mirrors/utls
1
0
Fork 0
mirror of https://github.com/refraction-networking/utls.git synced 2025-04-03 20:17:36 +03:00
Code Issues Projects Releases Packages Wiki Activity
utls/testdata
History
Joël Stemmer c1444f153a crypto/tls: return correct hash function when using client certificates in handshake 
Commit f1d669aee994b28e1afcfe974680565932d25b70 added support for
AES_256_GCM_SHA384 cipher suites as specified in RFC5289. However, it
did not take the arbitrary hash function into account in the TLS client
handshake when using client certificates.

The hashForClientCertificate method always returned SHA256 as its
hashing function, even if it actually used a different one to calculate
its digest. Setting up the connection would eventually fail with the
error "tls: failed to sign handshake with client certificate:
crypto/rsa: input must be hashed message".

Included is an additional test for this specific situation that uses the
SHA384 hash.

Fixes #9808

Change-Id: Iccbf4ab225633471ef897907c208ad31f92855a3
Reviewed-on: https://go-review.googlesource.com/7040
Reviewed-by: Adam Langley <agl@golang.org>
Run-TryBot: Adam Langley <agl@golang.org>
2015-03-16 23:38:51 +00:00
..
Client-TLSv10-ClientCert-ECDSA-ECDSA crypto/tls: add support for AES_256_GCM_SHA384 cipher suites specified in RFC5289 2015-02-04 00:18:14 +00:00
Client-TLSv10-ClientCert-ECDSA-RSA crypto/tls: add support for AES_256_GCM_SHA384 cipher suites specified in RFC5289 2015-02-04 00:18:14 +00:00
Client-TLSv10-ClientCert-RSA-ECDSA crypto/tls: add support for AES_256_GCM_SHA384 cipher suites specified in RFC5289 2015-02-04 00:18:14 +00:00
Client-TLSv10-ClientCert-RSA-RSA crypto/tls: add support for AES_256_GCM_SHA384 cipher suites specified in RFC5289 2015-02-04 00:18:14 +00:00
Client-TLSv10-ECDHE-ECDSA-AES crypto/tls: add support for AES_256_GCM_SHA384 cipher suites specified in RFC5289 2015-02-04 00:18:14 +00:00
Client-TLSv10-ECDHE-RSA-AES crypto/tls: add support for AES_256_GCM_SHA384 cipher suites specified in RFC5289 2015-02-04 00:18:14 +00:00
Client-TLSv10-RSA-RC4 crypto/tls: add support for AES_256_GCM_SHA384 cipher suites specified in RFC5289 2015-02-04 00:18:14 +00:00
Client-TLSv11-ECDHE-ECDSA-AES crypto/tls: add support for AES_256_GCM_SHA384 cipher suites specified in RFC5289 2015-02-04 00:18:14 +00:00
Client-TLSv11-ECDHE-RSA-AES crypto/tls: add support for AES_256_GCM_SHA384 cipher suites specified in RFC5289 2015-02-04 00:18:14 +00:00
Client-TLSv11-RSA-RC4 crypto/tls: add support for AES_256_GCM_SHA384 cipher suites specified in RFC5289 2015-02-04 00:18:14 +00:00
Client-TLSv12-ALPN crypto/tls: add support for AES_256_GCM_SHA384 cipher suites specified in RFC5289 2015-02-04 00:18:14 +00:00
Client-TLSv12-ALPN-NoMatch crypto/tls: add support for AES_256_GCM_SHA384 cipher suites specified in RFC5289 2015-02-04 00:18:14 +00:00
Client-TLSv12-ClientCert-ECDSA-ECDSA crypto/tls: add support for AES_256_GCM_SHA384 cipher suites specified in RFC5289 2015-02-04 00:18:14 +00:00
Client-TLSv12-ClientCert-ECDSA-RSA crypto/tls: add support for AES_256_GCM_SHA384 cipher suites specified in RFC5289 2015-02-04 00:18:14 +00:00
Client-TLSv12-ClientCert-RSA-AES256-GCM-SHA384 crypto/tls: return correct hash function when using client certificates in handshake 2015-03-16 23:38:51 +00:00
Client-TLSv12-ClientCert-RSA-ECDSA crypto/tls: add support for AES_256_GCM_SHA384 cipher suites specified in RFC5289 2015-02-04 00:18:14 +00:00
Client-TLSv12-ClientCert-RSA-RSA crypto/tls: add support for AES_256_GCM_SHA384 cipher suites specified in RFC5289 2015-02-04 00:18:14 +00:00
Client-TLSv12-ECDHE-ECDSA-AES crypto/tls: add support for AES_256_GCM_SHA384 cipher suites specified in RFC5289 2015-02-04 00:18:14 +00:00
Client-TLSv12-ECDHE-ECDSA-AES-GCM crypto/tls: add support for AES_256_GCM_SHA384 cipher suites specified in RFC5289 2015-02-04 00:18:14 +00:00
Client-TLSv12-ECDHE-ECDSA-AES256-GCM-SHA384 crypto/tls: add support for AES_256_GCM_SHA384 cipher suites specified in RFC5289 2015-02-04 00:18:14 +00:00
Client-TLSv12-ECDHE-RSA-AES crypto/tls: add support for AES_256_GCM_SHA384 cipher suites specified in RFC5289 2015-02-04 00:18:14 +00:00
Client-TLSv12-RSA-RC4 crypto/tls: add support for AES_256_GCM_SHA384 cipher suites specified in RFC5289 2015-02-04 00:18:14 +00:00
Server-SSLv3-RSA-3DES build: move package sources from src/pkg to src 2014-09-08 00:08:51 -04:00
Server-SSLv3-RSA-AES build: move package sources from src/pkg to src 2014-09-08 00:08:51 -04:00
Server-SSLv3-RSA-RC4 build: move package sources from src/pkg to src 2014-09-08 00:08:51 -04:00
Server-TLSv10-ECDHE-ECDSA-AES crypto/ecdsa: make Sign safe with broken entropy sources 2015-01-28 01:39:51 +00:00
Server-TLSv10-RSA-3DES build: move package sources from src/pkg to src 2014-09-08 00:08:51 -04:00
Server-TLSv10-RSA-AES build: move package sources from src/pkg to src 2014-09-08 00:08:51 -04:00
Server-TLSv10-RSA-RC4 build: move package sources from src/pkg to src 2014-09-08 00:08:51 -04:00
Server-TLSv11-FallbackSCSV crypto/tls: support TLS_FALLBACK_SCSV as a server. 2014-10-15 17:54:04 -07:00
Server-TLSv11-RSA-RC4 build: move package sources from src/pkg to src 2014-09-08 00:08:51 -04:00
Server-TLSv12-ALPN crypto/tls: add support for AES_256_GCM_SHA384 cipher suites specified in RFC5289 2015-02-04 00:18:14 +00:00
Server-TLSv12-ALPN-NoMatch crypto/tls: add support for AES_256_GCM_SHA384 cipher suites specified in RFC5289 2015-02-04 00:18:14 +00:00
Server-TLSv12-CipherSuiteCertPreferenceECDSA crypto/ecdsa: make Sign safe with broken entropy sources 2015-01-28 01:39:51 +00:00
Server-TLSv12-CipherSuiteCertPreferenceRSA crypto/ecdsa: make Sign safe with broken entropy sources 2015-01-28 01:39:51 +00:00
Server-TLSv12-ClientAuthRequestedAndECDSAGiven build: move package sources from src/pkg to src 2014-09-08 00:08:51 -04:00
Server-TLSv12-ClientAuthRequestedAndGiven build: move package sources from src/pkg to src 2014-09-08 00:08:51 -04:00
Server-TLSv12-ClientAuthRequestedNotGiven build: move package sources from src/pkg to src 2014-09-08 00:08:51 -04:00
Server-TLSv12-ECDHE-ECDSA-AES crypto/ecdsa: make Sign safe with broken entropy sources 2015-01-28 01:39:51 +00:00
Server-TLSv12-IssueTicket build: move package sources from src/pkg to src 2014-09-08 00:08:51 -04:00
Server-TLSv12-IssueTicketPreDisable crypto/tls: ensure that we don't resume when tickets are disabled. 2014-09-26 11:02:09 +10:00
Server-TLSv12-Resume build: move package sources from src/pkg to src 2014-09-08 00:08:51 -04:00
Server-TLSv12-ResumeDisabled crypto/tls: ensure that we don't resume when tickets are disabled. 2014-09-26 11:02:09 +10:00
Server-TLSv12-RSA-3DES build: move package sources from src/pkg to src 2014-09-08 00:08:51 -04:00
Server-TLSv12-RSA-AES build: move package sources from src/pkg to src 2014-09-08 00:08:51 -04:00
Server-TLSv12-RSA-AES-GCM build: move package sources from src/pkg to src 2014-09-08 00:08:51 -04:00
Server-TLSv12-RSA-AES256-GCM-SHA384 crypto/tls: add support for AES_256_GCM_SHA384 cipher suites specified in RFC5289 2015-02-04 00:18:14 +00:00
Server-TLSv12-RSA-RC4 build: move package sources from src/pkg to src 2014-09-08 00:08:51 -04:00
Server-TLSv12-SNI build: move package sources from src/pkg to src 2014-09-08 00:08:51 -04:00