crypto/tls: make cipher suite preference ordering automatic

We now have a (well, two, depending on AES hardware support) universal cipher suite preference order, based on their security and performance. Peer and application lists are now treated as filters (and AES hardware support hints) that are applied to this universal order. This removes a complex and nuanced decision from the application's responsibilities, one which we are better equipped to make and which applications usually don't need to have an opinion about. It also lets us worry less about what suites we support or enable, because we can be confident that bad ones won't be selected over good ones. This also moves 3DES suites to InsecureCipherSuites(), even if they are not disabled by default. Just because we can keep them as a last resort it doesn't mean they are secure. Thankfully we had not promised that Insecure means disabled by default. Notable test changes: - TestCipherSuiteCertPreferenceECDSA was testing that we'd pick the right certificate regardless of CipherSuite ordering, which is now completely ignored, as tested by TestCipherSuitePreference. Removed. - The openssl command of TestHandshakeServerExportKeyingMaterial was broken for TLS 1.0 in CL 262857, but its golden file was not regenerated, so the test kept passing. It now broke because the selected suite from the ones in the golden file changed. - In TestAESCipherReordering, "server strongly prefers AES-GCM" is removed because there is no way for a server to express a strong preference anymore; "client prefers AES-GCM and AES-CBC over ChaCha" switched to ChaCha20 when the server lacks AES hardware; and finally "client supports multiple AES-GCM" changed to always prefer AES-128 per the universal preference list. * this is going back on an explicit decision from CL 262857, and while that client order is weird and does suggest a strong dislike for ChaCha20, we have a strong dislike for software AES, so it didn't feel worth making the logic more complex - All Client-* golden files had to be regenerated because the ClientHello cipher suites have changed. (Even when Config.CipherSuites was limited to one suite, the TLS 1.3 default order changed.) Fixes #45430 Fixes #41476 (as 3DES is now always the last resort) Change-Id: If5f5d356c0f8d1f1c7542fb06644a478d6bad1e5 Reviewed-on: https://go-review.googlesource.com/c/go/+/314609 Run-TryBot: Filippo Valsorda <filippo@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org> Trust: Filippo Valsorda <filippo@golang.org>
author: Filippo Valsorda <filippo@golang.org> 2021-04-28 01:37:09 -0400
committer: Filippo Valsorda <filippo@golang.org> 2021-05-08 05:15:48 +0000
commit: 9d0819b27ca248f9949e7cf6bf7cb9fe7cf574e8 (patch)
tree: dc56e40409a868107d6234be12d8a1c1bfb0d30f /src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-RSAPSS
parent: 02ce4118219dc51a14680a0c5fa24cf6e73deeed (diff)
download: go-9d0819b27ca248f9949e7cf6bf7cb9fe7cf574e8.tar.xz
1 files changed, 41 insertions, 41 deletions
diff --git a/src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-RSAPSS b/src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-RSAPSS
index 3f740807f6..de05fec53e 100644
--- a/src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-RSAPSS
+++ b/src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-RSAPSS
@@ -3,10 +3,10 @@
 00000010  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
 00000020  00 00 00 00 00 00 00 00  00 00 00 20 00 00 00 00  |........... ....|
 00000030  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
-00000040  00 00 00 00 00 00 00 00  00 00 00 00 00 32 cc a8  |.............2..|
-00000050  cc a9 c0 2f c0 2b c0 30  c0 2c c0 27 c0 13 c0 23  |.../.+.0.,.'...#|
-00000060  c0 09 c0 14 c0 0a 00 9c  00 9d 00 3c 00 2f 00 35  |...........<./.5|
-00000070  c0 12 00 0a 00 05 c0 11  c0 07 13 01 13 03 13 02  |................|
+00000040  00 00 00 00 00 00 00 00  00 00 00 00 00 32 cc a9  |.............2..|
+00000050  cc a8 c0 2b c0 2f c0 2c  c0 30 c0 09 c0 13 c0 0a  |...+./.,.0......|
+00000060  c0 14 00 9c 00 9d 00 2f  00 35 c0 12 00 0a c0 23  |......./.5.....#|
+00000070  c0 27 00 3c c0 07 c0 11  00 05 13 03 13 01 13 02  |.'.<............|
 00000080  01 00 00 7b 00 05 00 05  01 00 00 00 00 00 0a 00  |...{............|
 00000090  0a 00 08 00 1d 00 17 00  18 00 19 00 0b 00 02 01  |................|
 000000a0  00 00 0d 00 1a 00 18 08  04 04 03 08 07 08 05 08  |................|
@@ -16,11 +16,11 @@
 000000e0  e5 7d a3 47 cd 62 43 15  28 da ac 5f bb 29 07 30  |.}.G.bC.(.._.).0|
 000000f0  ff f6 84 af c4 cf c2 ed  90 99 5f 58 cb 3b 74     |.........._X.;t|
 >>> Flow 2 (server to client)
-00000000  16 03 03 00 59 02 00 00  55 03 03 29 bc e2 fe ae  |....Y...U..)....|
-00000010  0a db 37 e6 39 d5 48 24  3d 0f e5 d7 6b a3 69 dd  |..7.9.H$=...k.i.|
-00000020  ce 09 fd 28 03 c2 7e 38  db c9 ec 20 d2 5e 3f 94  |...(..~8... .^?.|
-00000030  b0 2c 5e 4c 77 c2 94 c3  f2 a9 d0 91 4f 96 45 0e  |.,^Lw.......O.E.|
-00000040  d3 34 fc 9f e0 a5 e6 fc  1e 8a c1 00 c0 2f 00 00  |.4.........../..|
+00000000  16 03 03 00 59 02 00 00  55 03 03 61 fe 1e 35 33  |....Y...U..a..53|
+00000010  4b b4 dd 9b 0f 55 58 f4  0c c5 b2 73 51 7b 84 e7  |K....UX....sQ{..|
+00000020  25 f7 8f 12 5a 12 11 e1  7b e6 52 20 ad 86 a9 f9  |%...Z...{.R ....|
+00000030  7f 6a 30 da 79 23 c3 c4  dc 88 f6 19 1d cc 16 8b  |.j0.y#..........|
+00000040  96 74 84 ce 53 56 65 e2  cb 94 61 0c c0 2f 00 00  |.t..SVe...a../..|
 00000050  0d ff 01 00 01 00 00 0b  00 04 03 00 01 02 16 03  |................|
 00000060  03 02 66 0b 00 02 62 00  02 5f 00 02 5c 30 82 02  |..f...b.._..\0..|
 00000070  58 30 82 01 8d a0 03 02  01 02 02 11 00 f2 99 26  |X0.............&|
@@ -61,17 +61,17 @@
 000002a0  11 89 66 79 d1 8e 88 0e  0b a0 9e 30 2a c0 67 ef  |..fy.......0*.g.|
 000002b0  ca 46 02 88 e9 53 81 22  69 22 97 ad 80 93 d4 f7  |.F...S."i"......|
 000002c0  dd 70 14 24 d7 70 0a 46  a1 16 03 03 00 ac 0c 00  |.p.$.p.F........|
-000002d0  00 a8 03 00 1d 20 9e e4  39 3a b3 d5 f9 51 16 d4  |..... ..9:...Q..|
-000002e0  a8 e1 0a 6d ad 3c ca 01  97 d6 a1 ce 03 2a 67 4a  |...m.<.......*gJ|
-000002f0  49 06 eb ed c6 24 08 04  00 80 b3 b7 9e fd 97 9b  |I....$..........|
-00000300  b0 d6 35 89 21 53 ff a8  4b 59 59 26 37 ac 2f 36  |..5.!S..KYY&7./6|
-00000310  27 3d 5a 04 3f 50 ed 36  e0 5f 1a d7 1b 36 47 94  |'=Z.?P.6._...6G.|
-00000320  45 ec 8c 0b 8f 0f fc df  ec 3c 56 f0 d0 28 45 94  |E........<V..(E.|
-00000330  96 c7 35 bb 42 31 a6 6e  eb 27 cf cf 7e 21 cf 2f  |..5.B1.n.'..~!./|
-00000340  a1 90 5d 2b 32 23 b3 de  40 a7 b6 56 c1 73 29 56  |..]+2#..@..V.s)V|
-00000350  3d 73 fe 34 b2 0b 58 97  16 e6 a1 1c 47 0e 24 a7  |=s.4..X.....G.$.|
-00000360  0d c9 a0 51 70 82 b1 d1  a6 a1 bc b4 49 77 c4 c4  |...Qp.......Iw..|
-00000370  87 ae c8 49 e6 80 ae d0  dd ca 16 03 03 00 0c 0d  |...I............|
+000002d0  00 a8 03 00 1d 20 e0 90  02 58 37 69 79 d6 78 e5  |..... ...X7iy.x.|
+000002e0  1d c6 7e a0 c6 38 1b ff  47 72 d6 c2 52 cb 6c 52  |..~..8..Gr..R.lR|
+000002f0  36 7e 03 c3 35 1d 08 04  00 80 79 5f 23 fd b1 ee  |6~..5.....y_#...|
+00000300  ac 62 c8 72 09 52 1f 9a  0f ac 95 3e 4e e4 97 d2  |.b.r.R.....>N...|
+00000310  a3 04 ae 19 3f 25 ad 3e  b7 78 1f d9 79 5f c8 26  |....?%.>.x..y_.&|
+00000320  f0 26 e5 ee 54 46 4a 05  84 15 01 4f 7a 7e 60 bd  |.&..TFJ....Oz~`.|
+00000330  86 74 78 d7 7c 86 91 2b  4f 76 b6 aa 78 27 c8 21  |.tx.|..+Ov..x'.!|
+00000340  7e df 88 2f 26 f0 9d 3c  a2 e8 95 f6 9f 5a a4 5e  |~../&..<.....Z.^|
+00000350  18 dc cd 0d 70 e8 85 b7  e5 57 f6 c2 f4 33 28 1c  |....p....W...3(.|
+00000360  58 7b 94 b0 9e ee d8 b3  42 b5 f3 63 78 a1 30 f3  |X{......B..cx.0.|
+00000370  f7 e4 5e 72 64 6f 80 32  70 4e 16 03 03 00 0c 0d  |..^rdo.2pN......|
 00000380  00 00 08 01 01 00 02 08  04 00 00 16 03 03 00 04  |................|
 00000390  0e 00 00 00                                       |....|
 >>> Flow 3 (client to server)
@@ -117,26 +117,26 @@
 00000270  10 00 00 21 20 2f e5 7d  a3 47 cd 62 43 15 28 da  |...! /.}.G.bC.(.|
 00000280  ac 5f bb 29 07 30 ff f6  84 af c4 cf c2 ed 90 99  |._.).0..........|
 00000290  5f 58 cb 3b 74 16 03 03  00 88 0f 00 00 84 08 04  |_X.;t...........|
-000002a0  00 80 a6 6b 99 15 5e 97  33 4f a8 0e 59 af 15 22  |...k..^.3O..Y.."|
-000002b0  f3 6e be 02 6e e4 20 d5  81 c0 b4 74 5a e2 20 32  |.n..n. ....tZ. 2|
-000002c0  2b 7f 9c e6 94 32 4d 30  bf 93 86 9b 75 4d f1 9f  |+....2M0....uM..|
-000002d0  e4 48 28 00 27 fa 7c 45  2e fe d7 0b dc 03 c4 6b  |.H(.'.|E.......k|
-000002e0  42 ad a2 32 d7 9d ea d6  52 05 3f ed 87 fd b9 9d  |B..2....R.?.....|
-000002f0  58 fd d6 9f 28 6d 45 07  de 5b 4a 8e f4 4d 19 0b  |X...(mE..[J..M..|
-00000300  cf 4e 64 75 73 ae cd e9  ae f9 af 27 d0 b9 eb 4c  |.Ndus......'...L|
-00000310  98 ad 66 6d 4e bf 2c 39  87 f3 72 3e 4e bc a1 8f  |..fmN.,9..r>N...|
-00000320  a8 1e 14 03 03 00 01 01  16 03 03 00 28 00 00 00  |............(...|
-00000330  00 00 00 00 00 04 3c cc  ae cd 19 52 6b 1e 0e cc  |......<....Rk...|
-00000340  dd a9 ac 2f 2a c6 94 4c  09 f3 ee 2f b5 5a 13 1e  |.../*..L.../.Z..|
-00000350  4f 54 a0 ae c2                                    |OT...|
+000002a0  00 80 b2 c4 60 82 75 ca  be 40 dc 28 ec 6d 14 6f  |....`.u..@.(.m.o|
+000002b0  6c 88 ca 9a d7 ae ce 94  26 a7 10 ad d8 c3 b9 a6  |l.......&.......|
+000002c0  48 4e 01 7d ee 6e f8 e0  15 d9 72 c4 79 8d ac 25  |HN.}.n....r.y..%|
+000002d0  37 29 83 fc e6 f1 2e 4f  76 49 6a 36 b9 1e b4 58  |7).....OvIj6...X|
+000002e0  a2 3e f7 ff 96 5e d9 17  f2 40 05 1f ec bb 5b f5  |.>...^...@....[.|
+000002f0  28 86 d2 fc 0e 7e 70 3a  3d 90 4c 46 a5 3e bc 57  |(....~p:=.LF.>.W|
+00000300  24 4c ee 35 23 99 6f 21  12 db ba d8 3a 5f 37 1f  |$L.5#.o!....:_7.|
+00000310  da 3d c2 c9 bf b6 11 8b  b9 b9 43 0b 52 ff 6d 2a  |.=........C.R.m*|
+00000320  74 a7 14 03 03 00 01 01  16 03 03 00 28 00 00 00  |t...........(...|
+00000330  00 00 00 00 00 34 bd 90  a0 3f 1c 0c 11 5c 8a e4  |.....4...?...\..|
+00000340  28 82 c4 57 59 73 fd a4  dc a9 91 4b df 2a c6 b5  |(..WYs.....K.*..|
+00000350  f0 6e cf 41 70                                    |.n.Ap|
 >>> Flow 4 (server to client)
-00000000  14 03 03 00 01 01 16 03  03 00 28 6d 44 cb 35 8b  |..........(mD.5.|
-00000010  15 5c f9 f8 1e ae 4f 8c  8c d9 90 9e 6c cf 13 f6  |.\....O.....l...|
-00000020  12 29 f5 f7 d6 ff da e2  48 7d 68 ec ad 1a 6c 39  |.)......H}h...l9|
-00000030  c5 77 6c                                          |.wl|
+00000000  14 03 03 00 01 01 16 03  03 00 28 e2 44 81 59 e4  |..........(.D.Y.|
+00000010  6c cf e2 e7 04 78 61 02  36 29 2c 5c c4 6f 13 0b  |l....xa.6),\.o..|
+00000020  29 ba 74 b0 13 e8 8f 67  39 b5 ea d1 9d 99 d2 f6  |).t....g9.......|
+00000030  f7 32 be                                          |.2.|
 >>> Flow 5 (client to server)
-00000000  17 03 03 00 1e 00 00 00  00 00 00 00 01 2a ce da  |.............*..|
-00000010  11 1c 7d 49 0d aa 44 d4  d6 d4 7f 64 2b 49 47 20  |..}I..D....d+IG |
-00000020  5a 21 bb 15 03 03 00 1a  00 00 00 00 00 00 00 02  |Z!..............|
-00000030  fc 10 75 a7 22 f9 74 1c  3a d2 b2 a8 04 2d 37 5f  |..u.".t.:....-7_|
-00000040  c2 76                                             |.v|
+00000000  17 03 03 00 1e 00 00 00  00 00 00 00 01 5c 7b 38  |.............\{8|
+00000010  46 af 57 57 05 5a c5 cb  83 f3 fd 17 d4 c3 2e 93  |F.WW.Z..........|
+00000020  d7 70 52 15 03 03 00 1a  00 00 00 00 00 00 00 02  |.pR.............|
+00000030  df 2b d8 62 ec 97 c6 ab  be d4 7f c9 91 f4 fe 55  |.+.b...........U|
+00000040  ac bd                                             |..|
author	Filippo Valsorda <filippo@golang.org>	2021-04-28 01:37:09 -0400
committer	Filippo Valsorda <filippo@golang.org>	2021-05-08 05:15:48 +0000
commit	9d0819b27ca248f9949e7cf6bf7cb9fe7cf574e8 (patch)
tree	dc56e40409a868107d6234be12d8a1c1bfb0d30f /src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-RSAPSS
parent	02ce4118219dc51a14680a0c5fa24cf6e73deeed (diff)
download	go-9d0819b27ca248f9949e7cf6bf7cb9fe7cf574e8.tar.xz