mirrors/utls
1
0
Fork 0
mirror of https://github.com/refraction-networking/utls.git synced 2025-04-03 03:57:36 +03:00
Code Issues Projects Releases Packages Wiki Activity
utls/testdata
History
Filippo Valsorda 245de0a13b crypto/tls: clarify group selection logic 
I initially thought the logic was broken, but writing the test I
realized it was actually very clever (derogative). It was relying on the
outer loop continuing after a supported match without a key share,
allowing a later key share to override it (but not a later supported
match because of the "if selectedGroup != 0 { continue }").

Replaced the clever loop with two hopefully more understandable loops,
and added a test (which was already passing).

We were however not checking that the selected group is in the supported
list if we found it in key shares first. (This was only a MAY.) Fixed.

Fixes #65686

Change-Id: I09ea44f90167ffa36809deb78255ed039a217b6d
Reviewed-on: https://go-review.googlesource.com/c/go/+/586655
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
2024-05-22 14:19:11 +00:00
..
Client-TLSv10-ClientCert-ECDSA-ECDSA crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv10-ClientCert-ECDSA-RSA crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv10-ClientCert-Ed25519 crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv10-ClientCert-RSA-ECDSA crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv10-ClientCert-RSA-RSA crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv10-ECDHE-ECDSA-AES crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv10-ECDHE-RSA-AES crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv10-Ed25519 crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv10-ExportKeyingMaterial crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv10-RSA-RC4 crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv11-ECDHE-ECDSA-AES crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv11-ECDHE-RSA-AES crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv11-Ed25519 crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv11-RSA-RC4 crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv12-AES128-GCM-SHA256 crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv12-AES128-SHA256 crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv12-AES256-GCM-SHA384 crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv12-ALPN crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv12-ALPN-NoMatch crypto/tls: support AES-128-CBC cipher suites with SHA-256. 2016-08-18 21:46:46 +00:00
Client-TLSv12-ClientCert-ECDSA-ECDSA crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv12-ClientCert-ECDSA-RSA crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv12-ClientCert-Ed25519 crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv12-ClientCert-RSA-AES256-GCM-SHA384 crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv12-ClientCert-RSA-ECDSA crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv12-ClientCert-RSA-RSA crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv12-ClientCert-RSA-RSAPKCS1v15 crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv12-ClientCert-RSA-RSAPSS crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv12-ECDHE-ECDSA-AES crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv12-ECDHE-ECDSA-AES-GCM crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv12-ECDHE-ECDSA-AES128-SHA256 crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv12-ECDHE-ECDSA-AES256-GCM-SHA384 crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv12-ECDHE-ECDSA-CHACHA20-POLY1305 crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv12-ECDHE-RSA-AES crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv12-ECDHE-RSA-AES128-SHA256 crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv12-ECDHE-RSA-CHACHA20-POLY1305 crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv12-Ed25519 crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv12-ExportKeyingMaterial crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv12-P256-ECDHE crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv12-RenegotiateOnce crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv12-RenegotiateTwice crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv12-RenegotiateTwiceRejected crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv12-RenegotiationRejected crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv12-RSA-RC4 crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv12-SCT crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv12-X25519-ECDHE crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv13-AES128-SHA256 crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv13-AES256-SHA384 crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv13-ALPN crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv13-CHACHA20-SHA256 crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv13-ClientCert-ECDSA-RSA crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv13-ClientCert-Ed25519 crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv13-ClientCert-RSA-ECDSA crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv13-ClientCert-RSA-RSAPSS crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv13-ECDSA crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv13-Ed25519 crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv13-ExportKeyingMaterial crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv13-HelloRetryRequest crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv13-KeyUpdate crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv13-P256-ECDHE crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Client-TLSv13-X25519-ECDHE crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
example-cert.pem crypto/tls: add examples for [Load]X509KeyPair 2018-04-30 17:25:27 +00:00
example-key.pem crypto/tls: add examples for [Load]X509KeyPair 2018-04-30 17:25:27 +00:00
Server-TLSv10-ECDHE-ECDSA-AES crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Server-TLSv10-ExportKeyingMaterial crypto/tls: don't reverify but check certificate expiration on resumption 2023-05-25 00:14:50 +00:00
Server-TLSv10-RSA-3DES crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Server-TLSv10-RSA-AES crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Server-TLSv10-RSA-RC4 crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Server-TLSv11-FallbackSCSV crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-TLSv11-RSA-RC4 crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Server-TLSv12-ALPN crypto/tls: don't reverify but check certificate expiration on resumption 2023-05-25 00:14:50 +00:00
Server-TLSv12-ALPN-Fallback crypto/tls: don't reverify but check certificate expiration on resumption 2023-05-25 00:14:50 +00:00
Server-TLSv12-ALPN-NoMatch crypto/tls: enforce ALPN overlap when negotiated on both sides 2021-05-06 18:57:43 +00:00
Server-TLSv12-ALPN-NotConfigured crypto/tls: don't reverify but check certificate expiration on resumption 2023-05-25 00:14:50 +00:00
Server-TLSv12-ClientAuthRequestedAndECDSAGiven crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Server-TLSv12-ClientAuthRequestedAndEd25519Given crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Server-TLSv12-ClientAuthRequestedAndGiven crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Server-TLSv12-ClientAuthRequestedAndPKCS1v15Given crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Server-TLSv12-ClientAuthRequestedNotGiven crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Server-TLSv12-ECDHE-ECDSA-AES crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Server-TLSv12-Ed25519 crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Server-TLSv12-ExportKeyingMaterial crypto/tls: don't reverify but check certificate expiration on resumption 2023-05-25 00:14:50 +00:00
Server-TLSv12-IssueTicket crypto/tls: don't reverify but check certificate expiration on resumption 2023-05-25 00:14:50 +00:00
Server-TLSv12-IssueTicketPreDisable crypto/tls: don't reverify but check certificate expiration on resumption 2023-05-25 00:14:50 +00:00
Server-TLSv12-P256 crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Server-TLSv12-Resume crypto/tls: don't reverify but check certificate expiration on resumption 2023-05-25 00:14:50 +00:00
Server-TLSv12-ResumeDisabled crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Server-TLSv12-RSA-3DES crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Server-TLSv12-RSA-AES crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Server-TLSv12-RSA-AES-GCM crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Server-TLSv12-RSA-AES256-GCM-SHA384 crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Server-TLSv12-RSA-RC4 crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Server-TLSv12-RSA-RSAPKCS1v15 crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Server-TLSv12-RSA-RSAPSS crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Server-TLSv12-SNI crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Server-TLSv12-SNI-GetCertificate crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Server-TLSv12-SNI-GetCertificateNotFound crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Server-TLSv12-X25519 crypto/tls: implement Extended Master Secret 2023-05-25 00:13:30 +00:00
Server-TLSv13-AES128-SHA256 crypto/tls: don't reverify but check certificate expiration on resumption 2023-05-25 00:14:50 +00:00
Server-TLSv13-AES256-SHA384 crypto/tls: don't reverify but check certificate expiration on resumption 2023-05-25 00:14:50 +00:00
Server-TLSv13-ALPN crypto/tls: don't reverify but check certificate expiration on resumption 2023-05-25 00:14:50 +00:00
Server-TLSv13-ALPN-Fallback crypto/tls: don't reverify but check certificate expiration on resumption 2023-05-25 00:14:50 +00:00
Server-TLSv13-ALPN-NoMatch crypto/tls: add QUIC 0-RTT APIs 2023-05-25 00:13:28 +00:00
Server-TLSv13-ALPN-NotConfigured crypto/tls: don't reverify but check certificate expiration on resumption 2023-05-25 00:14:50 +00:00
Server-TLSv13-CHACHA20-SHA256 crypto/tls: don't reverify but check certificate expiration on resumption 2023-05-25 00:14:50 +00:00
Server-TLSv13-ClientAuthRequestedAndECDSAGiven crypto/tls: don't reverify but check certificate expiration on resumption 2023-05-25 00:14:50 +00:00
Server-TLSv13-ClientAuthRequestedAndEd25519Given crypto/tls: don't reverify but check certificate expiration on resumption 2023-05-25 00:14:50 +00:00
Server-TLSv13-ClientAuthRequestedAndGiven crypto/tls: don't reverify but check certificate expiration on resumption 2023-05-25 00:14:50 +00:00
Server-TLSv13-ClientAuthRequestedNotGiven crypto/tls: don't reverify but check certificate expiration on resumption 2023-05-25 00:14:50 +00:00
Server-TLSv13-ECDHE-ECDSA-AES crypto/tls: don't reverify but check certificate expiration on resumption 2023-05-25 00:14:50 +00:00
Server-TLSv13-Ed25519 crypto/tls: don't reverify but check certificate expiration on resumption 2023-05-25 00:14:50 +00:00
Server-TLSv13-ExportKeyingMaterial crypto/tls: don't reverify but check certificate expiration on resumption 2023-05-25 00:14:50 +00:00
Server-TLSv13-HelloRetryRequest crypto/tls: don't reverify but check certificate expiration on resumption 2023-05-25 00:14:50 +00:00
Server-TLSv13-IssueTicket crypto/tls: don't reverify but check certificate expiration on resumption 2023-05-25 00:14:50 +00:00
Server-TLSv13-IssueTicketPreDisable crypto/tls: don't reverify but check certificate expiration on resumption 2023-05-25 00:14:50 +00:00
Server-TLSv13-KeySharePreference crypto/tls: clarify group selection logic 2024-05-22 14:19:11 +00:00
Server-TLSv13-P256 crypto/tls: don't reverify but check certificate expiration on resumption 2023-05-25 00:14:50 +00:00
Server-TLSv13-Resume crypto/tls: don't reverify but check certificate expiration on resumption 2023-05-25 00:14:50 +00:00
Server-TLSv13-Resume-HelloRetryRequest crypto/tls: don't reverify but check certificate expiration on resumption 2023-05-25 00:14:50 +00:00
Server-TLSv13-ResumeDisabled crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv13-RSA-RSAPSS crypto/tls: don't reverify but check certificate expiration on resumption 2023-05-25 00:14:50 +00:00
Server-TLSv13-RSA-RSAPSS-TooSmall crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv13-X25519 crypto/tls: don't reverify but check certificate expiration on resumption 2023-05-25 00:14:50 +00:00