From e90acc814de247f58330be1d8ba3b11c78c96077 Mon Sep 17 00:00:00 2001
From: Filippo Valsorda <filippo@golang.org>
Date: Sat, 15 Mar 2025 12:12:22 +0100
Subject: crypto/tls: don't advertise TLS 1.2-only sigAlgs in TLS 1.3

If a ClientHello only supports TLS 1.3, or if a CertificateRequest is
sent after selecting TLS 1.3, we should not advertise TLS 1.2-only
signature_algorithms like PKCS#1 v1.5 or SHA-1.

However, since crypto/x509 still supports PKCS#1 v1.5, and a direct
CertPool match might not care about the signature in the certificate at
all, start sending a separate signature_algorithms_cert extension to
indicate support for PKCS#1 v1.5 and SHA-1 in certificates.

We were already correctly rejecting these algorithms if the peer
selected them in a TLS 1.3 connection.

Updates #72883

Change-Id: I6a6a4656ab60e1b7fb20fdedc32604dc156953ae
Reviewed-on: https://go-review.googlesource.com/c/go/+/658215
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: David Chase <drchase@google.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
---
 .../tls/testdata/Client-TLSv12-ClientCert-RSA-RSA  | 92 +++++++++++-----------
 1 file changed, 47 insertions(+), 45 deletions(-)

(limited to 'src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-RSA')

diff --git a/src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-RSA b/src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-RSA
index 25fc245b65..2dd00ba602 100644
--- a/src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-RSA
+++ b/src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-RSA
@@ -1,5 +1,5 @@
 >>> Flow 1 (client to server)
-00000000  16 03 01 00 fe 01 00 00  fa 03 03 00 00 00 00 00  |................|
+00000000  16 03 01 01 1c 01 00 01  18 03 03 00 00 00 00 00  |................|
 00000010  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
 00000020  00 00 00 00 00 00 00 00  00 00 00 20 00 00 00 00  |........... ....|
 00000030  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
@@ -7,21 +7,23 @@
 00000050  cc a8 c0 2b c0 2f c0 2c  c0 30 c0 09 c0 13 c0 0a  |...+./.,.0......|
 00000060  c0 14 00 9c 00 9d 00 2f  00 35 c0 12 00 0a c0 23  |......./.5.....#|
 00000070  c0 27 00 3c c0 07 c0 11  00 05 13 03 13 01 13 02  |.'.<............|
-00000080  01 00 00 7f 00 0b 00 02  01 00 ff 01 00 01 00 00  |................|
+00000080  01 00 00 9d 00 0b 00 02  01 00 ff 01 00 01 00 00  |................|
 00000090  17 00 00 00 12 00 00 00  05 00 05 01 00 00 00 00  |................|
 000000a0  00 0a 00 0a 00 08 00 1d  00 17 00 18 00 19 00 0d  |................|
 000000b0  00 1a 00 18 08 04 04 03  08 07 08 05 08 06 04 01  |................|
-000000c0  05 01 06 01 05 03 06 03  02 01 02 03 00 2b 00 09  |.............+..|
-000000d0  08 03 04 03 03 03 02 03  01 00 33 00 26 00 24 00  |..........3.&.$.|
-000000e0  1d 00 20 2f e5 7d a3 47  cd 62 43 15 28 da ac 5f  |.. /.}.G.bC.(.._|
-000000f0  bb 29 07 30 ff f6 84 af  c4 cf c2 ed 90 99 5f 58  |.).0.........._X|
-00000100  cb 3b 74                                          |.;t|
+000000c0  05 01 06 01 05 03 06 03  02 01 02 03 00 32 00 1a  |.............2..|
+000000d0  00 18 08 04 04 03 08 07  08 05 08 06 04 01 05 01  |................|
+000000e0  06 01 05 03 06 03 02 01  02 03 00 2b 00 09 08 03  |...........+....|
+000000f0  04 03 03 03 02 03 01 00  33 00 26 00 24 00 1d 00  |........3.&.$...|
+00000100  20 2f e5 7d a3 47 cd 62  43 15 28 da ac 5f bb 29  | /.}.G.bC.(.._.)|
+00000110  07 30 ff f6 84 af c4 cf  c2 ed 90 99 5f 58 cb 3b  |.0.........._X.;|
+00000120  74                                                |t|
 >>> Flow 2 (server to client)
-00000000  16 03 03 00 5d 02 00 00  59 03 03 5f da ab 10 86  |....]...Y.._....|
-00000010  4c 91 60 4c ec 28 20 d4  37 84 c4 d0 87 bb 9d a9  |L.`L.( .7.......|
-00000020  5a c0 86 81 d9 91 38 5a  ef 3f ae 20 ec 14 b6 de  |Z.....8Z.?. ....|
-00000030  b7 cf 59 09 43 dc 59 3f  74 89 10 f2 82 ea 60 46  |..Y.C.Y?t.....`F|
-00000040  8f a3 6a 0f 61 0f 2d 66  24 c3 fb 7f c0 2f 00 00  |..j.a.-f$..../..|
+00000000  16 03 03 00 5d 02 00 00  59 03 03 df 59 a1 48 61  |....]...Y...Y.Ha|
+00000010  ef db cd 29 5f 9b 90 e4  d9 6d db 10 98 ae 69 b8  |...)_....m....i.|
+00000020  97 ed 8f 57 24 42 16 32  0a b0 b1 20 79 b3 fc 90  |...W$B.2... y...|
+00000030  63 58 4b ab 45 d8 e9 39  7c 11 20 09 33 db b5 4c  |cXK.E..9|. .3..L|
+00000040  2c e2 d6 39 63 fe 74 d5  59 18 5c 7d c0 2f 00 00  |,..9c.t.Y.\}./..|
 00000050  11 ff 01 00 01 00 00 0b  00 04 03 00 01 02 00 17  |................|
 00000060  00 00 16 03 03 02 59 0b  00 02 55 00 02 52 00 02  |......Y...U..R..|
 00000070  4f 30 82 02 4b 30 82 01  b4 a0 03 02 01 02 02 09  |O0..K0..........|
@@ -61,18 +63,18 @@
 00000290  73 bb b3 43 77 8d 0c 1c  f1 0f a1 d8 40 83 61 c9  |s..Cw.......@.a.|
 000002a0  4c 72 2b 9d ae db 46 06  06 4d f4 c1 b3 3e c0 d1  |Lr+...F..M...>..|
 000002b0  bd 42 d4 db fe 3d 13 60  84 5c 21 d3 3b e9 fa e7  |.B...=.`.\!.;...|
-000002c0  16 03 03 00 ac 0c 00 00  a8 03 00 1d 20 2c c4 b9  |............ ,..|
-000002d0  13 19 85 99 cb 09 f3 5c  3a a1 b2 16 ee 77 6a cd  |.......\:....wj.|
-000002e0  23 6c 08 00 7e 6b c0 67  a8 cd 8b 62 64 08 04 00  |#l..~k.g...bd...|
-000002f0  80 90 74 bf ce f7 94 f1  94 b1 95 04 4a ab d6 08  |..t.........J...|
-00000300  23 11 8d ce 4e 7b 36 ee  67 d2 26 af 11 0e 33 58  |#...N{6.g.&...3X|
-00000310  12 cb e5 3b 5b 5c f3 d1  82 19 2e 55 6b 98 05 6e  |...;[\.....Uk..n|
-00000320  3c 5e 04 f5 3e df 76 c3  e5 46 e7 a6 bb f7 d4 d5  |<^..>.v..F......|
-00000330  e8 fd 20 d3 ce 3e 9d a0  90 9a 10 52 a7 04 c9 e9  |.. ..>.....R....|
-00000340  28 6f 3f ff e1 0a 10 d0  25 04 ea e4 84 4c b7 80  |(o?.....%....L..|
-00000350  e4 fe a7 a6 da db cc b0  e0 62 80 10 fc 03 16 94  |.........b......|
-00000360  f2 dd 0d 3f aa 11 45 af  e3 e4 7b e6 bc d6 75 91  |...?..E...{...u.|
-00000370  99 16 03 03 00 3a 0d 00  00 36 03 01 02 40 00 2e  |.....:...6...@..|
+000002c0  16 03 03 00 ac 0c 00 00  a8 03 00 1d 20 12 4b 94  |............ .K.|
+000002d0  2b 4a d0 b5 0f ca 87 05  7f 56 c3 11 b0 83 01 27  |+J.......V.....'|
+000002e0  68 a2 dd 63 b6 9b ff e5  48 7e af dd 0f 08 04 00  |h..c....H~......|
+000002f0  80 38 6f 01 25 4e 51 f1  8d 6c 89 4b 85 85 1d cd  |.8o.%NQ..l.K....|
+00000300  63 21 5e 89 d5 04 ac 81  cf 42 3c 6f df f1 53 ac  |c!^......B<o..S.|
+00000310  e3 54 28 a3 9f 06 76 96  9c 64 c7 22 55 14 2e 48  |.T(...v..d."U..H|
+00000320  7e d3 97 9a 35 b8 cf 1c  b8 a0 f2 b1 da 2f 0f a4  |~...5......../..|
+00000330  07 44 43 a8 01 67 a8 94  8d 8e 7a 60 91 48 d0 c7  |.DC..g....z`.H..|
+00000340  b5 c9 c8 ad df b0 33 cd  4a 37 75 ef 65 56 4b fd  |......3.J7u.eVK.|
+00000350  23 e7 b7 d3 3b fc 14 4e  b0 32 9b d3 cb e1 cd 4e  |#...;..N.2.....N|
+00000360  93 0e 01 cf 54 95 af e5  29 1f 8d 07 42 0f 29 67  |....T...)...B.)g|
+00000370  6d 16 03 03 00 3a 0d 00  00 36 03 01 02 40 00 2e  |m....:...6...@..|
 00000380  04 03 05 03 06 03 08 07  08 08 08 09 08 0a 08 0b  |................|
 00000390  08 04 08 05 08 06 04 01  05 01 06 01 03 03 02 03  |................|
 000003a0  03 01 02 01 03 02 02 02  04 02 05 02 06 02 00 00  |................|
@@ -113,26 +115,26 @@
 00000200  e5 35 16 03 03 00 25 10  00 00 21 20 2f e5 7d a3  |.5....%...! /.}.|
 00000210  47 cd 62 43 15 28 da ac  5f bb 29 07 30 ff f6 84  |G.bC.(.._.).0...|
 00000220  af c4 cf c2 ed 90 99 5f  58 cb 3b 74 16 03 03 00  |......._X.;t....|
-00000230  88 0f 00 00 84 08 04 00  80 4d c1 8a 3d 2b 1f a0  |.........M..=+..|
-00000240  ad 6f 1c b6 44 7c cc 0d  21 6f e8 31 51 58 51 fe  |.o..D|..!o.1QXQ.|
-00000250  84 f3 41 40 12 48 29 0d  20 16 d1 6a 4b 38 0b c8  |..A@.H). ..jK8..|
-00000260  b3 70 3f 4a ca 17 da 05  30 ec 6c 4f 55 e2 ee e5  |.p?J....0.lOU...|
-00000270  9a 8c a7 9f c1 96 79 cf  53 b6 67 c8 cb 67 d3 23  |......y.S.g..g.#|
-00000280  07 8a 3f ef df e5 e6 84  f6 5f 5e 23 57 89 cc 77  |..?......_^#W..w|
-00000290  99 ed 3d 58 8a ec eb bb  64 62 d1 44 7f b6 45 85  |..=X....db.D..E.|
-000002a0  89 06 90 56 48 98 8a 43  93 64 53 df 3a 8c b3 93  |...VH..C.dS.:...|
-000002b0  91 81 7b 60 95 8f 99 99  eb 14 03 03 00 01 01 16  |..{`............|
-000002c0  03 03 00 28 00 00 00 00  00 00 00 00 dd 93 96 02  |...(............|
-000002d0  47 0e 1d 2f 6a 76 12 e5  56 53 8f 7f c1 cd f3 5e  |G../jv..VS.....^|
-000002e0  3c 94 35 1b fe d5 33 97  b2 5b a3 29              |<.5...3..[.)|
+00000230  88 0f 00 00 84 08 04 00  80 a5 81 a8 8a ed 68 25  |..............h%|
+00000240  5d 82 da 0f dc 93 20 56  34 c1 a0 62 0a a7 fb a5  |]..... V4..b....|
+00000250  58 07 79 b0 45 17 2d 13  99 9f 6c dc 53 9e 1c e2  |X.y.E.-...l.S...|
+00000260  1d 9b a3 bb 69 af 58 33  e1 31 d7 72 f4 86 1d 66  |....i.X3.1.r...f|
+00000270  55 a8 c9 77 5b 57 c5 86  74 a0 c9 25 a9 cc 2e da  |U..w[W..t..%....|
+00000280  26 17 6e bb 34 5b 49 94  0e 05 db b4 05 a4 65 22  |&.n.4[I.......e"|
+00000290  98 8c 91 ae d6 1c 89 f4  df 63 8b 45 17 05 0c 50  |.........c.E...P|
+000002a0  c0 1d 5e 75 67 c5 be 32  9d f0 4c a5 85 91 f6 f0  |..^ug..2..L.....|
+000002b0  8d 58 11 61 85 7b 5c e4  7e 14 03 03 00 01 01 16  |.X.a.{\.~.......|
+000002c0  03 03 00 28 00 00 00 00  00 00 00 00 30 27 fd 36  |...(........0'.6|
+000002d0  e0 91 2d 1d d7 4a 38 d2  73 5c 5d 4c b2 27 42 cf  |..-..J8.s\]L.'B.|
+000002e0  df 0d 33 ee 49 18 36 f3  bd c6 ee a8              |..3.I.6.....|
 >>> Flow 4 (server to client)
-00000000  14 03 03 00 01 01 16 03  03 00 28 de 60 8a ea b5  |..........(.`...|
-00000010  74 66 35 35 39 bb 62 ab  17 7d 91 c3 1a 5a e5 6c  |tf559.b..}...Z.l|
-00000020  49 14 c8 bc bd d6 b6 7e  2f 8e d4 40 5a ae ee 89  |I......~/..@Z...|
-00000030  89 ae af                                          |...|
+00000000  14 03 03 00 01 01 16 03  03 00 28 30 5f 74 39 bb  |..........(0_t9.|
+00000010  c8 00 8c d7 bd 74 ce 43  62 ea 08 0f ba b4 88 74  |.....t.Cb......t|
+00000020  d3 31 c9 3c a6 3a 92 14  75 44 95 ee c0 a9 ef 75  |.1.<.:..uD.....u|
+00000030  40 25 5f                                          |@%_|
 >>> Flow 5 (client to server)
-00000000  17 03 03 00 1e 00 00 00  00 00 00 00 01 3c 92 2d  |.............<.-|
-00000010  44 23 5b eb 34 dc 9a 4d  c2 fe a7 88 cb 6f 8d 62  |D#[.4..M.....o.b|
-00000020  4b 2a bf 15 03 03 00 1a  00 00 00 00 00 00 00 02  |K*..............|
-00000030  90 82 82 54 5d 63 6e 8b  50 71 6e e8 fd 75 96 9e  |...T]cn.Pqn..u..|
-00000040  d0 0d                                             |..|
+00000000  17 03 03 00 1e 00 00 00  00 00 00 00 01 f9 d9 d3  |................|
+00000010  ee ec ec 6e 8d 0d dd 62  f3 e1 19 0f f4 24 06 46  |...n...b.....$.F|
+00000020  76 7d 78 15 03 03 00 1a  00 00 00 00 00 00 00 02  |v}x.............|
+00000030  ce 6a 05 27 af 9a 3d 09  27 70 dc c2 4c 8a a5 ab  |.j.'..=.'p..L...|
+00000040  47 d4                                             |G.|
-- 
cgit v1.3