aboutsummaryrefslogtreecommitdiff
path: root/src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-RSAPSS
diff options
context:
space:
mode:
authorFilippo Valsorda <filippo@golang.org>2019-06-13 18:33:33 -0400
committerFilippo Valsorda <filippo@golang.org>2019-06-19 19:59:14 +0000
commit0b3a57b5374bba3fdf88258e2be4c8be65e6a5de (patch)
tree60f2c993a944c3c0f7f82a5c265ac8d5d956b375 /src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-RSAPSS
parent0ab1cc33ef35147b0e1248f2a9d669ae193d6b3e (diff)
downloadgo-0b3a57b5374bba3fdf88258e2be4c8be65e6a5de.tar.xz
crypto/tls: disable RSA-PSS in TLS 1.2 again
Signing with RSA-PSS can uncover faulty crypto.Signer implementations, and it can fail for (broken) small keys. We'll have to take that breakage eventually, but it would be nice for it to be opt-out at first. TLS 1.3 requires RSA-PSS and is opt-out in Go 1.13. Instead of making a TLS 1.3 opt-out influence a TLS 1.2 behavior, let's wait to add RSA-PSS to TLS 1.2 until TLS 1.3 is on without opt-out. Note that since the Client Hello is sent before a protocol version is selected, we have to advertise RSA-PSS there to support TLS 1.3. That means that we still support RSA-PSS on the client in TLS 1.2 for verifying server certificates, which is fine, as all issues arise on the signing side. We have to be careful not to pick (or consider available) RSA-PSS on the client for client certificates, though. We'd expect tests to change only in TLS 1.2: * the server won't pick PSS to sign the key exchange (Server-TLSv12-* w/ RSA, TestHandshakeServerRSAPSS); * the server won't advertise PSS in CertificateRequest (Server-TLSv12-ClientAuthRequested*, TestClientAuth); * and the client won't pick PSS for its CertificateVerify (Client-TLSv12-ClientCert-RSA-*, TestHandshakeClientCertRSAPSS, Client-TLSv12-Renegotiate* because "R" requests a client cert). Client-TLSv13-ClientCert-RSA-RSAPSS was updated because of a fix in the test. This effectively reverts 88343530720a52c96b21f2bd5488c8fb607605d7. Testing was made more complex by the undocumented semantics of OpenSSL's -[client_]sigalgs (see openssl/openssl#9172). Updates #32425 Change-Id: Iaddeb2df1f5c75cd090cc8321df2ac8e8e7db349 Reviewed-on: https://go-review.googlesource.com/c/go/+/182339 Reviewed-by: Adam Langley <agl@golang.org>
Diffstat (limited to 'src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-RSAPSS')
-rw-r--r--src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-RSAPSS153
1 files changed, 80 insertions, 73 deletions
diff --git a/src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-RSAPSS b/src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-RSAPSS
index 312674fab5..f788e6f600 100644
--- a/src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-RSAPSS
+++ b/src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-RSAPSS
@@ -16,11 +16,11 @@
000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0|
000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t|
>>> Flow 2 (server to client)
-00000000 16 03 03 00 59 02 00 00 55 03 03 e5 8a 69 16 37 |....Y...U....i.7|
-00000010 65 58 a7 2b 85 d8 ff 46 bb 32 af b3 10 ef ee 84 |eX.+...F.2......|
-00000020 d4 a7 72 d0 5d 8e 59 7a a4 07 fe 20 19 76 75 fd |..r.].Yz... .vu.|
-00000030 19 e5 64 98 83 fc 3d 59 4b 8a 39 fc 66 61 c5 5d |..d...=YK.9.fa.]|
-00000040 58 09 7d 04 69 3c 30 9c e8 e8 33 6a c0 2f 00 00 |X.}.i<0...3j./..|
+00000000 16 03 03 00 59 02 00 00 55 03 03 be 63 44 bb 7e |....Y...U...cD.~|
+00000010 0d 88 88 15 b1 ed 7e 75 03 57 25 1a 0c 52 42 31 |......~u.W%..RB1|
+00000020 f8 e1 46 e3 11 27 ff 05 5e 26 2e 20 e6 31 d0 a6 |..F..'..^&. .1..|
+00000030 d9 7c 69 a6 57 09 ee 50 c5 3c 5e 1d a0 a7 2b 7a |.|i.W..P.<^...+z|
+00000040 7c dd 04 b4 38 45 c9 90 a0 98 33 68 c0 2f 00 00 ||...8E....3h./..|
00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................|
00000060 03 02 66 0b 00 02 62 00 02 5f 00 02 5c 30 82 02 |..f...b.._..\0..|
00000070 58 30 82 01 8d a0 03 02 01 02 02 11 00 f2 99 26 |X0.............&|
@@ -61,75 +61,82 @@
000002a0 11 89 66 79 d1 8e 88 0e 0b a0 9e 30 2a c0 67 ef |..fy.......0*.g.|
000002b0 ca 46 02 88 e9 53 81 22 69 22 97 ad 80 93 d4 f7 |.F...S."i"......|
000002c0 dd 70 14 24 d7 70 0a 46 a1 16 03 03 00 ac 0c 00 |.p.$.p.F........|
-000002d0 00 a8 03 00 1d 20 12 58 2b bb a1 46 a0 0c 3b 58 |..... .X+..F..;X|
-000002e0 1e 57 93 c2 b2 7f 58 ec d1 ed 91 a1 6d e9 4f 8b |.W....X.....m.O.|
-000002f0 cb 81 c4 73 a5 04 08 04 00 80 cd 29 91 fc 9b 6c |...s.......)...l|
-00000300 58 f7 34 95 41 87 90 f6 47 7d 26 5f 9c 0e ec 1c |X.4.A...G}&_....|
-00000310 90 f0 16 ad 44 9f 4f a9 90 0c f0 b1 d3 39 c8 ab |....D.O......9..|
-00000320 87 35 72 71 db d0 4a 05 78 f8 c3 2e 23 2a 57 59 |.5rq..J.x...#*WY|
-00000330 ac d4 7f c5 97 7d 0b 1e 12 71 0b cc c7 81 32 0a |.....}...q....2.|
-00000340 9f 6e 5d 63 4a 6d e1 f1 b5 17 65 3b 49 3f 11 3a |.n]cJm....e;I?.:|
-00000350 ac 05 e3 4b f0 12 c0 b0 ee 51 fb e5 0e 2f 30 3d |...K.....Q.../0=|
-00000360 a9 bd 4b de 30 0b bd 41 94 39 92 51 6b ea 89 97 |..K.0..A.9.Qk...|
-00000370 36 04 ea ed 01 d9 d4 79 80 61 16 03 03 00 0c 0d |6......y.a......|
-00000380 00 00 08 01 01 00 02 08 04 00 00 16 03 03 00 04 |................|
+000002d0 00 a8 03 00 1d 20 60 8e 8a 17 8a fc b4 4f 01 ad |..... `......O..|
+000002e0 f8 ef 44 f3 fc af 2a 90 57 7d ba 1d dd a6 17 cc |..D...*.W}......|
+000002f0 c6 4a 5f a2 fb 47 08 04 00 80 46 d8 62 04 19 4a |.J_..G....F.b..J|
+00000300 29 9b cc 3c 2c 0d 7e 67 3d 97 c0 32 65 90 28 e2 |)..<,.~g=..2e.(.|
+00000310 e9 df 7d 9b e1 62 82 a9 0b 22 99 a0 ae b9 7a 31 |..}..b..."....z1|
+00000320 75 c2 6e 61 e7 a5 64 b9 72 ce b8 04 b2 ca 14 78 |u.na..d.r......x|
+00000330 d4 b4 c2 b4 57 b4 a4 70 f9 d1 bf d0 77 e3 f5 66 |....W..p....w..f|
+00000340 c0 3f dd b2 40 30 3d d5 e9 a6 d1 49 79 ac ea b9 |.?..@0=....Iy...|
+00000350 38 43 52 3c a0 1c be 0d 18 a2 fc c0 a6 43 80 91 |8CR<.........C..|
+00000360 3f c5 c2 3a 43 31 92 ff 58 a8 40 52 b3 99 0f c4 |?..:C1..X.@R....|
+00000370 c6 00 89 0b b9 f4 9e 28 cd bf 16 03 03 00 0c 0d |.......(........|
+00000380 00 00 08 01 01 00 02 04 01 00 00 16 03 03 00 04 |................|
00000390 0e 00 00 00 |....|
>>> Flow 3 (client to server)
-00000000 16 03 03 01 fd 0b 00 01 f9 00 01 f6 00 01 f3 30 |...............0|
-00000010 82 01 ef 30 82 01 58 a0 03 02 01 02 02 10 5c 19 |...0..X.......\.|
-00000020 c1 89 65 83 55 6f dc 0b c9 b9 93 9f e9 bc 30 0d |..e.Uo........0.|
-00000030 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 12 31 |..*.H........0.1|
-00000040 10 30 0e 06 03 55 04 0a 13 07 41 63 6d 65 20 43 |.0...U....Acme C|
-00000050 6f 30 1e 17 0d 31 36 30 38 31 37 32 31 35 32 33 |o0...16081721523|
-00000060 31 5a 17 0d 31 37 30 38 31 37 32 31 35 32 33 31 |1Z..170817215231|
-00000070 5a 30 12 31 10 30 0e 06 03 55 04 0a 13 07 41 63 |Z0.1.0...U....Ac|
-00000080 6d 65 20 43 6f 30 81 9f 30 0d 06 09 2a 86 48 86 |me Co0..0...*.H.|
-00000090 f7 0d 01 01 01 05 00 03 81 8d 00 30 81 89 02 81 |...........0....|
-000000a0 81 00 ba 6f aa 86 bd cf bf 9f f2 ef 5c 94 60 78 |...o........\.`x|
-000000b0 6f e8 13 f2 d1 96 6f cd d9 32 6e 22 37 ce 41 f9 |o.....o..2n"7.A.|
-000000c0 ca 5d 29 ac e1 27 da 61 a2 ee 81 cb 10 c7 df 34 |.])..'.a.......4|
-000000d0 58 95 86 e9 3d 19 e6 5c 27 73 60 c8 8d 78 02 f4 |X...=..\'s`..x..|
-000000e0 1d a4 98 09 a3 19 70 69 3c 25 62 66 2a ab 22 23 |......pi<%bf*."#|
-000000f0 c5 7b 85 38 4f 2e 09 73 32 a7 bd 3e 9b ad ca 84 |.{.8O..s2..>....|
-00000100 07 e6 0f 3a ff 77 c5 9d 41 85 00 8a b6 9b ee b0 |...:.w..A.......|
-00000110 a4 3f 2d 4c 4c e6 42 3e bb 51 c8 dd 48 54 f4 0c |.?-LL.B>.Q..HT..|
-00000120 8e 47 02 03 01 00 01 a3 46 30 44 30 0e 06 03 55 |.G......F0D0...U|
-00000130 1d 0f 01 01 ff 04 04 03 02 05 a0 30 13 06 03 55 |...........0...U|
-00000140 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 07 03 01 |.%..0...+.......|
-00000150 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 0f |0...U.......0.0.|
-00000160 06 03 55 1d 11 04 08 30 06 87 04 7f 00 00 01 30 |..U....0.......0|
-00000170 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 81 |...*.H..........|
-00000180 81 00 46 ab 44 a2 fb 28 54 f8 5a 67 f8 62 94 f1 |..F.D..(T.Zg.b..|
-00000190 9a b2 18 9e f2 b1 de 1d 7e 6f 76 95 a9 ba e7 5d |........~ov....]|
-000001a0 a8 16 6c 9c f7 09 d3 37 e4 4b 2b 36 7c 01 ad 41 |..l....7.K+6|..A|
-000001b0 d2 32 d8 c3 d2 93 f9 10 6b 8e 95 b9 2c 17 8a a3 |.2......k...,...|
-000001c0 44 48 bc 59 13 83 16 04 88 a4 81 5c 25 0d 98 0c |DH.Y.......\%...|
-000001d0 ac 11 b1 28 56 be 1d cd 61 62 84 09 bf d6 80 c6 |...(V...ab......|
-000001e0 45 8d 82 2c b4 d8 83 9b db c9 22 b7 2a 12 11 7b |E..,......".*..{|
-000001f0 fa 02 3b c1 c9 ff ea c9 9d a8 49 d3 95 d7 d5 0e |..;.......I.....|
-00000200 e5 35 16 03 03 00 25 10 00 00 21 20 2f e5 7d a3 |.5....%...! /.}.|
-00000210 47 cd 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 |G.bC.(.._.).0...|
-00000220 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 16 03 03 00 |......._X.;t....|
-00000230 88 0f 00 00 84 08 04 00 80 5a e9 85 d9 20 4b f7 |.........Z... K.|
-00000240 3e 70 ad 9b e9 8b 92 28 0f 8e 10 de bf 62 9e 34 |>p.....(.....b.4|
-00000250 5b b4 5e be 1e d4 59 18 e2 0b 46 b1 88 10 8f 19 |[.^...Y...F.....|
-00000260 3b 34 aa 4b fa 35 c4 f2 b5 09 75 af 7b 62 4f b7 |;4.K.5....u.{bO.|
-00000270 e5 6b a5 76 c4 c9 62 f3 36 aa 55 31 a0 6e 71 f1 |.k.v..b.6.U1.nq.|
-00000280 3c 40 e4 46 88 1c 96 cf 04 85 cc 92 32 65 49 be |<@.F........2eI.|
-00000290 a7 72 c7 2b b1 71 c6 6b a0 87 67 26 8f 5c 14 f7 |.r.+.q.k..g&.\..|
-000002a0 18 27 f3 13 f5 b5 31 a0 7e 6a b3 a9 ac b8 06 d5 |.'....1.~j......|
-000002b0 e5 9c ec 87 51 1c f6 aa 57 14 03 03 00 01 01 16 |....Q...W.......|
-000002c0 03 03 00 28 00 00 00 00 00 00 00 00 3a 36 e8 ed |...(........:6..|
-000002d0 d0 88 1f 64 e1 89 b2 3d 2c e4 fb c0 cb 77 56 ca |...d...=,....wV.|
-000002e0 ea 63 be 25 e4 eb 99 3e 35 aa f2 75 |.c.%...>5..u|
+00000000 16 03 03 02 66 0b 00 02 62 00 02 5f 00 02 5c 30 |....f...b.._..\0|
+00000010 82 02 58 30 82 01 8d a0 03 02 01 02 02 11 00 f2 |..X0............|
+00000020 99 26 eb 87 ea 8a 0d b9 fc c2 47 34 7c 11 b0 30 |.&........G4|..0|
+00000030 41 06 09 2a 86 48 86 f7 0d 01 01 0a 30 34 a0 0f |A..*.H......04..|
+00000040 30 0d 06 09 60 86 48 01 65 03 04 02 01 05 00 a1 |0...`.H.e.......|
+00000050 1c 30 1a 06 09 2a 86 48 86 f7 0d 01 01 08 30 0d |.0...*.H......0.|
+00000060 06 09 60 86 48 01 65 03 04 02 01 05 00 a2 03 02 |..`.H.e.........|
+00000070 01 20 30 12 31 10 30 0e 06 03 55 04 0a 13 07 41 |. 0.1.0...U....A|
+00000080 63 6d 65 20 43 6f 30 1e 17 0d 31 37 31 31 32 33 |cme Co0...171123|
+00000090 31 36 31 36 31 30 5a 17 0d 31 38 31 31 32 33 31 |161610Z..1811231|
+000000a0 36 31 36 31 30 5a 30 12 31 10 30 0e 06 03 55 04 |61610Z0.1.0...U.|
+000000b0 0a 13 07 41 63 6d 65 20 43 6f 30 81 9f 30 0d 06 |...Acme Co0..0..|
+000000c0 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 |.*.H............|
+000000d0 30 81 89 02 81 81 00 db 46 7d 93 2e 12 27 06 48 |0.......F}...'.H|
+000000e0 bc 06 28 21 ab 7e c4 b6 a2 5d fe 1e 52 45 88 7a |..(!.~...]..RE.z|
+000000f0 36 47 a5 08 0d 92 42 5b c2 81 c0 be 97 79 98 40 |6G....B[.....y.@|
+00000100 fb 4f 6d 14 fd 2b 13 8b c2 a5 2e 67 d8 d4 09 9e |.Om..+.....g....|
+00000110 d6 22 38 b7 4a 0b 74 73 2b c2 34 f1 d1 93 e5 96 |."8.J.ts+.4.....|
+00000120 d9 74 7b f3 58 9f 6c 61 3c c0 b0 41 d4 d9 2b 2b |.t{.X.la<..A..++|
+00000130 24 23 77 5b 1c 3b bd 75 5d ce 20 54 cf a1 63 87 |$#w[.;.u]. T..c.|
+00000140 1d 1e 24 c4 f3 1d 1a 50 8b aa b6 14 43 ed 97 a7 |..$....P....C...|
+00000150 75 62 f4 14 c8 52 d7 02 03 01 00 01 a3 46 30 44 |ub...R.......F0D|
+00000160 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 05 a0 |0...U...........|
+00000170 30 13 06 03 55 1d 25 04 0c 30 0a 06 08 2b 06 01 |0...U.%..0...+..|
+00000180 05 05 07 03 01 30 0c 06 03 55 1d 13 01 01 ff 04 |.....0...U......|
+00000190 02 30 00 30 0f 06 03 55 1d 11 04 08 30 06 87 04 |.0.0...U....0...|
+000001a0 7f 00 00 01 30 41 06 09 2a 86 48 86 f7 0d 01 01 |....0A..*.H.....|
+000001b0 0a 30 34 a0 0f 30 0d 06 09 60 86 48 01 65 03 04 |.04..0...`.H.e..|
+000001c0 02 01 05 00 a1 1c 30 1a 06 09 2a 86 48 86 f7 0d |......0...*.H...|
+000001d0 01 01 08 30 0d 06 09 60 86 48 01 65 03 04 02 01 |...0...`.H.e....|
+000001e0 05 00 a2 03 02 01 20 03 81 81 00 cd ac 4e f2 ce |...... ......N..|
+000001f0 5f 8d 79 88 10 42 70 7f 7c bf 1b 5a 8a 00 ef 19 |_.y..Bp.|..Z....|
+00000200 15 4b 40 15 17 71 00 6c d4 16 26 e5 49 6d 56 da |.K@..q.l..&.ImV.|
+00000210 0c 1a 13 9f d8 46 95 59 3c b6 7f 87 76 5e 18 aa |.....F.Y<...v^..|
+00000220 03 ea 06 75 22 dd 78 d2 a5 89 b8 c9 23 64 e1 28 |...u".x.....#d.(|
+00000230 38 ce 34 6c 6e 06 7b 51 f1 a7 e6 f4 b3 7f fa b1 |8.4ln.{Q........|
+00000240 3f 14 11 89 66 79 d1 8e 88 0e 0b a0 9e 30 2a c0 |?...fy.......0*.|
+00000250 67 ef ca 46 02 88 e9 53 81 22 69 22 97 ad 80 93 |g..F...S."i"....|
+00000260 d4 f7 dd 70 14 24 d7 70 0a 46 a1 16 03 03 00 25 |...p.$.p.F.....%|
+00000270 10 00 00 21 20 2f e5 7d a3 47 cd 62 43 15 28 da |...! /.}.G.bC.(.|
+00000280 ac 5f bb 29 07 30 ff f6 84 af c4 cf c2 ed 90 99 |._.).0..........|
+00000290 5f 58 cb 3b 74 16 03 03 00 88 0f 00 00 84 04 01 |_X.;t...........|
+000002a0 00 80 d5 bf 41 e0 65 7b 32 16 bb a3 92 48 f6 0e |....A.e{2....H..|
+000002b0 31 eb ca a2 b7 1c b3 3a b4 8f 91 0e 44 e8 9e ad |1......:....D...|
+000002c0 f7 71 4c 71 20 da 59 29 09 4f 0b 1e fb 92 c5 ce |.qLq .Y).O......|
+000002d0 7b a3 26 de 89 be f5 cc b6 be dc af 09 6a f9 a2 |{.&..........j..|
+000002e0 f0 65 5c 39 2d ad 2c 46 ce df 26 09 2e 99 5d 9e |.e\9-.,F..&...].|
+000002f0 58 2b cf 1f ed b5 1a 4b 21 0b d8 ec 14 fb bb f2 |X+.....K!.......|
+00000300 eb 41 9d 1c 6a 06 d8 38 b9 68 fc 1d 90 ad ff 9c |.A..j..8.h......|
+00000310 91 c1 4a ff b0 49 59 8a 0b 25 26 eb 28 b1 a5 f8 |..J..IY..%&.(...|
+00000320 0d 8e 14 03 03 00 01 01 16 03 03 00 28 00 00 00 |............(...|
+00000330 00 00 00 00 00 cd a4 31 83 38 57 c8 91 98 4c 6c |.......1.8W...Ll|
+00000340 76 c7 e1 d8 af f9 47 ee 45 75 f4 51 6c e5 7e da |v.....G.Eu.Ql.~.|
+00000350 00 0f da 44 49 |...DI|
>>> Flow 4 (server to client)
-00000000 14 03 03 00 01 01 16 03 03 00 28 31 96 46 0c 69 |..........(1.F.i|
-00000010 f0 46 54 dc 0f c7 1c c0 0f e2 b6 8b 53 71 66 94 |.FT.........Sqf.|
-00000020 f8 7b 82 7c 76 ab 8c c3 d0 a0 0a e9 03 e8 bf 4f |.{.|v..........O|
-00000030 c4 c5 84 |...|
+00000000 14 03 03 00 01 01 16 03 03 00 28 7f 1d 85 46 4c |..........(...FL|
+00000010 7f 93 d7 e3 c1 3f a7 71 69 16 90 9a a6 f8 9a 22 |.....?.qi......"|
+00000020 a5 8b 0e 6d 6a f2 08 7e 40 6d ba 87 74 e4 e6 1d |...mj..~@m..t...|
+00000030 ba 5e ff |.^.|
>>> Flow 5 (client to server)
-00000000 17 03 03 00 1e 00 00 00 00 00 00 00 01 3c 54 13 |.............<T.|
-00000010 1d 87 2b ee dc 4e 2d 29 69 0b ed 9a fe 6a 61 b7 |..+..N-)i....ja.|
-00000020 f0 db b1 15 03 03 00 1a 00 00 00 00 00 00 00 02 |................|
-00000030 86 bd af cd 8b 2f 42 92 67 dc 24 df 9c 01 fb 0f |...../B.g.$.....|
-00000040 92 a4 |..|
+00000000 17 03 03 00 1e 00 00 00 00 00 00 00 01 2a 5a a1 |.............*Z.|
+00000010 d5 31 ba 8b 9d 3f f1 54 e0 53 cf 84 70 3b f5 bf |.1...?.T.S..p;..|
+00000020 11 3c ad 15 03 03 00 1a 00 00 00 00 00 00 00 02 |.<..............|
+00000030 1b ad 23 3d 37 69 87 9d b5 60 f1 8a 13 d6 09 ab |..#=7i...`......|
+00000040 a4 9b |..|
generated by cgit v1.3 (git 2.53.0) at 2026-04-15 23:25:36 +0000