crypto/tls: don't advertise TLS 1.2-only sigAlgs in TLS 1.3

If a ClientHello only supports TLS 1.3, or if a CertificateRequest is sent after selecting TLS 1.3, we should not advertise TLS 1.2-only signature_algorithms like PKCS#1 v1.5 or SHA-1. However, since crypto/x509 still supports PKCS#1 v1.5, and a direct CertPool match might not care about the signature in the certificate at all, start sending a separate signature_algorithms_cert extension to indicate support for PKCS#1 v1.5 and SHA-1 in certificates. We were already correctly rejecting these algorithms if the peer selected them in a TLS 1.3 connection. Updates #72883 Change-Id: I6a6a4656ab60e1b7fb20fdedc32604dc156953ae Reviewed-on: https://go-review.googlesource.com/c/go/+/658215 Reviewed-by: Roland Shoemaker <roland@golang.org> Reviewed-by: David Chase <drchase@google.com> Auto-Submit: Filippo Valsorda <filippo@golang.org> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
author: Filippo Valsorda <filippo@golang.org> 2025-03-15 12:12:22 +0100
committer: Gopher Robot <gobot@golang.org> 2025-05-21 14:18:04 -0700
commit: e90acc814de247f58330be1d8ba3b11c78c96077 (patch)
tree: a56fd0ac07eab3c8e1155da0b1d182ab151aa589 /src/crypto/tls/testdata/Client-TLSv11-RSA-RC4
parent: 33d3f603c19f46e6529483230465cd6f420ce23b (diff)
download: go-e90acc814de247f58330be1d8ba3b11c78c96077.tar.xz
1 files changed, 24 insertions, 22 deletions
diff --git a/src/crypto/tls/testdata/Client-TLSv11-RSA-RC4 b/src/crypto/tls/testdata/Client-TLSv11-RSA-RC4
index dd58620c47..bb770e61b1 100644
--- a/src/crypto/tls/testdata/Client-TLSv11-RSA-RC4
+++ b/src/crypto/tls/testdata/Client-TLSv11-RSA-RC4
@@ -1,5 +1,5 @@
 >>> Flow 1 (client to server)
-00000000  16 03 01 00 fe 01 00 00  fa 03 03 00 00 00 00 00  |................|
+00000000  16 03 01 01 1c 01 00 01  18 03 03 00 00 00 00 00  |................|
 00000010  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
 00000020  00 00 00 00 00 00 00 00  00 00 00 20 00 00 00 00  |........... ....|
 00000030  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
@@ -7,21 +7,23 @@
 00000050  cc a8 c0 2b c0 2f c0 2c  c0 30 c0 09 c0 13 c0 0a  |...+./.,.0......|
 00000060  c0 14 00 9c 00 9d 00 2f  00 35 c0 12 00 0a c0 23  |......./.5.....#|
 00000070  c0 27 00 3c c0 07 c0 11  00 05 13 03 13 01 13 02  |.'.<............|
-00000080  01 00 00 7f 00 0b 00 02  01 00 ff 01 00 01 00 00  |................|
+00000080  01 00 00 9d 00 0b 00 02  01 00 ff 01 00 01 00 00  |................|
 00000090  17 00 00 00 12 00 00 00  05 00 05 01 00 00 00 00  |................|
 000000a0  00 0a 00 0a 00 08 00 1d  00 17 00 18 00 19 00 0d  |................|
 000000b0  00 1a 00 18 08 04 04 03  08 07 08 05 08 06 04 01  |................|
-000000c0  05 01 06 01 05 03 06 03  02 01 02 03 00 2b 00 09  |.............+..|
-000000d0  08 03 04 03 03 03 02 03  01 00 33 00 26 00 24 00  |..........3.&.$.|
-000000e0  1d 00 20 2f e5 7d a3 47  cd 62 43 15 28 da ac 5f  |.. /.}.G.bC.(.._|
-000000f0  bb 29 07 30 ff f6 84 af  c4 cf c2 ed 90 99 5f 58  |.).0.........._X|
-00000100  cb 3b 74                                          |.;t|
+000000c0  05 01 06 01 05 03 06 03  02 01 02 03 00 32 00 1a  |.............2..|
+000000d0  00 18 08 04 04 03 08 07  08 05 08 06 04 01 05 01  |................|
+000000e0  06 01 05 03 06 03 02 01  02 03 00 2b 00 09 08 03  |...........+....|
+000000f0  04 03 03 03 02 03 01 00  33 00 26 00 24 00 1d 00  |........3.&.$...|
+00000100  20 2f e5 7d a3 47 cd 62  43 15 28 da ac 5f bb 29  | /.}.G.bC.(.._.)|
+00000110  07 30 ff f6 84 af c4 cf  c2 ed 90 99 5f 58 cb 3b  |.0.........._X.;|
+00000120  74                                                |t|
 >>> Flow 2 (server to client)
-00000000  16 03 02 00 55 02 00 00  51 03 02 42 bb c8 01 43  |....U...Q..B...C|
-00000010  e4 f7 10 09 bf 35 a3 c2  d7 ca 60 a9 60 be 1d 00  |.....5....`.`...|
-00000020  92 33 b6 3e 56 2b c2 f7  29 e3 f9 20 8c d7 b6 90  |.3.>V+..).. ....|
-00000030  03 f5 8b 55 e9 81 47 5b  84 ec 19 bc 32 58 c6 30  |...U..G[....2X.0|
-00000040  f1 79 ea 51 a2 18 cc c0  4e 8a 8e cb 00 05 00 00  |.y.Q....N.......|
+00000000  16 03 02 00 55 02 00 00  51 03 02 fa ec 74 4b af  |....U...Q....tK.|
+00000010  f7 bb 7c 03 0a 35 f9 91  1e 62 c8 d7 9d b0 cc 29  |..|..5...b.....)|
+00000020  0c 67 f1 a9 c6 be ff aa  ee 45 2c 20 7e 02 45 29  |.g.......E, ~.E)|
+00000030  e8 01 2c 76 c9 49 9c bf  ca b7 0c b0 86 69 2a d0  |..,v.I.......i*.|
+00000040  34 59 2c 16 b1 bd 67 1a  e8 f9 97 3d 00 05 00 00  |4Y,...g....=....|
 00000050  09 ff 01 00 01 00 00 17  00 00 16 03 02 02 59 0b  |..............Y.|
 00000060  00 02 55 00 02 52 00 02  4f 30 82 02 4b 30 82 01  |..U..R..O0..K0..|
 00000070  b4 a0 03 02 01 02 02 09  00 e8 f0 9d 3f e2 5b ea  |............?.[.|
@@ -72,15 +74,15 @@
 00000060  c5 70 0f 08 83 48 e9 48  ef 6e 50 8b 05 7e e5 84  |.p...H.H.nP..~..|
 00000070  25 fa 55 c7 ae 31 02 27  00 ef 3f 98 86 20 12 89  |%.U..1.'..?.. ..|
 00000080  91 59 28 b4 f7 d7 af d2  69 61 35 14 03 02 00 01  |.Y(.....ia5.....|
-00000090  01 16 03 02 00 24 a8 40  50 90 31 50 fc 5e d8 f5  |.....$.@P.1P.^..|
-000000a0  64 7a a5 62 8d ad ce 03  34 c9 ab 16 31 45 bc 8b  |dz.b....4...1E..|
-000000b0  26 8b fa 38 7a 2e 60 42  86 46                    |&..8z.`B.F|
+00000090  01 16 03 02 00 24 8b f8  3f ae 9d 41 27 8e 52 ca  |.....$..?..A'.R.|
+000000a0  75 8c 1b 76 fa 20 4f 7f  97 62 ac a6 85 33 71 32  |u..v. O..b...3q2|
+000000b0  34 8d 4b e3 d4 a1 a0 bc  9c 29                    |4.K......)|
 >>> Flow 4 (server to client)
-00000000  14 03 02 00 01 01 16 03  02 00 24 83 1d 5a 04 90  |..........$..Z..|
-00000010  1f 8d 07 46 39 1e 3c cf  cb 06 45 f5 88 9e 68 5c  |...F9.<...E...h\|
-00000020  96 a0 06 47 43 21 20 ce  90 1f 24 49 52 30 59     |...GC! ...$IR0Y|
+00000000  14 03 02 00 01 01 16 03  02 00 24 1d d6 e8 70 53  |..........$...pS|
+00000010  f2 9e 4f ce 5f 35 4e 8d  41 1f 78 9a 72 79 2b cc  |..O._5N.A.x.ry+.|
+00000020  17 cd 48 16 b0 69 8b 41  b7 5a c6 df ec f6 5d     |..H..i.A.Z....]|
 >>> Flow 5 (client to server)
-00000000  17 03 02 00 1a f9 9f c2  32 02 96 87 95 4b ba 17  |........2....K..|
-00000010  1f b9 af fe 6a 87 38 d4  d8 b4 f8 1d ad 05 00 15  |....j.8.........|
-00000020  03 02 00 16 54 07 15 34  f4 c3 a2 3e 01 9e 00 cb  |....T..4...>....|
-00000030  83 f7 58 79 e2 dc a4 b8  15 e9                    |..Xy......|
+00000000  17 03 02 00 1a 69 a6 2b  fe 20 e2 2e e6 b2 ed 03  |.....i.+. ......|
+00000010  92 ae e0 ff 84 56 12 f3  60 01 92 c0 f3 0e 8f 15  |.....V..`.......|
+00000020  03 02 00 16 d1 05 c5 6f  f3 3c 18 63 2b 9c 68 39  |.......o.<.c+.h9|
+00000030  c4 45 90 f1 ef 3f e1 00  2f 78                    |.E...?../x|
author	Filippo Valsorda <filippo@golang.org>	2025-03-15 12:12:22 +0100
committer	Gopher Robot <gobot@golang.org>	2025-05-21 14:18:04 -0700
commit	e90acc814de247f58330be1d8ba3b11c78c96077 (patch)
tree	a56fd0ac07eab3c8e1155da0b1d182ab151aa589 /src/crypto/tls/testdata/Client-TLSv11-RSA-RC4
parent	33d3f603c19f46e6529483230465cd6f420ce23b (diff)
download	go-e90acc814de247f58330be1d8ba3b11c78c96077.tar.xz