mirrors/utls
1
0
Fork 0
mirror of https://github.com/refraction-networking/utls.git synced 2025-04-03 03:57:36 +03:00
Code Issues Projects Releases Packages Wiki Activity
utls/testdata
History
Filippo Valsorda b5bf3890ae crypto/tls: disable RSA-PSS in TLS 1.2 
Most of the issues that led to the decision on #30055 were related to
incompatibility with or faulty support for RSA-PSS (#29831, #29779,
v1.5 signatures). RSA-PSS is required by TLS 1.3, but is also available
to be negotiated in TLS 1.2.

Altering TLS 1.2 behavior based on GODEBUG=tls13=1 feels surprising, so
just disable RSA-PSS entirely in TLS 1.2 until TLS 1.3 is on by default,
so breakage happens all at once.

Updates #30055

Change-Id: Iee90454a20ded8895e5302e8bcbcd32e4e3031c2
Reviewed-on: https://go-review.googlesource.com/c/160998
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Adam Langley <agl@golang.org>
2019-02-07 18:34:43 +00:00
..
Client-TLSv10-ClientCert-ECDSA-ECDSA crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Client-TLSv10-ClientCert-ECDSA-RSA crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Client-TLSv10-ClientCert-RSA-ECDSA crypto/tls: fix client certificates support for legacy servers 2018-11-30 19:10:38 +00:00
Client-TLSv10-ClientCert-RSA-RSA crypto/tls: fix client certificates support for legacy servers 2018-11-30 19:10:38 +00:00
Client-TLSv10-ECDHE-ECDSA-AES crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Client-TLSv10-ECDHE-RSA-AES crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Client-TLSv10-ExportKeyingMaterial crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Client-TLSv10-RSA-RC4 crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Client-TLSv11-ECDHE-ECDSA-AES crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Client-TLSv11-ECDHE-RSA-AES crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Client-TLSv11-RSA-RC4 crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Client-TLSv12-AES128-GCM-SHA256 crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Client-TLSv12-AES128-SHA256 crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Client-TLSv12-AES256-GCM-SHA384 crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Client-TLSv12-ALPN crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Client-TLSv12-ALPN-NoMatch crypto/tls: support AES-128-CBC cipher suites with SHA-256. 2016-08-18 21:46:46 +00:00
Client-TLSv12-ClientCert-ECDSA-ECDSA crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Client-TLSv12-ClientCert-ECDSA-RSA crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Client-TLSv12-ClientCert-RSA-AES256-GCM-SHA384 crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Client-TLSv12-ClientCert-RSA-ECDSA crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Client-TLSv12-ClientCert-RSA-PSS-Disabled crypto/tls: disable RSA-PSS in TLS 1.2 2019-02-07 18:34:43 +00:00
Client-TLSv12-ClientCert-RSA-RSA crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Client-TLSv12-ClientCert-RSA-RSAPKCS1v15 crypto/tls: fix client certificates support for legacy servers 2018-11-30 19:10:38 +00:00
Client-TLSv12-ClientCert-RSA-RSAPSS crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Client-TLSv12-ECDHE-ECDSA-AES crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Client-TLSv12-ECDHE-ECDSA-AES-GCM crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Client-TLSv12-ECDHE-ECDSA-AES128-SHA256 crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Client-TLSv12-ECDHE-ECDSA-AES256-GCM-SHA384 crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Client-TLSv12-ECDHE-ECDSA-CHACHA20-POLY1305 crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Client-TLSv12-ECDHE-RSA-AES crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Client-TLSv12-ECDHE-RSA-AES128-SHA256 crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Client-TLSv12-ECDHE-RSA-CHACHA20-POLY1305 crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Client-TLSv12-ExportKeyingMaterial crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Client-TLSv12-P256-ECDHE crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Client-TLSv12-RenegotiateOnce crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Client-TLSv12-RenegotiateTwice crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Client-TLSv12-RenegotiateTwiceRejected crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Client-TLSv12-RenegotiationRejected crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Client-TLSv12-RSA-RC4 crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Client-TLSv12-SCT crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Client-TLSv12-X25519-ECDHE crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Client-TLSv13-AES128-SHA256 crypto/tls: prevent the test server from sending session tickets 2018-11-29 05:55:51 +00:00
Client-TLSv13-AES256-SHA384 crypto/tls: prevent the test server from sending session tickets 2018-11-29 05:55:51 +00:00
Client-TLSv13-ALPN crypto/tls: prevent the test server from sending session tickets 2018-11-29 05:55:51 +00:00
Client-TLSv13-CHACHA20-SHA256 crypto/tls: prevent the test server from sending session tickets 2018-11-29 05:55:51 +00:00
Client-TLSv13-ClientCert-ECDSA-RSA crypto/tls: prevent the test server from sending session tickets 2018-11-29 05:55:51 +00:00
Client-TLSv13-ClientCert-RSA-ECDSA crypto/tls: prevent the test server from sending session tickets 2018-11-29 05:55:51 +00:00
Client-TLSv13-ClientCert-RSA-PSS-Disabled crypto/tls: disable RSA-PSS in TLS 1.2 2019-02-07 18:34:43 +00:00
Client-TLSv13-ClientCert-RSA-RSAPSS crypto/tls: prevent the test server from sending session tickets 2018-11-29 05:55:51 +00:00
Client-TLSv13-ECDSA crypto/tls: prevent the test server from sending session tickets 2018-11-29 05:55:51 +00:00
Client-TLSv13-ExportKeyingMaterial crypto/tls: prevent the test server from sending session tickets 2018-11-29 05:55:51 +00:00
Client-TLSv13-HelloRetryRequest crypto/tls: prevent the test server from sending session tickets 2018-11-29 05:55:51 +00:00
Client-TLSv13-KeyUpdate crypto/tls: prevent the test server from sending session tickets 2018-11-29 05:55:51 +00:00
Client-TLSv13-P256-ECDHE crypto/tls: prevent the test server from sending session tickets 2018-11-29 05:55:51 +00:00
Client-TLSv13-X25519-ECDHE crypto/tls: prevent the test server from sending session tickets 2018-11-29 05:55:51 +00:00
example-cert.pem crypto/tls: add examples for [Load]X509KeyPair 2018-04-30 17:25:27 +00:00
example-key.pem crypto/tls: add examples for [Load]X509KeyPair 2018-04-30 17:25:27 +00:00
Server-SSLv3-RSA-3DES crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-SSLv3-RSA-AES crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-SSLv3-RSA-RC4 crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-TLSv10-ECDHE-ECDSA-AES crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-TLSv10-ExportKeyingMaterial crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-TLSv10-RSA-3DES crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-TLSv10-RSA-AES crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-TLSv10-RSA-RC4 crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-TLSv11-FallbackSCSV crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-TLSv11-RSA-RC4 crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-TLSv12-ALPN crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-TLSv12-ALPN-NoMatch crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-TLSv12-CipherSuiteCertPreferenceECDSA crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-TLSv12-CipherSuiteCertPreferenceRSA crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-TLSv12-ClientAuthRequestedAndECDSAGiven crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-TLSv12-ClientAuthRequestedAndGiven crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-TLSv12-ClientAuthRequestedAndGiven-PSS-Disabled crypto/tls: disable RSA-PSS in TLS 1.2 2019-02-07 18:34:43 +00:00
Server-TLSv12-ClientAuthRequestedAndGiven-PSS-Disabled-Required crypto/tls: disable RSA-PSS in TLS 1.2 2019-02-07 18:34:43 +00:00
Server-TLSv12-ClientAuthRequestedAndPKCS1v15Given crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-TLSv12-ClientAuthRequestedNotGiven crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-TLSv12-ECDHE-ECDSA-AES crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-TLSv12-ExportKeyingMaterial crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-TLSv12-IssueTicket crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-TLSv12-IssueTicketPreDisable crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-TLSv12-P256 crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-TLSv12-Resume crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-TLSv12-ResumeDisabled crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-TLSv12-RSA-3DES crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-TLSv12-RSA-AES crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-TLSv12-RSA-AES-GCM crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-TLSv12-RSA-AES256-GCM-SHA384 crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-TLSv12-RSA-PSS-Disabled crypto/tls: disable RSA-PSS in TLS 1.2 2019-02-07 18:34:43 +00:00
Server-TLSv12-RSA-PSS-Disabled-Required crypto/tls: disable RSA-PSS in TLS 1.2 2019-02-07 18:34:43 +00:00
Server-TLSv12-RSA-RC4 crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-TLSv12-RSA-RSAPKCS1v15 crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-TLSv12-RSA-RSAPSS crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-TLSv12-SNI crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-TLSv12-SNI-GetCertificate crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-TLSv12-SNI-GetCertificateNotFound crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-TLSv12-X25519 crypto/tls: enable TLS 1.3 and update tests 2018-11-12 20:44:39 +00:00
Server-TLSv13-AES128-SHA256 crypto/tls: implement TLS 1.3 PSK authentication (server side) 2018-11-12 20:43:35 +00:00
Server-TLSv13-AES256-SHA384 crypto/tls: implement TLS 1.3 PSK authentication (server side) 2018-11-12 20:43:35 +00:00
Server-TLSv13-ALPN crypto/tls: implement TLS 1.3 PSK authentication (server side) 2018-11-12 20:43:35 +00:00
Server-TLSv13-ALPN-NoMatch crypto/tls: implement TLS 1.3 PSK authentication (server side) 2018-11-12 20:43:35 +00:00
Server-TLSv13-CHACHA20-SHA256 crypto/tls: implement TLS 1.3 PSK authentication (server side) 2018-11-12 20:43:35 +00:00
Server-TLSv13-ClientAuthRequestedAndECDSAGiven crypto/tls: implement TLS 1.3 client authentication 2018-11-12 20:43:55 +00:00
Server-TLSv13-ClientAuthRequestedAndGiven crypto/tls: implement TLS 1.3 client authentication 2018-11-12 20:43:55 +00:00
Server-TLSv13-ClientAuthRequestedAndGiven-PSS-Disabled crypto/tls: disable RSA-PSS in TLS 1.2 2019-02-07 18:34:43 +00:00
Server-TLSv13-ClientAuthRequestedNotGiven crypto/tls: implement TLS 1.3 client authentication 2018-11-12 20:43:55 +00:00
Server-TLSv13-ECDHE-ECDSA-AES crypto/tls: implement TLS 1.3 PSK authentication (server side) 2018-11-12 20:43:35 +00:00
Server-TLSv13-ExportKeyingMaterial crypto/tls: implement TLS 1.3 PSK authentication (server side) 2018-11-12 20:43:35 +00:00
Server-TLSv13-HelloRetryRequest crypto/tls: implement TLS 1.3 PSK authentication (server side) 2018-11-12 20:43:35 +00:00
Server-TLSv13-IssueTicket crypto/tls: implement TLS 1.3 PSK authentication (server side) 2018-11-12 20:43:35 +00:00
Server-TLSv13-IssueTicketPreDisable crypto/tls: implement TLS 1.3 PSK authentication (server side) 2018-11-12 20:43:35 +00:00
Server-TLSv13-P256 crypto/tls: implement TLS 1.3 PSK authentication (server side) 2018-11-12 20:43:35 +00:00
Server-TLSv13-Resume crypto/tls: implement TLS 1.3 PSK authentication (server side) 2018-11-12 20:43:35 +00:00
Server-TLSv13-Resume-HelloRetryRequest crypto/tls: implement TLS 1.3 PSK authentication (server side) 2018-11-12 20:43:35 +00:00
Server-TLSv13-ResumeDisabled crypto/tls: implement TLS 1.3 PSK authentication (server side) 2018-11-12 20:43:35 +00:00
Server-TLSv13-RSA-PSS-Disabled crypto/tls: disable RSA-PSS in TLS 1.2 2019-02-07 18:34:43 +00:00
Server-TLSv13-RSA-RSAPSS crypto/tls: implement TLS 1.3 PSK authentication (server side) 2018-11-12 20:43:35 +00:00
Server-TLSv13-X25519 crypto/tls: implement TLS 1.3 PSK authentication (server side) 2018-11-12 20:43:35 +00:00