mirrors/utls
1
0
Fork 0
mirror of https://github.com/refraction-networking/utls.git synced 2025-04-03 03:57:36 +03:00
Code Issues Projects Releases Packages Wiki Activity
utls/testdata
History
Roland Shoemaker 18d259497e crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 
When either the server or client are lacking hardware support for
AES-GCM ciphers, indicated by the server lacking the relevant
instructions and by the client not putting AES-GCM ciphers at the top
of its preference list, reorder the preference list to de-prioritize
AES-GCM based ciphers when they are adjacent to other AEAD ciphers.

Also updates a number of recorded openssl TLS tests which previously
only specified TLS 1.2 cipher preferences (using -cipher), but not
TLS 1.3 cipher preferences (using -ciphersuites), to specify both
preferences, making these tests more predictable.

Fixes #41181.

Change-Id: Ied896c96c095481e755aaff9ff0746fb4cb9568e
Reviewed-on: https://go-review.googlesource.com/c/go/+/262857
Run-TryBot: Roland Shoemaker <roland@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Trust: Roland Shoemaker <roland@golang.org>
Trust: Katie Hockman <katie@golang.org>
2020-11-10 01:40:27 +00:00
..
Client-TLSv10-ClientCert-ECDSA-ECDSA crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv10-ClientCert-ECDSA-RSA crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv10-ClientCert-Ed25519 crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv10-ClientCert-RSA-ECDSA crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv10-ClientCert-RSA-RSA crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv10-ECDHE-ECDSA-AES crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv10-ECDHE-RSA-AES crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv10-Ed25519 crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv10-ExportKeyingMaterial crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv10-RSA-RC4 crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv11-ECDHE-ECDSA-AES crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv11-ECDHE-RSA-AES crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv11-Ed25519 crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv11-RSA-RC4 crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv12-AES128-GCM-SHA256 crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv12-AES128-SHA256 crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv12-AES256-GCM-SHA384 crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv12-ALPN crypto/tls: remove NPN support 2019-10-04 18:07:46 +00:00
Client-TLSv12-ALPN-NoMatch crypto/tls: support AES-128-CBC cipher suites with SHA-256. 2016-08-18 21:46:46 +00:00
Client-TLSv12-ClientCert-ECDSA-ECDSA crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv12-ClientCert-ECDSA-RSA crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv12-ClientCert-Ed25519 crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv12-ClientCert-RSA-AES256-GCM-SHA384 crypto/tls: re-enable RSA-PSS in TLS 1.2 again 2019-11-12 01:09:15 +00:00
Client-TLSv12-ClientCert-RSA-ECDSA crypto/tls: re-enable RSA-PSS in TLS 1.2 again 2019-11-12 01:09:15 +00:00
Client-TLSv12-ClientCert-RSA-RSA crypto/tls: re-enable RSA-PSS in TLS 1.2 again 2019-11-12 01:09:15 +00:00
Client-TLSv12-ClientCert-RSA-RSAPKCS1v15 crypto/tls: disable RSA-PSS in TLS 1.2 again 2019-06-19 19:59:14 +00:00
Client-TLSv12-ClientCert-RSA-RSAPSS crypto/tls: re-enable RSA-PSS in TLS 1.2 again 2019-11-12 01:09:15 +00:00
Client-TLSv12-ECDHE-ECDSA-AES crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv12-ECDHE-ECDSA-AES-GCM crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv12-ECDHE-ECDSA-AES128-SHA256 crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv12-ECDHE-ECDSA-AES256-GCM-SHA384 crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv12-ECDHE-ECDSA-CHACHA20-POLY1305 crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv12-ECDHE-RSA-AES crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv12-ECDHE-RSA-AES128-SHA256 crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv12-ECDHE-RSA-CHACHA20-POLY1305 crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv12-Ed25519 crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv12-ExportKeyingMaterial crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv12-P256-ECDHE crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv12-RenegotiateOnce crypto/tls: re-enable RSA-PSS in TLS 1.2 again 2019-11-12 01:09:15 +00:00
Client-TLSv12-RenegotiateTwice crypto/tls: re-enable RSA-PSS in TLS 1.2 again 2019-11-12 01:09:15 +00:00
Client-TLSv12-RenegotiateTwiceRejected crypto/tls: re-enable RSA-PSS in TLS 1.2 again 2019-11-12 01:09:15 +00:00
Client-TLSv12-RenegotiationRejected crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv12-RSA-RC4 crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv12-SCT crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv12-X25519-ECDHE crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv13-AES128-SHA256 crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv13-AES256-SHA384 crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv13-ALPN crypto/tls: remove NPN support 2019-10-04 18:07:46 +00:00
Client-TLSv13-CHACHA20-SHA256 crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv13-ClientCert-ECDSA-RSA crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv13-ClientCert-Ed25519 crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv13-ClientCert-RSA-ECDSA crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv13-ClientCert-RSA-RSAPSS crypto/tls: disable RSA-PSS in TLS 1.2 again 2019-06-19 19:59:14 +00:00
Client-TLSv13-ECDSA crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv13-Ed25519 crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv13-ExportKeyingMaterial crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv13-HelloRetryRequest crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv13-KeyUpdate crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv13-P256-ECDHE crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv13-X25519-ECDHE crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
example-cert.pem crypto/tls: add examples for [Load]X509KeyPair 2018-04-30 17:25:27 +00:00
example-key.pem crypto/tls: add examples for [Load]X509KeyPair 2018-04-30 17:25:27 +00:00
Server-TLSv10-ECDHE-ECDSA-AES crypto/tls: send ec_points_format extension in ServerHello 2019-10-31 15:14:45 +00:00
Server-TLSv10-ExportKeyingMaterial crypto/tls: rotate session keys in older TLS versions 2020-05-07 18:33:39 +00:00
Server-TLSv10-RSA-3DES crypto/tls: send ec_points_format extension in ServerHello 2019-10-31 15:14:45 +00:00
Server-TLSv10-RSA-AES crypto/tls: send ec_points_format extension in ServerHello 2019-10-31 15:14:45 +00:00
Server-TLSv10-RSA-RC4 crypto/tls: send ec_points_format extension in ServerHello 2019-10-31 15:14:45 +00:00
Server-TLSv11-FallbackSCSV crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-TLSv11-RSA-RC4 crypto/tls: send ec_points_format extension in ServerHello 2019-10-31 15:14:45 +00:00
Server-TLSv12-ALPN crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv12-ALPN-NoMatch crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv12-CipherSuiteCertPreferenceECDSA crypto/tls: send ec_points_format extension in ServerHello 2019-10-31 15:14:45 +00:00
Server-TLSv12-CipherSuiteCertPreferenceRSA crypto/tls: re-enable RSA-PSS in TLS 1.2 again 2019-11-12 01:09:15 +00:00
Server-TLSv12-ClientAuthRequestedAndECDSAGiven crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv12-ClientAuthRequestedAndEd25519Given crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv12-ClientAuthRequestedAndGiven crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv12-ClientAuthRequestedAndPKCS1v15Given crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv12-ClientAuthRequestedNotGiven crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv12-ECDHE-ECDSA-AES crypto/tls: send ec_points_format extension in ServerHello 2019-10-31 15:14:45 +00:00
Server-TLSv12-Ed25519 crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv12-ExportKeyingMaterial crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv12-IssueTicket crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv12-IssueTicketPreDisable crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv12-P256 crypto/tls: re-enable RSA-PSS in TLS 1.2 again 2019-11-12 01:09:15 +00:00
Server-TLSv12-Resume crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv12-ResumeDisabled crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv12-RSA-3DES crypto/tls: send ec_points_format extension in ServerHello 2019-10-31 15:14:45 +00:00
Server-TLSv12-RSA-AES crypto/tls: send ec_points_format extension in ServerHello 2019-10-31 15:14:45 +00:00
Server-TLSv12-RSA-AES-GCM crypto/tls: re-enable RSA-PSS in TLS 1.2 again 2019-11-12 01:09:15 +00:00
Server-TLSv12-RSA-AES256-GCM-SHA384 crypto/tls: re-enable RSA-PSS in TLS 1.2 again 2019-11-12 01:09:15 +00:00
Server-TLSv12-RSA-RC4 crypto/tls: send ec_points_format extension in ServerHello 2019-10-31 15:14:45 +00:00
Server-TLSv12-RSA-RSAPKCS1v15 crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv12-RSA-RSAPSS crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv12-SNI crypto/tls: send ec_points_format extension in ServerHello 2019-10-31 15:14:45 +00:00
Server-TLSv12-SNI-GetCertificate crypto/tls: send ec_points_format extension in ServerHello 2019-10-31 15:14:45 +00:00
Server-TLSv12-SNI-GetCertificateNotFound crypto/tls: send ec_points_format extension in ServerHello 2019-10-31 15:14:45 +00:00
Server-TLSv12-X25519 crypto/tls: re-enable RSA-PSS in TLS 1.2 again 2019-11-12 01:09:15 +00:00
Server-TLSv13-AES128-SHA256 crypto/tls: send ec_points_format extension in ServerHello 2019-10-31 15:14:45 +00:00
Server-TLSv13-AES256-SHA384 crypto/tls: implement TLS 1.3 PSK authentication (server side) 2018-11-12 20:43:35 +00:00
Server-TLSv13-ALPN crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv13-ALPN-NoMatch crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv13-CHACHA20-SHA256 crypto/tls: implement TLS 1.3 PSK authentication (server side) 2018-11-12 20:43:35 +00:00
Server-TLSv13-ClientAuthRequestedAndECDSAGiven crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv13-ClientAuthRequestedAndEd25519Given crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv13-ClientAuthRequestedAndGiven crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv13-ClientAuthRequestedNotGiven crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv13-ECDHE-ECDSA-AES crypto/tls: implement TLS 1.3 PSK authentication (server side) 2018-11-12 20:43:35 +00:00
Server-TLSv13-Ed25519 crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv13-ExportKeyingMaterial crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv13-HelloRetryRequest crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv13-IssueTicket crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv13-IssueTicketPreDisable crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv13-P256 crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv13-Resume crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv13-Resume-HelloRetryRequest crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv13-ResumeDisabled crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv13-RSA-RSAPSS crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv13-RSA-RSAPSS-TooSmall crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv13-X25519 crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00