mirrors/utls
1
0
Fork 0
mirror of https://github.com/refraction-networking/utls.git synced 2025-04-03 03:57:36 +03:00
Code Issues Projects Releases Packages Wiki Activity
utls/testdata
History
Filippo Valsorda b523d280e4 crypto/tls: implement TLS 1.3 client authentication 
Note that the SignatureSchemes passed to GetClientCertificate in TLS 1.2
are now filtered by the requested certificate type. This feels like an
improvement anyway, and the full list can be surfaced as well when
support for signature_algorithms_cert is added, which actually matches
the semantics of the CertificateRequest signature_algorithms in TLS 1.2.

Also, note a subtle behavior change in server side resumption: if a
certificate is requested but not required, and the resumed session did
not include one, it used not to invoke VerifyPeerCertificate. However,
if the resumed session did include a certificate, it would. (If a
certificate was required but not in the session, the session is rejected
in checkForResumption.) This inconsistency could be unexpected, even
dangerous, so now VerifyPeerCertificate is always invoked. Still not
consistent with the client behavior, which does not ever invoke
VerifyPeerCertificate on resumption, but it felt too surprising to
entirely change either.

Updates #9671

Change-Id: Ib2b0dbc30e659208dca3ac07d6c687a407d7aaaf
Reviewed-on: https://go-review.googlesource.com/c/147599
Reviewed-by: Adam Langley <agl@golang.org>
2018-11-12 20:43:55 +00:00
..
Client-TLSv10-ClientCert-ECDSA-ECDSA crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Client-TLSv10-ClientCert-ECDSA-RSA crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Client-TLSv10-ClientCert-RSA-ECDSA crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Client-TLSv10-ClientCert-RSA-RSA crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Client-TLSv10-ECDHE-ECDSA-AES crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Client-TLSv10-ECDHE-RSA-AES crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Client-TLSv10-ExportKeyingMaterial crypto/tls: make ConnectionState.ExportKeyingMaterial a method 2018-08-22 03:48:56 +00:00
Client-TLSv10-RSA-RC4 crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Client-TLSv11-ECDHE-ECDSA-AES crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Client-TLSv11-ECDHE-RSA-AES crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Client-TLSv11-RSA-RC4 crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Client-TLSv12-AES128-GCM-SHA256 crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Client-TLSv12-AES128-SHA256 crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Client-TLSv12-AES256-GCM-SHA384 crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Client-TLSv12-ALPN crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Client-TLSv12-ALPN-NoMatch crypto/tls: support AES-128-CBC cipher suites with SHA-256. 2016-08-18 21:46:46 +00:00
Client-TLSv12-ClientCert-ECDSA-ECDSA crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Client-TLSv12-ClientCert-ECDSA-RSA crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Client-TLSv12-ClientCert-RSA-AES256-GCM-SHA384 crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Client-TLSv12-ClientCert-RSA-ECDSA crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Client-TLSv12-ClientCert-RSA-RSA crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Client-TLSv12-ClientCert-RSA-RSAPKCS1v15 crypto/tls: advertise and accept rsa_pss_rsae signature algorithms 2018-11-02 22:05:52 +00:00
Client-TLSv12-ClientCert-RSA-RSAPSS crypto/tls: advertise and accept rsa_pss_rsae signature algorithms 2018-11-02 22:05:52 +00:00
Client-TLSv12-ECDHE-ECDSA-AES crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Client-TLSv12-ECDHE-ECDSA-AES-GCM crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Client-TLSv12-ECDHE-ECDSA-AES128-SHA256 crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Client-TLSv12-ECDHE-ECDSA-AES256-GCM-SHA384 crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Client-TLSv12-ECDHE-ECDSA-CHACHA20-POLY1305 crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Client-TLSv12-ECDHE-RSA-AES crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Client-TLSv12-ECDHE-RSA-AES128-SHA256 crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Client-TLSv12-ECDHE-RSA-CHACHA20-POLY1305 crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Client-TLSv12-ExportKeyingMaterial crypto/tls: make ConnectionState.ExportKeyingMaterial a method 2018-08-22 03:48:56 +00:00
Client-TLSv12-P256-ECDHE crypto/tls: implement TLS 1.3 client handshake (base) 2018-11-02 22:07:02 +00:00
Client-TLSv12-RenegotiateOnce crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Client-TLSv12-RenegotiateTwice crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Client-TLSv12-RenegotiateTwiceRejected crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Client-TLSv12-RenegotiationRejected crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Client-TLSv12-RSA-RC4 crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Client-TLSv12-SCT crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Client-TLSv12-X25519-ECDHE crypto/tls: implement TLS 1.3 client handshake (base) 2018-11-02 22:07:02 +00:00
Client-TLSv13-AES128-SHA256 crypto/tls: implement TLS 1.3 middlebox compatibility mode 2018-11-12 20:43:06 +00:00
Client-TLSv13-AES256-SHA384 crypto/tls: implement TLS 1.3 middlebox compatibility mode 2018-11-12 20:43:06 +00:00
Client-TLSv13-ALPN crypto/tls: implement TLS 1.3 middlebox compatibility mode 2018-11-12 20:43:06 +00:00
Client-TLSv13-CHACHA20-SHA256 crypto/tls: implement TLS 1.3 middlebox compatibility mode 2018-11-12 20:43:06 +00:00
Client-TLSv13-ClientCert-ECDSA-RSA crypto/tls: implement TLS 1.3 client authentication 2018-11-12 20:43:55 +00:00
Client-TLSv13-ClientCert-RSA-ECDSA crypto/tls: implement TLS 1.3 client authentication 2018-11-12 20:43:55 +00:00
Client-TLSv13-ClientCert-RSA-RSAPSS crypto/tls: implement TLS 1.3 client authentication 2018-11-12 20:43:55 +00:00
Client-TLSv13-ECDSA crypto/tls: implement TLS 1.3 middlebox compatibility mode 2018-11-12 20:43:06 +00:00
Client-TLSv13-ExportKeyingMaterial crypto/tls: implement TLS 1.3 middlebox compatibility mode 2018-11-12 20:43:06 +00:00
Client-TLSv13-HelloRetryRequest crypto/tls: implement TLS 1.3 middlebox compatibility mode 2018-11-12 20:43:06 +00:00
Client-TLSv13-KeyUpdate crypto/tls: implement TLS 1.3 middlebox compatibility mode 2018-11-12 20:43:06 +00:00
Client-TLSv13-P256-ECDHE crypto/tls: implement TLS 1.3 middlebox compatibility mode 2018-11-12 20:43:06 +00:00
Client-TLSv13-X25519-ECDHE crypto/tls: implement TLS 1.3 middlebox compatibility mode 2018-11-12 20:43:06 +00:00
example-cert.pem crypto/tls: add examples for [Load]X509KeyPair 2018-04-30 17:25:27 +00:00
example-key.pem crypto/tls: add examples for [Load]X509KeyPair 2018-04-30 17:25:27 +00:00
Server-SSLv3-RSA-3DES crypto/tls: enable ChaCha20-Poly1305 cipher suites by default. 2016-10-18 06:54:30 +00:00
Server-SSLv3-RSA-AES crypto/tls: enable ChaCha20-Poly1305 cipher suites by default. 2016-10-18 06:54:30 +00:00
Server-SSLv3-RSA-RC4 crypto/tls: enable ChaCha20-Poly1305 cipher suites by default. 2016-10-18 06:54:30 +00:00
Server-TLSv10-ECDHE-ECDSA-AES crypto/tls: enable ChaCha20-Poly1305 cipher suites by default. 2016-10-18 06:54:30 +00:00
Server-TLSv10-ExportKeyingMaterial crypto/tls: make ConnectionState.ExportKeyingMaterial a method 2018-08-22 03:48:56 +00:00
Server-TLSv10-RSA-3DES crypto/tls: enable ChaCha20-Poly1305 cipher suites by default. 2016-10-18 06:54:30 +00:00
Server-TLSv10-RSA-AES crypto/tls: enable ChaCha20-Poly1305 cipher suites by default. 2016-10-18 06:54:30 +00:00
Server-TLSv10-RSA-RC4 crypto/tls: enable ChaCha20-Poly1305 cipher suites by default. 2016-10-18 06:54:30 +00:00
Server-TLSv11-FallbackSCSV crypto/tls: enable ChaCha20-Poly1305 cipher suites by default. 2016-10-18 06:54:30 +00:00
Server-TLSv11-RSA-RC4 crypto/tls: enable ChaCha20-Poly1305 cipher suites by default. 2016-10-18 06:54:30 +00:00
Server-TLSv12-ALPN crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Server-TLSv12-ALPN-NoMatch crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Server-TLSv12-CipherSuiteCertPreferenceECDSA crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Server-TLSv12-CipherSuiteCertPreferenceRSA crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Server-TLSv12-ClientAuthRequestedAndECDSAGiven crypto/tls: advertise and accept rsa_pss_rsae signature algorithms 2018-11-02 22:05:52 +00:00
Server-TLSv12-ClientAuthRequestedAndGiven crypto/tls: advertise and accept rsa_pss_rsae signature algorithms 2018-11-02 22:05:52 +00:00
Server-TLSv12-ClientAuthRequestedAndPKCS1v15Given crypto/tls: advertise and accept rsa_pss_rsae signature algorithms 2018-11-02 22:05:52 +00:00
Server-TLSv12-ClientAuthRequestedNotGiven crypto/tls: advertise and accept rsa_pss_rsae signature algorithms 2018-11-02 22:05:52 +00:00
Server-TLSv12-ECDHE-ECDSA-AES crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Server-TLSv12-ExportKeyingMaterial crypto/tls: make ConnectionState.ExportKeyingMaterial a method 2018-08-22 03:48:56 +00:00
Server-TLSv12-IssueTicket crypto/tls: enable ChaCha20-Poly1305 cipher suites by default. 2016-10-18 06:54:30 +00:00
Server-TLSv12-IssueTicketPreDisable crypto/tls: enable ChaCha20-Poly1305 cipher suites by default. 2016-10-18 06:54:30 +00:00
Server-TLSv12-P256 crypto/tls: implement TLS 1.3 server handshake (base) 2018-11-02 22:07:43 +00:00
Server-TLSv12-Resume crypto/tls: enable ChaCha20-Poly1305 cipher suites by default. 2016-10-18 06:54:30 +00:00
Server-TLSv12-ResumeDisabled crypto/tls: enable ChaCha20-Poly1305 cipher suites by default. 2016-10-18 06:54:30 +00:00
Server-TLSv12-RSA-3DES crypto/tls: enable ChaCha20-Poly1305 cipher suites by default. 2016-10-18 06:54:30 +00:00
Server-TLSv12-RSA-AES crypto/tls: enable ChaCha20-Poly1305 cipher suites by default. 2016-10-18 06:54:30 +00:00
Server-TLSv12-RSA-AES-GCM crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Server-TLSv12-RSA-AES256-GCM-SHA384 crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
Server-TLSv12-RSA-RC4 crypto/tls: enable ChaCha20-Poly1305 cipher suites by default. 2016-10-18 06:54:30 +00:00
Server-TLSv12-RSA-RSAPKCS1v15 crypto/tls: advertise and accept rsa_pss_rsae signature algorithms 2018-11-02 22:05:52 +00:00
Server-TLSv12-RSA-RSAPSS crypto/tls: advertise and accept rsa_pss_rsae signature algorithms 2018-11-02 22:05:52 +00:00
Server-TLSv12-SNI crypto/tls: enable ChaCha20-Poly1305 cipher suites by default. 2016-10-18 06:54:30 +00:00
Server-TLSv12-SNI-GetCertificate crypto/tls: enable ChaCha20-Poly1305 cipher suites by default. 2016-10-18 06:54:30 +00:00
Server-TLSv12-SNI-GetCertificateNotFound crypto/tls: enable ChaCha20-Poly1305 cipher suites by default. 2016-10-18 06:54:30 +00:00
Server-TLSv12-X25519 crypto/tls: implement TLS 1.3 server handshake (base) 2018-11-02 22:07:43 +00:00
Server-TLSv13-AES128-SHA256 crypto/tls: implement TLS 1.3 PSK authentication (server side) 2018-11-12 20:43:35 +00:00
Server-TLSv13-AES256-SHA384 crypto/tls: implement TLS 1.3 PSK authentication (server side) 2018-11-12 20:43:35 +00:00
Server-TLSv13-ALPN crypto/tls: implement TLS 1.3 PSK authentication (server side) 2018-11-12 20:43:35 +00:00
Server-TLSv13-ALPN-NoMatch crypto/tls: implement TLS 1.3 PSK authentication (server side) 2018-11-12 20:43:35 +00:00
Server-TLSv13-CHACHA20-SHA256 crypto/tls: implement TLS 1.3 PSK authentication (server side) 2018-11-12 20:43:35 +00:00
Server-TLSv13-ClientAuthRequestedAndECDSAGiven crypto/tls: implement TLS 1.3 client authentication 2018-11-12 20:43:55 +00:00
Server-TLSv13-ClientAuthRequestedAndGiven crypto/tls: implement TLS 1.3 client authentication 2018-11-12 20:43:55 +00:00
Server-TLSv13-ClientAuthRequestedNotGiven crypto/tls: implement TLS 1.3 client authentication 2018-11-12 20:43:55 +00:00
Server-TLSv13-ECDHE-ECDSA-AES crypto/tls: implement TLS 1.3 PSK authentication (server side) 2018-11-12 20:43:35 +00:00
Server-TLSv13-ExportKeyingMaterial crypto/tls: implement TLS 1.3 PSK authentication (server side) 2018-11-12 20:43:35 +00:00
Server-TLSv13-HelloRetryRequest crypto/tls: implement TLS 1.3 PSK authentication (server side) 2018-11-12 20:43:35 +00:00
Server-TLSv13-IssueTicket crypto/tls: implement TLS 1.3 PSK authentication (server side) 2018-11-12 20:43:35 +00:00
Server-TLSv13-IssueTicketPreDisable crypto/tls: implement TLS 1.3 PSK authentication (server side) 2018-11-12 20:43:35 +00:00
Server-TLSv13-P256 crypto/tls: implement TLS 1.3 PSK authentication (server side) 2018-11-12 20:43:35 +00:00
Server-TLSv13-Resume crypto/tls: implement TLS 1.3 PSK authentication (server side) 2018-11-12 20:43:35 +00:00
Server-TLSv13-Resume-HelloRetryRequest crypto/tls: implement TLS 1.3 PSK authentication (server side) 2018-11-12 20:43:35 +00:00
Server-TLSv13-ResumeDisabled crypto/tls: implement TLS 1.3 PSK authentication (server side) 2018-11-12 20:43:35 +00:00
Server-TLSv13-RSA-RSAPSS crypto/tls: implement TLS 1.3 PSK authentication (server side) 2018-11-12 20:43:35 +00:00
Server-TLSv13-X25519 crypto/tls: implement TLS 1.3 PSK authentication (server side) 2018-11-12 20:43:35 +00:00