aboutsummaryrefslogtreecommitdiff
path: root/src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-ECDSA
diff options
context:
space:
mode:
authorFilippo Valsorda <filippo@golang.org>2025-03-15 12:12:22 +0100
committerGopher Robot <gobot@golang.org>2025-05-21 14:18:04 -0700
commite90acc814de247f58330be1d8ba3b11c78c96077 (patch)
treea56fd0ac07eab3c8e1155da0b1d182ab151aa589 /src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-ECDSA
parent33d3f603c19f46e6529483230465cd6f420ce23b (diff)
downloadgo-e90acc814de247f58330be1d8ba3b11c78c96077.tar.xz
crypto/tls: don't advertise TLS 1.2-only sigAlgs in TLS 1.3
If a ClientHello only supports TLS 1.3, or if a CertificateRequest is sent after selecting TLS 1.3, we should not advertise TLS 1.2-only signature_algorithms like PKCS#1 v1.5 or SHA-1. However, since crypto/x509 still supports PKCS#1 v1.5, and a direct CertPool match might not care about the signature in the certificate at all, start sending a separate signature_algorithms_cert extension to indicate support for PKCS#1 v1.5 and SHA-1 in certificates. We were already correctly rejecting these algorithms if the peer selected them in a TLS 1.3 connection. Updates #72883 Change-Id: I6a6a4656ab60e1b7fb20fdedc32604dc156953ae Reviewed-on: https://go-review.googlesource.com/c/go/+/658215 Reviewed-by: Roland Shoemaker <roland@golang.org> Reviewed-by: David Chase <drchase@google.com> Auto-Submit: Filippo Valsorda <filippo@golang.org> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
Diffstat (limited to 'src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-ECDSA')
-rw-r--r--src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-ECDSA108
1 files changed, 55 insertions, 53 deletions
diff --git a/src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-ECDSA b/src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-ECDSA
index 7b2a363176..689be1097b 100644
--- a/src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-ECDSA
+++ b/src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-ECDSA
@@ -1,5 +1,5 @@
>>> Flow 1 (client to server)
-00000000 16 03 01 00 fe 01 00 00 fa 03 03 00 00 00 00 00 |................|
+00000000 16 03 01 01 1c 01 00 01 18 03 03 00 00 00 00 00 |................|
00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....|
00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
@@ -7,21 +7,23 @@
00000050 cc a8 c0 2b c0 2f c0 2c c0 30 c0 09 c0 13 c0 0a |...+./.,.0......|
00000060 c0 14 00 9c 00 9d 00 2f 00 35 c0 12 00 0a c0 23 |......./.5.....#|
00000070 c0 27 00 3c c0 07 c0 11 00 05 13 03 13 01 13 02 |.'.<............|
-00000080 01 00 00 7f 00 0b 00 02 01 00 ff 01 00 01 00 00 |................|
+00000080 01 00 00 9d 00 0b 00 02 01 00 ff 01 00 01 00 00 |................|
00000090 17 00 00 00 12 00 00 00 05 00 05 01 00 00 00 00 |................|
000000a0 00 0a 00 0a 00 08 00 1d 00 17 00 18 00 19 00 0d |................|
000000b0 00 1a 00 18 08 04 04 03 08 07 08 05 08 06 04 01 |................|
-000000c0 05 01 06 01 05 03 06 03 02 01 02 03 00 2b 00 09 |.............+..|
-000000d0 08 03 04 03 03 03 02 03 01 00 33 00 26 00 24 00 |..........3.&.$.|
-000000e0 1d 00 20 2f e5 7d a3 47 cd 62 43 15 28 da ac 5f |.. /.}.G.bC.(.._|
-000000f0 bb 29 07 30 ff f6 84 af c4 cf c2 ed 90 99 5f 58 |.).0.........._X|
-00000100 cb 3b 74 |.;t|
+000000c0 05 01 06 01 05 03 06 03 02 01 02 03 00 32 00 1a |.............2..|
+000000d0 00 18 08 04 04 03 08 07 08 05 08 06 04 01 05 01 |................|
+000000e0 06 01 05 03 06 03 02 01 02 03 00 2b 00 09 08 03 |...........+....|
+000000f0 04 03 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 |........3.&.$...|
+00000100 20 2f e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 | /.}.G.bC.(.._.)|
+00000110 07 30 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b |.0.........._X.;|
+00000120 74 |t|
>>> Flow 2 (server to client)
-00000000 16 03 03 00 5d 02 00 00 59 03 03 6d b7 f7 cf 1d |....]...Y..m....|
-00000010 f9 c0 02 cb ee 90 23 93 41 8e 26 24 3e 74 31 ce |......#.A.&$>t1.|
-00000020 4f 53 f8 9d 0f 94 02 b2 66 c9 87 20 d6 5c 35 52 |OS......f.. .\5R|
-00000030 4b b1 f2 bb 2e 1d 95 ff 7d 83 f0 58 a8 0a ed b1 |K.......}..X....|
-00000040 54 25 03 ca ea 7b 8d 1a 8f 9f 43 51 c0 09 00 00 |T%...{....CQ....|
+00000000 16 03 03 00 5d 02 00 00 59 03 03 dc 6d a4 87 a5 |....]...Y...m...|
+00000010 a1 8e 67 3d c3 ed c0 e4 ed 38 7a 00 df b1 50 f4 |..g=.....8z...P.|
+00000020 4a cc 0f ab e2 e8 d9 77 b8 1a 18 20 cb e9 02 2a |J......w... ...*|
+00000030 4f 17 c0 9d 3d 55 60 3e d8 46 ee 52 dd bf 3e e6 |O...=U`>.F.R..>.|
+00000040 c9 4a b5 24 f5 19 73 56 ab 78 ce ec c0 09 00 00 |.J.$..sV.x......|
00000050 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 17 |................|
00000060 00 00 16 03 03 02 0e 0b 00 02 0a 00 02 07 00 02 |................|
00000070 04 30 82 02 00 30 82 01 62 02 09 00 b8 bf 2d 47 |.0...0..b.....-G|
@@ -56,23 +58,23 @@
00000240 8c 25 c1 33 13 83 0d 94 06 bb d4 37 7a f6 ec 7a |.%.3.......7z..z|
00000250 c9 86 2e dd d7 11 69 7f 85 7c 56 de fb 31 78 2b |......i..|V..1x+|
00000260 e4 c7 78 0d ae cb be 9e 4e 36 24 31 7b 6a 0f 39 |..x.....N6$1{j.9|
-00000270 95 12 07 8f 2a 16 03 03 00 b6 0c 00 00 b2 03 00 |....*...........|
-00000280 1d 20 04 b4 79 b4 2c 1d 0f b3 4b ff 67 e7 24 88 |. ..y.,...K.g.$.|
-00000290 d6 db 4f 1e 66 da 0e f2 89 5a 53 ed 4e ba ad 4c |..O.f....ZS.N..L|
-000002a0 81 0a 04 03 00 8a 30 81 87 02 42 01 fb 16 53 43 |......0...B...SC|
-000002b0 2b 86 61 0a 58 a0 68 c1 cd 2c ff ec 79 7f 83 fa |+.a.X.h..,..y...|
-000002c0 cc 0b 24 9d 98 54 d0 dc 90 55 e1 b3 e6 48 69 1a |..$..T...U...Hi.|
-000002d0 55 62 f4 da 8f 60 db f7 76 80 d5 4d 37 f6 43 49 |Ub...`..v..M7.CI|
-000002e0 95 3d 96 f6 e2 fd a4 07 ae 24 8c fa bd 02 41 20 |.=.......$....A |
-000002f0 a1 50 78 a3 dd 99 c0 cf 74 f1 c0 79 b1 13 9d bc |.Px.....t..y....|
-00000300 0b 37 cf 7c 09 11 b8 a4 71 65 e8 be ff 3a b9 85 |.7.|....qe...:..|
-00000310 cd b4 30 f8 1f d6 2e 83 96 6c 01 3e d2 00 a7 5b |..0......l.>...[|
-00000320 23 c6 d0 69 eb 90 49 e3 46 ed 45 96 3b 07 d4 a8 |#..i..I.F.E.;...|
-00000330 16 03 03 00 3a 0d 00 00 36 03 01 02 40 00 2e 04 |....:...6...@...|
-00000340 03 05 03 06 03 08 07 08 08 08 09 08 0a 08 0b 08 |................|
-00000350 04 08 05 08 06 04 01 05 01 06 01 03 03 02 03 03 |................|
-00000360 01 02 01 03 02 02 02 04 02 05 02 06 02 00 00 16 |................|
-00000370 03 03 00 04 0e 00 00 00 |........|
+00000270 95 12 07 8f 2a 16 03 03 00 b7 0c 00 00 b3 03 00 |....*...........|
+00000280 1d 20 d8 81 5d 07 0c 63 f2 9a bf 82 37 08 f6 6d |. ..]..c....7..m|
+00000290 e2 20 4b 98 85 cc 62 ad a2 ac b1 8b 15 de 1d 5e |. K...b........^|
+000002a0 3b 74 04 03 00 8b 30 81 88 02 42 01 81 b9 d9 e7 |;t....0...B.....|
+000002b0 3b 89 ed 5f cb 0a 10 16 85 69 c3 5e 7f 82 95 f6 |;.._.....i.^....|
+000002c0 49 48 3a 6d 84 c2 f5 04 9a 00 ef 86 f9 10 fc 03 |IH:m............|
+000002d0 a8 ba eb e7 0c 0c 0c 27 7b ba aa 73 a4 23 03 cb |.......'{..s.#..|
+000002e0 d8 be c8 39 34 1f c4 33 e4 cf 12 98 35 02 42 01 |...94..3....5.B.|
+000002f0 dc 0b c7 df 9c b2 c4 f5 dc 4a a6 b0 ef 40 3c 8c |.........J...@<.|
+00000300 98 f3 93 ac 14 9b 4d fe 6e 7a 09 fd 23 c3 14 4f |......M.nz..#..O|
+00000310 cf 1a e6 61 72 58 8c 75 10 6c 75 42 cc 7b 9c 4a |...arX.u.luB.{.J|
+00000320 11 62 25 12 63 44 9d fe 3d 67 44 7e 74 bd b0 3d |.b%.cD..=gD~t..=|
+00000330 04 16 03 03 00 3a 0d 00 00 36 03 01 02 40 00 2e |.....:...6...@..|
+00000340 04 03 05 03 06 03 08 07 08 08 08 09 08 0a 08 0b |................|
+00000350 08 04 08 05 08 06 04 01 05 01 06 01 03 03 02 03 |................|
+00000360 03 01 02 01 03 02 02 02 04 02 05 02 06 02 00 00 |................|
+00000370 16 03 03 00 04 0e 00 00 00 |.........|
>>> Flow 3 (client to server)
00000000 16 03 03 01 fd 0b 00 01 f9 00 01 f6 00 01 f3 30 |...............0|
00000010 82 01 ef 30 82 01 58 a0 03 02 01 02 02 10 5c 19 |...0..X.......\.|
@@ -109,31 +111,31 @@
00000200 e5 35 16 03 03 00 25 10 00 00 21 20 2f e5 7d a3 |.5....%...! /.}.|
00000210 47 cd 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 |G.bC.(.._.).0...|
00000220 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 16 03 03 00 |......._X.;t....|
-00000230 88 0f 00 00 84 08 04 00 80 3f 4a c2 4f 36 85 f0 |.........?J.O6..|
-00000240 d0 c6 b6 8f f1 cc 45 c1 2f f2 c7 24 1e 0f 04 dc |......E./..$....|
-00000250 f5 af 6e 38 eb aa a6 6f 36 f4 80 dd 78 78 a7 d4 |..n8...o6...xx..|
-00000260 50 3a df e1 23 c4 3f 58 df 1a c0 1d 57 a5 46 3b |P:..#.?X....W.F;|
-00000270 5d 09 ac 62 63 28 8a a2 b5 d4 9b 88 7c b9 4d b4 |]..bc(......|.M.|
-00000280 66 b2 9d 53 6e 15 9c f2 9b c7 14 ca 19 7f 00 38 |f..Sn..........8|
-00000290 81 a3 7b 44 e8 3d 6d 54 0f b3 81 fd 82 07 4d a1 |..{D.=mT......M.|
-000002a0 3e 8c 30 34 cd 6e 55 96 58 bf 86 8b 9c f6 be 94 |>.04.nU.X.......|
-000002b0 f4 a8 7e 4d 7f 03 07 7e 98 14 03 03 00 01 01 16 |..~M...~........|
+00000230 88 0f 00 00 84 08 04 00 80 3c 66 74 5d c3 4b d6 |.........<ft].K.|
+00000240 98 89 fe 1d 47 36 26 62 e8 19 0a 2c a9 8d 9a cf |....G6&b...,....|
+00000250 f2 a1 15 3a bb c5 90 be 8d 09 d5 e8 3e 1f f3 87 |...:........>...|
+00000260 19 a7 d9 5d 7c f6 65 32 bd 47 e9 2f 90 a8 90 1b |...]|.e2.G./....|
+00000270 41 05 08 35 32 f6 c2 22 70 61 37 a3 48 96 72 e0 |A..52.."pa7.H.r.|
+00000280 41 26 07 a9 6c c2 34 72 35 d5 43 ce 23 fd 34 9b |A&..l.4r5.C.#.4.|
+00000290 56 b7 4e c0 be b9 b3 bd 81 df 32 58 3f b2 af 34 |V.N.......2X?..4|
+000002a0 c0 08 69 27 19 43 0f 34 1b 56 ed 08 cd 1b 2b f3 |..i'.C.4.V....+.|
+000002b0 41 75 8c 0a b2 43 4c f6 fe 14 03 03 00 01 01 16 |Au...CL.........|
000002c0 03 03 00 40 00 00 00 00 00 00 00 00 00 00 00 00 |...@............|
-000002d0 00 00 00 00 c7 88 1e 15 dd 36 31 22 0f 30 d1 4d |.........61".0.M|
-000002e0 40 2e 3a dd 05 cc fd a8 d2 ea f8 d9 79 1d 07 46 |@.:.........y..F|
-000002f0 2c 80 ab ab 54 3c 10 5a a7 79 d2 1c 16 18 94 eb |,...T<.Z.y......|
-00000300 46 69 cc 03 |Fi..|
+000002d0 00 00 00 00 ce ef 0a 09 6d 11 17 89 31 b3 ac 31 |........m...1..1|
+000002e0 76 fe 02 d1 2b f8 dc df fc 59 e3 2f aa 14 4e 9d |v...+....Y./..N.|
+000002f0 c1 d9 5d f6 4f 57 6f 15 db 93 f1 27 12 02 7c 08 |..].OWo....'..|.|
+00000300 75 f6 48 26 |u.H&|
>>> Flow 4 (server to client)
-00000000 14 03 03 00 01 01 16 03 03 00 40 9e 65 27 5b 92 |..........@.e'[.|
-00000010 1e 2b 1a bc 81 ab 85 29 51 c1 38 04 b6 97 e5 4b |.+.....)Q.8....K|
-00000020 b1 7d a5 e2 6d e7 b1 1a 33 6c f1 3d a4 9c de 2d |.}..m...3l.=...-|
-00000030 b3 8a 01 da cc f1 d7 83 b1 1e 84 cb b7 e7 fe e6 |................|
-00000040 26 83 b0 2d 6f a9 77 46 55 44 7a |&..-o.wFUDz|
+00000000 14 03 03 00 01 01 16 03 03 00 40 c0 0b de 9c 60 |..........@....`|
+00000010 35 52 38 09 01 7f e5 52 b3 cf b4 e6 27 02 36 52 |5R8....R....'.6R|
+00000020 ce 84 dd f5 ee f8 65 7c 89 ad 5e 1c 86 09 36 d0 |......e|..^...6.|
+00000030 23 c7 52 63 6b 67 97 4e bf c0 28 83 3a c8 3e a2 |#.Rckg.N..(.:.>.|
+00000040 2f f3 d7 08 8c c0 86 64 8e 9c 3e |/......d..>|
>>> Flow 5 (client to server)
00000000 17 03 03 00 30 00 00 00 00 00 00 00 00 00 00 00 |....0...........|
-00000010 00 00 00 00 00 e2 55 06 b8 6f 63 c4 63 78 76 4b |......U..oc.cxvK|
-00000020 c8 63 8b 4b c6 11 2c ff dc fc 20 f7 52 fe fa 5f |.c.K..,... .R.._|
-00000030 e3 45 3a f2 a1 15 03 03 00 30 00 00 00 00 00 00 |.E:......0......|
-00000040 00 00 00 00 00 00 00 00 00 00 0e cb 88 2f 1f be |............./..|
-00000050 9c 76 4d db 75 7f eb 01 ae bd 76 28 07 41 49 6c |.vM.u.....v(.AIl|
-00000060 4c 82 84 d5 fc d3 75 f4 4b 81 |L.....u.K.|
+00000010 00 00 00 00 00 98 7e 6b 30 28 7d e1 6f 09 17 40 |......~k0(}.o..@|
+00000020 cf 5f 98 90 46 91 b5 9b f8 29 22 a0 85 75 f7 f6 |._..F....)"..u..|
+00000030 f4 33 c8 60 75 15 03 03 00 30 00 00 00 00 00 00 |.3.`u....0......|
+00000040 00 00 00 00 00 00 00 00 00 00 02 c0 9e 3b 21 50 |.............;!P|
+00000050 a1 7a 16 67 32 3d 66 6d c4 7f 9c 9b 44 30 31 f4 |.z.g2=fm....D01.|
+00000060 ea 03 7a e3 54 5d 35 7f d3 eb |..z.T]5...|
generated by cgit v1.3-5-g9baa (git 2.53.0) at 2026-04-17 15:10:04 +0000