b3009060355040a1302476f3110300e06035504031307476f20526f6f7430819f300d06092a864886f70d010101050003818d0030818902818100d667b378bb22f34143b6cd2008236abefaf2852adf3ab05e01329e2c14834f5105df3f3073f99dab5442d45ee5f8f57b0111c8cb682fbb719a86944eebfffef3406206d898b8c1b1887797c9c5006547bb8f00e694b7a063f10839f269f2c34fff7a1f4b21fbcd6bfdfb13ac792d1d11f277b5c5b48600992203059f2a8f8cc50203010001a35d305b300e0603551d0f0101ff040403020204301d0603551d250416301406082b0601050507030106082b06010505070302300f0603551d130101ff040530030101ff30190603551d0e041204104813494d137e1631bba301d5acab6e7b300d06092a864886f70d01010b050003818100c1154b4bab5266221f293766ae4138899bd4c5e36b13cee670ceeaa4cbdf4f6679017e2fe649765af545749fe4249418a56bd38a04b81e261f5ce86b8d5c65413156a50d12449554748c59a30c515bc36a59d38bddf51173e899820b282e40aa78c806526fd184fb6b4cf186ec728edffa585440d2b3225325f7ab580e87dd76")
|
||||
|
||||
// testRSAPSSCertificate has signatureAlgorithm rsassaPss, and subjectPublicKeyInfo
|
||||
// algorithm rsaEncryption, for use with the rsa_pss_rsae_* SignatureSchemes.
|
||||
// See also TestRSAPSSKeyError. testRSAPSSCertificate is self-signed.
|
||||
var testRSAPSSCertificate = fromHex("308202583082018da003020102021100f29926eb87ea8a0db9fcc247347c11b0304106092a864886f70d01010a3034a00f300d06096086480165030402010500a11c301a06092a864886f70d010108300d06096086480165030402010500a20302012030123110300e060355040a130741636d6520436f301e170d3137313132333136313631305a170d3138313132333136313631305a30123110300e060355040a130741636d6520436f30819f300d06092a864886f70d010101050003818d0030818902818100db467d932e12270648bc062821ab7ec4b6a25dfe1e5245887a3647a5080d92425bc281c0be97799840fb4f6d14fd2b138bc2a52e67d8d4099ed62238b74a0b74732bc234f1d193e596d9747bf3589f6c613cc0b041d4d92b2b2423775b1c3bbd755dce2054cfa163871d1e24c4f31d1a508baab61443ed97a77562f414c852d70203010001a3463044300e0603551d0f0101ff0404030205a030130603551d25040c300a06082b06010505070301300c0603551d130101ff04023000300f0603551d110408300687047f000001304106092a864886f70d01010a3034a00f300d06096086480165030402010500a11c301a06092a864886f70d010108300d06096086480165030402010500a20302012003818100cdac4ef2ce5f8d79881042707f7cbf1b5a8a00ef19154b40151771006cd41626e5496d56da0c1a139fd84695593cb67f87765e18aa03ea067522dd78d2a589b8c92364e12838ce346c6e067b51f1a7e6f4b37ffab13f1411896679d18e880e0ba09e302ac067efca460288e9538122692297ad8093d4f7dd701424d7700a46a1")
|
||||
|
||||
var testECDSACertificate = fromHex("3082020030820162020900b8bf2d47a0d2ebf4300906072a8648ce3d04013045310b3009060355040613024155311330110603550408130a536f6d652d53746174653121301f060355040a1318496e7465726e6574205769646769747320507479204c7464301e170d3132313132323135303633325a170d3232313132303135303633325a3045310b3009060355040613024155311330110603550408130a536f6d652d53746174653121301f060355040a1318496e7465726e6574205769646769747320507479204c746430819b301006072a8648ce3d020106052b81040023038186000400c4a1edbe98f90b4873367ec316561122f23d53c33b4d213dcd6b75e6f6b0dc9adf26c1bcb287f072327cb3642f1c90bcea6823107efee325c0483a69e0286dd33700ef0462dd0da09c706283d881d36431aa9e9731bd96b068c09b23de76643f1a5c7fe9120e5858b65f70dd9bd8ead5d7f5d5ccb9b69f30665b669a20e227e5bffe3b300906072a8648ce3d040103818c0030818802420188a24febe245c5487d1bacf5ed989dae4770c05e1bb62fbdf1b64db76140d311a2ceee0b7e927eff769dc33b7ea53fcefa10e259ec472d7cacda4e970e15a06fd00242014dfcbe67139c2d050ebd3fa38c25c13313830d9406bbd4377af6ec7ac9862eddd711697f857c56defb31782be4c7780daecbbe9e4e3624317b6a0f399512078f2a")
|
||||
|
||||
var testSNICertificate = fromHex("0441883421114c81480804c430820237308201a0a003020102020900e8f09d3fe25beaa6300d06092a864886f70d01010b0500301f310b3009060355040a1302476f3110300e06035504031307476f20526f6f74301e170d3136303130313030303030305a170d3235303130313030303030305a3023310b3009060355040a1302476f311430120603550403130b736e69746573742e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100db467d932e12270648bc062821ab7ec4b6a25dfe1e5245887a3647a5080d92425bc281c0be97799840fb4f6d14fd2b138bc2a52e67d8d4099ed62238b74a0b74732bc234f1d193e596d9747bf3589f6c613cc0b041d4d92b2b2423775b1c3bbd755dce2054cfa163871d1e24c4f31d1a508baab61443ed97a77562f414c852d70203010001a3773075300e0603551d0f0101ff0404030205a0301d0603551d250416301406082b0601050507030106082b06010505070302300c0603551d130101ff0402300030190603551d0e041204109f91161f43433e49a6de6db680d79f60301b0603551d230414301280104813494d137e1631bba301d5acab6e7b300d06092a864886f70d01010b0500038181007beeecff0230dbb2e7a334af65430b7116e09f327c3bbf918107fc9c66cb497493207ae9b4dbb045cb63d605ec1b5dd485bb69124d68fa298dc776699b47632fd6d73cab57042acb26f083c4087459bc5a3bb3ca4d878d7fe31016b7bc9a627438666566e3389bfaeebe6becc9a0093ceed18d0f9ac79d56f3a73f18188988ed")
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue