mirrors/utls
1
0
Fork 0
mirror of https://github.com/refraction-networking/utls.git synced 2025-04-03 03:57:36 +03:00
Code Issues Projects Releases Packages Wiki Activity
utls/testdata
History
Filippo Valsorda 65b9e15fc2 crypto/tls: reduce session ticket linkability 
Ever since session ticket key rotation was introduced in CL 9072, we've
been including a prefix in every ticket to identify what key it's
encrypted with. It's a small privacy gain, but the cost of trial
decryptions is also small, especially since the first key is probably
the most frequently used.

Also reissue tickets on every resumption so that the next connection
can't be linked to all the previous ones. Again the privacy gain is
small but the performance cost is small and it comes with a reduction in
complexity.

For #60105

Change-Id: I852f297162d2b79a3d9bf61f6171e8ce94b2537a
Reviewed-on: https://go-review.googlesource.com/c/go/+/496817
Reviewed-by: Damien Neil <dneil@google.com>
Reviewed-by: Matthew Dempsky <mdempsky@google.com>
Run-TryBot: Damien Neil <dneil@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
2023-05-24 23:56:24 +00:00
..
Client-TLSv10-ClientCert-ECDSA-ECDSA crypto/ecdsa: use bigmod and nistec instead of math/big and crypto/elliptic 2022-11-21 16:19:34 +00:00
Client-TLSv10-ClientCert-ECDSA-RSA crypto/ecdsa: use bigmod and nistec instead of math/big and crypto/elliptic 2022-11-21 16:19:34 +00:00
Client-TLSv10-ClientCert-Ed25519 crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv10-ClientCert-RSA-ECDSA crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv10-ClientCert-RSA-RSA crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv10-ECDHE-ECDSA-AES crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv10-ECDHE-RSA-AES crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv10-Ed25519 crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv10-ExportKeyingMaterial crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv10-RSA-RC4 crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv11-ECDHE-ECDSA-AES crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv11-ECDHE-RSA-AES crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv11-Ed25519 crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3 2019-05-17 16:13:45 +00:00
Client-TLSv11-RSA-RC4 crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv12-AES128-GCM-SHA256 crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv12-AES128-SHA256 crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv12-AES256-GCM-SHA384 crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv12-ALPN crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv12-ALPN-NoMatch crypto/tls: support AES-128-CBC cipher suites with SHA-256. 2016-08-18 21:46:46 +00:00
Client-TLSv12-ClientCert-ECDSA-ECDSA crypto/ecdsa: use bigmod and nistec instead of math/big and crypto/elliptic 2022-11-21 16:19:34 +00:00
Client-TLSv12-ClientCert-ECDSA-RSA crypto/ecdsa: use bigmod and nistec instead of math/big and crypto/elliptic 2022-11-21 16:19:34 +00:00
Client-TLSv12-ClientCert-Ed25519 crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv12-ClientCert-RSA-AES256-GCM-SHA384 crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv12-ClientCert-RSA-ECDSA crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv12-ClientCert-RSA-RSA crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv12-ClientCert-RSA-RSAPKCS1v15 crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv12-ClientCert-RSA-RSAPSS crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv12-ECDHE-ECDSA-AES crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv12-ECDHE-ECDSA-AES-GCM crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv12-ECDHE-ECDSA-AES128-SHA256 crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv12-ECDHE-ECDSA-AES256-GCM-SHA384 crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv12-ECDHE-ECDSA-CHACHA20-POLY1305 crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv12-ECDHE-RSA-AES crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv12-ECDHE-RSA-AES128-SHA256 crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv12-ECDHE-RSA-CHACHA20-POLY1305 crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv12-Ed25519 crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv12-ExportKeyingMaterial crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv12-P256-ECDHE crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv12-RenegotiateOnce crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv12-RenegotiateTwice crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv12-RenegotiateTwiceRejected crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv12-RenegotiationRejected crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv12-RSA-RC4 crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv12-SCT crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv12-X25519-ECDHE crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv13-AES128-SHA256 crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv13-AES256-SHA384 crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv13-ALPN crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv13-CHACHA20-SHA256 crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv13-ClientCert-ECDSA-RSA crypto/ecdsa: use bigmod and nistec instead of math/big and crypto/elliptic 2022-11-21 16:19:34 +00:00
Client-TLSv13-ClientCert-Ed25519 crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv13-ClientCert-RSA-ECDSA crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv13-ClientCert-RSA-RSAPSS crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv13-ECDSA crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv13-Ed25519 crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv13-ExportKeyingMaterial crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv13-HelloRetryRequest crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv13-KeyUpdate crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv13-P256-ECDHE crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
Client-TLSv13-X25519-ECDHE crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00
example-cert.pem crypto/tls: add examples for [Load]X509KeyPair 2018-04-30 17:25:27 +00:00
example-key.pem crypto/tls: add examples for [Load]X509KeyPair 2018-04-30 17:25:27 +00:00
Server-TLSv10-ECDHE-ECDSA-AES crypto/ecdsa: use bigmod and nistec instead of math/big and crypto/elliptic 2022-11-21 16:19:34 +00:00
Server-TLSv10-ExportKeyingMaterial crypto/tls: reduce session ticket linkability 2023-05-24 23:56:24 +00:00
Server-TLSv10-RSA-3DES crypto/tls: send ec_points_format extension in ServerHello 2019-10-31 15:14:45 +00:00
Server-TLSv10-RSA-AES crypto/tls: send ec_points_format extension in ServerHello 2019-10-31 15:14:45 +00:00
Server-TLSv10-RSA-RC4 crypto/tls: send ec_points_format extension in ServerHello 2019-10-31 15:14:45 +00:00
Server-TLSv11-FallbackSCSV crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-TLSv11-RSA-RC4 crypto/tls: send ec_points_format extension in ServerHello 2019-10-31 15:14:45 +00:00
Server-TLSv12-ALPN crypto/tls: reduce session ticket linkability 2023-05-24 23:56:24 +00:00
Server-TLSv12-ALPN-Fallback crypto/tls: reduce session ticket linkability 2023-05-24 23:56:24 +00:00
Server-TLSv12-ALPN-NoMatch crypto/tls: enforce ALPN overlap when negotiated on both sides 2021-05-06 18:57:43 +00:00
Server-TLSv12-ALPN-NotConfigured crypto/tls: reduce session ticket linkability 2023-05-24 23:56:24 +00:00
Server-TLSv12-ClientAuthRequestedAndECDSAGiven crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv12-ClientAuthRequestedAndEd25519Given crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv12-ClientAuthRequestedAndGiven crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv12-ClientAuthRequestedAndPKCS1v15Given crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv12-ClientAuthRequestedNotGiven crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv12-ECDHE-ECDSA-AES crypto/ecdsa: use bigmod and nistec instead of math/big and crypto/elliptic 2022-11-21 16:19:34 +00:00
Server-TLSv12-Ed25519 crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv12-ExportKeyingMaterial crypto/tls: reduce session ticket linkability 2023-05-24 23:56:24 +00:00
Server-TLSv12-IssueTicket crypto/tls: reduce session ticket linkability 2023-05-24 23:56:24 +00:00
Server-TLSv12-IssueTicketPreDisable crypto/tls: reduce session ticket linkability 2023-05-24 23:56:24 +00:00
Server-TLSv12-P256 crypto/tls: re-enable RSA-PSS in TLS 1.2 again 2019-11-12 01:09:15 +00:00
Server-TLSv12-Resume crypto/tls: reduce session ticket linkability 2023-05-24 23:56:24 +00:00
Server-TLSv12-ResumeDisabled crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv12-RSA-3DES crypto/tls: send ec_points_format extension in ServerHello 2019-10-31 15:14:45 +00:00
Server-TLSv12-RSA-AES crypto/tls: send ec_points_format extension in ServerHello 2019-10-31 15:14:45 +00:00
Server-TLSv12-RSA-AES-GCM crypto/tls: re-enable RSA-PSS in TLS 1.2 again 2019-11-12 01:09:15 +00:00
Server-TLSv12-RSA-AES256-GCM-SHA384 crypto/tls: re-enable RSA-PSS in TLS 1.2 again 2019-11-12 01:09:15 +00:00
Server-TLSv12-RSA-RC4 crypto/tls: send ec_points_format extension in ServerHello 2019-10-31 15:14:45 +00:00
Server-TLSv12-RSA-RSAPKCS1v15 crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv12-RSA-RSAPSS crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv12-SNI crypto/tls: send ec_points_format extension in ServerHello 2019-10-31 15:14:45 +00:00
Server-TLSv12-SNI-GetCertificate crypto/tls: send ec_points_format extension in ServerHello 2019-10-31 15:14:45 +00:00
Server-TLSv12-SNI-GetCertificateNotFound crypto/tls: send ec_points_format extension in ServerHello 2019-10-31 15:14:45 +00:00
Server-TLSv12-X25519 crypto/tls: re-enable RSA-PSS in TLS 1.2 again 2019-11-12 01:09:15 +00:00
Server-TLSv13-AES128-SHA256 crypto/tls: reduce session ticket linkability 2023-05-24 23:56:24 +00:00
Server-TLSv13-AES256-SHA384 crypto/tls: reduce session ticket linkability 2023-05-24 23:56:24 +00:00
Server-TLSv13-ALPN crypto/tls: reduce session ticket linkability 2023-05-24 23:56:24 +00:00
Server-TLSv13-ALPN-Fallback crypto/tls: reduce session ticket linkability 2023-05-24 23:56:24 +00:00
Server-TLSv13-ALPN-NoMatch crypto/tls: enforce ALPN overlap when negotiated on both sides 2021-05-06 18:57:43 +00:00
Server-TLSv13-ALPN-NotConfigured crypto/tls: reduce session ticket linkability 2023-05-24 23:56:24 +00:00
Server-TLSv13-CHACHA20-SHA256 crypto/tls: reduce session ticket linkability 2023-05-24 23:56:24 +00:00
Server-TLSv13-ClientAuthRequestedAndECDSAGiven crypto/tls: reduce session ticket linkability 2023-05-24 23:56:24 +00:00
Server-TLSv13-ClientAuthRequestedAndEd25519Given crypto/tls: reduce session ticket linkability 2023-05-24 23:56:24 +00:00
Server-TLSv13-ClientAuthRequestedAndGiven crypto/tls: reduce session ticket linkability 2023-05-24 23:56:24 +00:00
Server-TLSv13-ClientAuthRequestedNotGiven crypto/tls: reduce session ticket linkability 2023-05-24 23:56:24 +00:00
Server-TLSv13-ECDHE-ECDSA-AES crypto/tls: reduce session ticket linkability 2023-05-24 23:56:24 +00:00
Server-TLSv13-Ed25519 crypto/tls: reduce session ticket linkability 2023-05-24 23:56:24 +00:00
Server-TLSv13-ExportKeyingMaterial crypto/tls: reduce session ticket linkability 2023-05-24 23:56:24 +00:00
Server-TLSv13-HelloRetryRequest crypto/tls: reduce session ticket linkability 2023-05-24 23:56:24 +00:00
Server-TLSv13-IssueTicket crypto/tls: reduce session ticket linkability 2023-05-24 23:56:24 +00:00
Server-TLSv13-IssueTicketPreDisable crypto/tls: reduce session ticket linkability 2023-05-24 23:56:24 +00:00
Server-TLSv13-P256 crypto/tls: reduce session ticket linkability 2023-05-24 23:56:24 +00:00
Server-TLSv13-Resume crypto/tls: reduce session ticket linkability 2023-05-24 23:56:24 +00:00
Server-TLSv13-Resume-HelloRetryRequest crypto/tls: reduce session ticket linkability 2023-05-24 23:56:24 +00:00
Server-TLSv13-ResumeDisabled crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv13-RSA-RSAPSS crypto/tls: reduce session ticket linkability 2023-05-24 23:56:24 +00:00
Server-TLSv13-RSA-RSAPSS-TooSmall crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support 2020-11-10 01:40:27 +00:00
Server-TLSv13-X25519 crypto/tls: reduce session ticket linkability 2023-05-24 23:56:24 +00:00