mirror of
https://github.com/refraction-networking/utls.git
synced 2025-04-03 20:17:36 +03:00
28958b0da6
Support for Ed25519 certificates was added in CL 175478, this wires them up into the TLS stack according to RFC 8422 (TLS 1.2) and RFC 8446 (TLS 1.3). RFC 8422 also specifies support for TLS 1.0 and 1.1, and I initially implemented that, but even OpenSSL doesn't take the complexity, so I just dropped it. It would have required keeping a buffer of the handshake transcript in order to do the direct Ed25519 signatures. We effectively need to support TLS 1.2 because it shares ClientHello signature algorithms with TLS 1.3. While at it, reordered the advertised signature algorithms in the rough order we would want to use them, also based on what curves have fast constant-time implementations. Client and client auth tests changed because of the change in advertised signature algorithms in ClientHello and CertificateRequest. Fixes #25355 Change-Id: I9fdd839afde4fd6b13fcbc5cc7017fd8c35085ee Reviewed-on: https://go-review.googlesource.com/c/go/+/177698 Run-TryBot: Filippo Valsorda <filippo@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Adam Langley <agl@golang.org>
63 lines
4.6 KiB
Text
63 lines
4.6 KiB
Text
>>> Flow 1 (client to server)
|
|
00000000 16 03 01 00 cb 01 00 00 c7 03 03 a6 41 b7 62 67 |............A.bg|
|
|
00000010 34 b4 48 22 67 fd e6 a9 12 29 b7 85 6a 27 c9 fc |4.H"g....)..j'..|
|
|
00000020 70 3a cc 0c 94 61 88 d1 9e 22 3d 00 00 38 c0 2c |p:...a..."=..8.,|
|
|
00000030 c0 30 00 9f cc a9 cc a8 cc aa c0 2b c0 2f 00 9e |.0.........+./..|
|
|
00000040 c0 24 c0 28 00 6b c0 23 c0 27 00 67 c0 0a c0 14 |.$.(.k.#.'.g....|
|
|
00000050 00 39 c0 09 c0 13 00 33 00 9d 00 9c 00 3d 00 3c |.9.....3.....=.<|
|
|
00000060 00 35 00 2f 00 ff 01 00 00 66 00 00 00 0e 00 0c |.5./.....f......|
|
|
00000070 00 00 09 31 32 37 2e 30 2e 30 2e 31 00 0b 00 04 |...127.0.0.1....|
|
|
00000080 03 00 01 02 00 0a 00 0c 00 0a 00 1d 00 17 00 1e |................|
|
|
00000090 00 19 00 18 00 16 00 00 00 17 00 00 00 0d 00 30 |...............0|
|
|
000000a0 00 2e 04 03 05 03 06 03 08 07 08 08 08 09 08 0a |................|
|
|
000000b0 08 0b 08 04 08 05 08 06 04 01 05 01 06 01 03 03 |................|
|
|
000000c0 02 03 03 01 02 01 03 02 02 02 04 02 05 02 06 02 |................|
|
|
>>> Flow 2 (server to client)
|
|
00000000 16 03 03 00 31 02 00 00 2d 03 03 00 00 00 00 00 |....1...-.......|
|
|
00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
|
|
00000020 00 00 00 44 4f 57 4e 47 52 44 01 00 c0 2c 00 00 |...DOWNGRD...,..|
|
|
00000030 05 ff 01 00 01 00 16 03 03 01 3c 0b 00 01 38 00 |..........<...8.|
|
|
00000040 01 35 00 01 32 30 82 01 2e 30 81 e1 a0 03 02 01 |.5..20...0......|
|
|
00000050 02 02 10 0f 43 1c 42 57 93 94 1d e9 87 e4 f1 ad |....C.BW........|
|
|
00000060 15 00 5d 30 05 06 03 2b 65 70 30 12 31 10 30 0e |..]0...+ep0.1.0.|
|
|
00000070 06 03 55 04 0a 13 07 41 63 6d 65 20 43 6f 30 1e |..U....Acme Co0.|
|
|
00000080 17 0d 31 39 30 35 31 36 32 31 33 38 30 31 5a 17 |..190516213801Z.|
|
|
00000090 0d 32 30 30 35 31 35 32 31 33 38 30 31 5a 30 12 |.200515213801Z0.|
|
|
000000a0 31 10 30 0e 06 03 55 04 0a 13 07 41 63 6d 65 20 |1.0...U....Acme |
|
|
000000b0 43 6f 30 2a 30 05 06 03 2b 65 70 03 21 00 3f e2 |Co0*0...+ep.!.?.|
|
|
000000c0 15 2e e6 e3 ef 3f 4e 85 4a 75 77 a3 64 9e ed e0 |.....?N.Juw.d...|
|
|
000000d0 bf 84 2c cc 92 26 8f fa 6f 34 83 aa ec 8f a3 4d |..,..&..o4.....M|
|
|
000000e0 30 4b 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 |0K0...U.........|
|
|
000000f0 05 a0 30 13 06 03 55 1d 25 04 0c 30 0a 06 08 2b |..0...U.%..0...+|
|
|
00000100 06 01 05 05 07 03 01 30 0c 06 03 55 1d 13 01 01 |.......0...U....|
|
|
00000110 ff 04 02 30 00 30 16 06 03 55 1d 11 04 0f 30 0d |...0.0...U....0.|
|
|
00000120 82 0b 65 78 61 6d 70 6c 65 2e 63 6f 6d 30 05 06 |..example.com0..|
|
|
00000130 03 2b 65 70 03 41 00 63 44 ed 9c c4 be 53 24 53 |.+ep.A.cD....S$S|
|
|
00000140 9f d2 10 8d 9f e8 21 08 90 95 39 e5 0d c1 55 ff |......!...9...U.|
|
|
00000150 2c 16 b7 1d fc ab 7d 4d d4 e0 93 13 d0 a9 42 e0 |,.....}M......B.|
|
|
00000160 b6 6b fe 5d 67 48 d7 9f 50 bc 6c cd 4b 03 83 7c |.k.]gH..P.l.K..||
|
|
00000170 f2 08 58 cd ac cf 0c 16 03 03 00 6c 0c 00 00 68 |..X........l...h|
|
|
00000180 03 00 1d 20 2f e5 7d a3 47 cd 62 43 15 28 da ac |... /.}.G.bC.(..|
|
|
00000190 5f bb 29 07 30 ff f6 84 af c4 cf c2 ed 90 99 5f |_.).0.........._|
|
|
000001a0 58 cb 3b 74 08 07 00 40 b8 a3 37 f4 74 44 64 eb |X.;t...@..7.tDd.|
|
|
000001b0 1f 4b a1 5c 6e 3b 46 a0 b8 ce ce da 79 8d 03 d8 |.K.\n;F.....y...|
|
|
000001c0 a2 c2 1d ca 25 21 d2 c3 cf 65 02 7e 4c d6 9a 5a |....%!...e.~L..Z|
|
|
000001d0 ba 60 51 71 e4 37 ab 70 18 73 f1 a0 e5 f9 e3 2d |.`Qq.7.p.s.....-|
|
|
000001e0 00 37 68 97 cf fa e4 08 16 03 03 00 04 0e 00 00 |.7h.............|
|
|
000001f0 00 |.|
|
|
>>> Flow 3 (client to server)
|
|
00000000 16 03 03 00 25 10 00 00 21 20 51 d1 53 24 ee 09 |....%...! Q.S$..|
|
|
00000010 51 02 90 7e 6f 02 a2 54 db 6e 95 a4 af f9 43 51 |Q..~o..T.n....CQ|
|
|
00000020 d2 ff 6b e6 26 d0 88 4d c1 56 14 03 03 00 01 01 |..k.&..M.V......|
|
|
00000030 16 03 03 00 28 2a 7a 63 66 3f 53 88 0a cf ef 03 |....(*zcf?S.....|
|
|
00000040 ef 21 5b b5 57 ce 9e e5 da 84 e5 a7 d3 6d 90 c9 |.![.W........m..|
|
|
00000050 6c f8 c1 9d cc a2 ff cb 97 5a 7c 1a 62 |l........Z|.b|
|
|
>>> Flow 4 (server to client)
|
|
00000000 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 |..........(.....|
|
|
00000010 00 00 00 7a ee 1c df b7 14 c9 81 18 f3 51 de 24 |...z.........Q.$|
|
|
00000020 70 ed b7 87 b9 29 b3 f7 ef 43 d0 c9 8f 35 3e 0a |p....)...C...5>.|
|
|
00000030 a1 c4 72 17 03 03 00 25 00 00 00 00 00 00 00 01 |..r....%........|
|
|
00000040 f6 37 d9 31 d2 1f de a6 43 3b 60 a7 30 8c 76 cd |.7.1....C;`.0.v.|
|
|
00000050 47 f3 e3 a5 f3 6f e0 fe fd 93 76 1f 0a 15 03 03 |G....o....v.....|
|
|
00000060 00 1a 00 00 00 00 00 00 00 02 6d 2d 8d 6b f1 e3 |..........m-.k..|
|
|
00000070 8f 21 e4 8e af b2 90 69 5b 10 3a f9 |.!.....i[.:.|
|