aboutsummaryrefslogtreecommitdiff
path: root/src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-RSAPSS
diff options
context:
space:
mode:
authorFilippo Valsorda <filippo@golang.org>2025-03-15 12:12:22 +0100
committerGopher Robot <gobot@golang.org>2025-05-21 14:18:04 -0700
commite90acc814de247f58330be1d8ba3b11c78c96077 (patch)
treea56fd0ac07eab3c8e1155da0b1d182ab151aa589 /src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-RSAPSS
parent33d3f603c19f46e6529483230465cd6f420ce23b (diff)
downloadgo-e90acc814de247f58330be1d8ba3b11c78c96077.tar.xz
crypto/tls: don't advertise TLS 1.2-only sigAlgs in TLS 1.3
If a ClientHello only supports TLS 1.3, or if a CertificateRequest is sent after selecting TLS 1.3, we should not advertise TLS 1.2-only signature_algorithms like PKCS#1 v1.5 or SHA-1. However, since crypto/x509 still supports PKCS#1 v1.5, and a direct CertPool match might not care about the signature in the certificate at all, start sending a separate signature_algorithms_cert extension to indicate support for PKCS#1 v1.5 and SHA-1 in certificates. We were already correctly rejecting these algorithms if the peer selected them in a TLS 1.3 connection. Updates #72883 Change-Id: I6a6a4656ab60e1b7fb20fdedc32604dc156953ae Reviewed-on: https://go-review.googlesource.com/c/go/+/658215 Reviewed-by: Roland Shoemaker <roland@golang.org> Reviewed-by: David Chase <drchase@google.com> Auto-Submit: Filippo Valsorda <filippo@golang.org> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
Diffstat (limited to 'src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-RSAPSS')
-rw-r--r--src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-RSAPSS90
1 files changed, 46 insertions, 44 deletions
diff --git a/src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-RSAPSS b/src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-RSAPSS
index b4c5102535..867ec87afa 100644
--- a/src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-RSAPSS
+++ b/src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-RSAPSS
@@ -1,5 +1,5 @@
>>> Flow 1 (client to server)
-00000000 16 03 01 00 fe 01 00 00 fa 03 03 00 00 00 00 00 |................|
+00000000 16 03 01 01 1c 01 00 01 18 03 03 00 00 00 00 00 |................|
00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....|
00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
@@ -7,21 +7,23 @@
00000050 cc a8 c0 2b c0 2f c0 2c c0 30 c0 09 c0 13 c0 0a |...+./.,.0......|
00000060 c0 14 00 9c 00 9d 00 2f 00 35 c0 12 00 0a c0 23 |......./.5.....#|
00000070 c0 27 00 3c c0 07 c0 11 00 05 13 03 13 01 13 02 |.'.<............|
-00000080 01 00 00 7f 00 0b 00 02 01 00 ff 01 00 01 00 00 |................|
+00000080 01 00 00 9d 00 0b 00 02 01 00 ff 01 00 01 00 00 |................|
00000090 17 00 00 00 12 00 00 00 05 00 05 01 00 00 00 00 |................|
000000a0 00 0a 00 0a 00 08 00 1d 00 17 00 18 00 19 00 0d |................|
000000b0 00 1a 00 18 08 04 04 03 08 07 08 05 08 06 04 01 |................|
-000000c0 05 01 06 01 05 03 06 03 02 01 02 03 00 2b 00 09 |.............+..|
-000000d0 08 03 04 03 03 03 02 03 01 00 33 00 26 00 24 00 |..........3.&.$.|
-000000e0 1d 00 20 2f e5 7d a3 47 cd 62 43 15 28 da ac 5f |.. /.}.G.bC.(.._|
-000000f0 bb 29 07 30 ff f6 84 af c4 cf c2 ed 90 99 5f 58 |.).0.........._X|
-00000100 cb 3b 74 |.;t|
+000000c0 05 01 06 01 05 03 06 03 02 01 02 03 00 32 00 1a |.............2..|
+000000d0 00 18 08 04 04 03 08 07 08 05 08 06 04 01 05 01 |................|
+000000e0 06 01 05 03 06 03 02 01 02 03 00 2b 00 09 08 03 |...........+....|
+000000f0 04 03 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 |........3.&.$...|
+00000100 20 2f e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 | /.}.G.bC.(.._.)|
+00000110 07 30 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b |.0.........._X.;|
+00000120 74 |t|
>>> Flow 2 (server to client)
-00000000 16 03 03 00 5d 02 00 00 59 03 03 0d 73 c5 43 a1 |....]...Y...s.C.|
-00000010 71 b6 21 da 7a f6 76 44 60 8a 84 ec 6b 1d 70 01 |q.!.z.vD`...k.p.|
-00000020 d8 b2 29 48 db 5d ea da ea 79 bb 20 3f b9 66 fe |..)H.]...y. ?.f.|
-00000030 73 db fc 90 18 3f ac e5 1f 5d 86 24 80 75 ec a3 |s....?...].$.u..|
-00000040 c6 aa e9 05 c1 47 21 bd 30 f6 41 43 c0 2f 00 00 |.....G!.0.AC./..|
+00000000 16 03 03 00 5d 02 00 00 59 03 03 97 c2 4c 45 c0 |....]...Y....LE.|
+00000010 22 6a 7d 71 93 1a 71 a7 e1 40 a5 44 5e 39 8a 3e |"j}q..q..@.D^9.>|
+00000020 99 04 1f e1 74 ad 3a 64 89 ad 93 20 61 76 9a e1 |....t.:d... av..|
+00000030 39 26 af 37 ad ea f2 9c 4c 2e 1b a2 18 0c 73 8e |9&.7....L.....s.|
+00000040 5b 8b f0 0f 44 04 80 31 5a 49 39 f0 c0 2f 00 00 |[...D..1ZI9../..|
00000050 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 17 |................|
00000060 00 00 16 03 03 02 66 0b 00 02 62 00 02 5f 00 02 |......f...b.._..|
00000070 5c 30 82 02 58 30 82 01 8d a0 03 02 01 02 02 11 |\0..X0..........|
@@ -62,17 +64,17 @@
000002a0 fa b1 3f 14 11 89 66 79 d1 8e 88 0e 0b a0 9e 30 |..?...fy.......0|
000002b0 2a c0 67 ef ca 46 02 88 e9 53 81 22 69 22 97 ad |*.g..F...S."i"..|
000002c0 80 93 d4 f7 dd 70 14 24 d7 70 0a 46 a1 16 03 03 |.....p.$.p.F....|
-000002d0 00 ac 0c 00 00 a8 03 00 1d 20 03 05 56 dd 40 c0 |......... ..V.@.|
-000002e0 b6 4d 5a df 26 e7 4a f1 a8 47 ef af 12 6e 5f 01 |.MZ.&.J..G...n_.|
-000002f0 2a 7a 19 1a 45 52 8c 47 d2 53 08 04 00 80 8a 6a |*z..ER.G.S.....j|
-00000300 9d 8b 38 73 da 92 bc f6 05 79 90 af 7a 43 59 62 |..8s.....y..zCYb|
-00000310 bc 97 b6 af ef ce 5f 59 07 81 93 bc c5 3c 5f f9 |......_Y.....<_.|
-00000320 4e 04 45 74 5e cc 7a 6f 82 7a cf 86 0d 68 c9 35 |N.Et^.zo.z...h.5|
-00000330 1d 62 f0 3c ee 77 b5 4c 3a 40 ec 89 fc 97 ff a6 |.b.<.w.L:@......|
-00000340 34 13 8b bc 6b 83 92 e8 52 c5 c6 42 c9 25 ad 37 |4...k...R..B.%.7|
-00000350 41 e7 5a 52 d8 0f 7d fd a8 9e 86 c6 1b b2 8b 50 |A.ZR..}........P|
-00000360 2a 1c 15 56 00 d8 a8 85 86 05 28 7f a1 3e ba f2 |*..V......(..>..|
-00000370 fe 92 07 c8 a4 4a 2a 5f d1 53 82 09 9c 65 16 03 |.....J*_.S...e..|
+000002d0 00 ac 0c 00 00 a8 03 00 1d 20 ae c6 bf 84 a5 c3 |......... ......|
+000002e0 05 6b fa 30 b0 ec b7 c2 ff ec 7d e4 b8 e0 f2 0f |.k.0......}.....|
+000002f0 3d 0e ef de 32 ad f2 6e 52 55 08 04 00 80 07 86 |=...2..nRU......|
+00000300 e1 b2 04 6e b2 43 09 df c9 20 35 11 3b 0f 10 61 |...n.C... 5.;..a|
+00000310 7e 67 cc 65 c6 60 80 c3 43 7d b8 1c 52 e3 09 af |~g.e.`..C}..R...|
+00000320 df 38 79 e1 ea 6d b4 6b bc 50 fe a8 6f 46 6f 9c |.8y..m.k.P..oFo.|
+00000330 40 1c 6f f2 e5 c6 d9 a4 db 72 24 4a 9c 57 e7 d6 |@.o......r$J.W..|
+00000340 91 91 5b 1b f1 40 f2 d9 58 a2 81 4c d7 be 20 d4 |..[..@..X..L.. .|
+00000350 12 4f 64 05 e5 ec ba 35 22 a7 fe df c9 ea b3 43 |.Od....5"......C|
+00000360 dc 47 29 98 eb c9 92 11 42 a0 80 a4 2a 2e 4d 47 |.G).....B...*.MG|
+00000370 73 9e 0f 13 37 79 92 ca db c4 84 db 05 4a 16 03 |s...7y.......J..|
00000380 03 00 0c 0d 00 00 08 01 01 00 02 08 04 00 00 16 |................|
00000390 03 03 00 04 0e 00 00 00 |........|
>>> Flow 3 (client to server)
@@ -118,26 +120,26 @@
00000270 10 00 00 21 20 2f e5 7d a3 47 cd 62 43 15 28 da |...! /.}.G.bC.(.|
00000280 ac 5f bb 29 07 30 ff f6 84 af c4 cf c2 ed 90 99 |._.).0..........|
00000290 5f 58 cb 3b 74 16 03 03 00 88 0f 00 00 84 08 04 |_X.;t...........|
-000002a0 00 80 2e 4c af b1 f2 9c de 14 92 81 c4 7d d1 2f |...L.........}./|
-000002b0 a3 ba ba df 6f 26 da 2d 86 b4 1f 60 cd fe e7 c1 |....o&.-...`....|
-000002c0 77 02 a5 58 3f 6a fc 1d ef 93 23 0a 9c c9 70 93 |w..X?j....#...p.|
-000002d0 f8 0c 67 fd 58 83 96 85 62 da 31 e7 a6 78 9f 1c |..g.X...b.1..x..|
-000002e0 dc 02 b3 b8 bc 05 26 92 e8 6a e7 3c db 5f 80 ee |......&..j.<._..|
-000002f0 12 75 ff e6 36 36 e6 75 c2 77 d9 63 ef 60 89 db |.u..66.u.w.c.`..|
-00000300 21 aa 27 85 11 9b 8c eb be a3 e3 34 0e 01 93 ca |!.'........4....|
-00000310 a6 65 e3 cd 0f b8 b5 c6 f0 d7 15 69 db 4b 57 d2 |.e.........i.KW.|
-00000320 05 0d 14 03 03 00 01 01 16 03 03 00 28 00 00 00 |............(...|
-00000330 00 00 00 00 00 b5 09 a0 c4 55 89 df 8a 60 83 f3 |.........U...`..|
-00000340 82 12 55 1d d5 50 11 81 74 0f cd b5 ed 9a 00 e7 |..U..P..t.......|
-00000350 58 f7 65 0e 8d |X.e..|
+000002a0 00 80 cb ab 63 1d e6 7e 16 22 27 8b e7 91 f4 5c |....c..~."'....\|
+000002b0 66 fc 70 eb f7 e6 9c 86 7c 62 30 1c 78 35 bf 09 |f.p.....|b0.x5..|
+000002c0 af d1 5b e3 55 45 98 8d 4c 16 8e 69 cb 8f 45 97 |..[.UE..L..i..E.|
+000002d0 6d c4 6a 25 2a 47 43 64 ac 52 12 bd f5 b9 c0 b0 |m.j%*GCd.R......|
+000002e0 51 38 e7 d4 c8 a2 9c 35 4b 5b ab 21 76 73 68 fe |Q8.....5K[.!vsh.|
+000002f0 d0 7a f2 95 3c 44 3b 55 b0 89 76 3e 42 e1 23 51 |.z..<D;U..v>B.#Q|
+00000300 29 92 3d 6a df 29 61 ee 52 f5 78 71 97 13 d6 09 |).=j.)a.R.xq....|
+00000310 ff 08 7a 5f 9d 20 49 83 2e 84 82 ba 08 69 db ae |..z_. I......i..|
+00000320 e2 1b 14 03 03 00 01 01 16 03 03 00 28 00 00 00 |............(...|
+00000330 00 00 00 00 00 6a ff 4b 3d c1 06 20 69 ed f0 a8 |.....j.K=.. i...|
+00000340 7c ec a7 f8 cc 8e a6 de 2d 5e 50 f7 b2 28 9e 97 ||.......-^P..(..|
+00000350 27 35 c3 67 72 |'5.gr|
>>> Flow 4 (server to client)
-00000000 14 03 03 00 01 01 16 03 03 00 28 3f eb 87 50 b0 |..........(?..P.|
-00000010 ae c2 fd 68 30 95 94 61 1c 78 1e 60 3e 38 17 ef |...h0..a.x.`>8..|
-00000020 ed 9b f1 10 26 5e 53 a3 8c 46 2e 6c 24 b2 ab a7 |....&^S..F.l$...|
-00000030 6c f0 ea |l..|
+00000000 14 03 03 00 01 01 16 03 03 00 28 e3 2f c4 66 7e |..........(./.f~|
+00000010 8f bf 41 2e 56 f3 d1 76 63 f8 c0 b1 86 50 98 a0 |..A.V..vc....P..|
+00000020 63 c0 c9 23 68 c5 7c f7 08 17 0a 62 78 a8 3d 86 |c..#h.|....bx.=.|
+00000030 5c 1a c6 |\..|
>>> Flow 5 (client to server)
-00000000 17 03 03 00 1e 00 00 00 00 00 00 00 01 fe de 40 |...............@|
-00000010 52 50 79 da 5f 31 52 52 d8 96 04 35 86 92 03 0b |RPy._1RR...5....|
-00000020 6f 5f 04 15 03 03 00 1a 00 00 00 00 00 00 00 02 |o_..............|
-00000030 9c 85 24 b0 a9 17 24 cf 18 f6 ef f5 0d c6 77 6d |..$...$.......wm|
-00000040 e0 b2 |..|
+00000000 17 03 03 00 1e 00 00 00 00 00 00 00 01 e9 51 91 |..............Q.|
+00000010 f5 cb 2d b9 5e cb b3 52 14 7c e8 18 8f fe b6 ee |..-.^..R.|......|
+00000020 7a 41 90 15 03 03 00 1a 00 00 00 00 00 00 00 02 |zA..............|
+00000030 d3 5f c1 e2 f5 12 40 c0 4c 1d ab ef 16 3a af 19 |._....@.L....:..|
+00000040 30 59 |0Y|
generated by cgit v1.3-5-g9baa (git 2.53.0) at 2026-04-17 11:38:58 +0000