From 9f39a43e0d728721d5a9e2586ce47a57585591c5 Mon Sep 17 00:00:00 2001
From: Roland Shoemaker <rolandshoemaker@gmail.com>
Date: Thu, 15 Oct 2020 18:32:20 -0700
Subject: crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware
 support

When either the server or client are lacking hardware support for
AES-GCM ciphers, indicated by the server lacking the relevant
instructions and by the client not putting AES-GCM ciphers at the top
of its preference list, reorder the preference list to de-prioritize
AES-GCM based ciphers when they are adjacent to other AEAD ciphers.

Also updates a number of recorded openssl TLS tests which previously
only specified TLS 1.2 cipher preferences (using -cipher), but not
TLS 1.3 cipher preferences (using -ciphersuites), to specify both
preferences, making these tests more predictable.

Fixes #41181.

Change-Id: Ied896c96c095481e755aaff9ff0746fb4cb9568e
Reviewed-on: https://go-review.googlesource.com/c/go/+/262857
Run-TryBot: Roland Shoemaker <roland@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Trust: Roland Shoemaker <roland@golang.org>
Trust: Katie Hockman <katie@golang.org>
---
 src/crypto/tls/testdata/Server-TLSv12-IssueTicket | 66 +++++++++++------------
 1 file changed, 33 insertions(+), 33 deletions(-)

(limited to 'src/crypto/tls/testdata/Server-TLSv12-IssueTicket')

diff --git a/src/crypto/tls/testdata/Server-TLSv12-IssueTicket b/src/crypto/tls/testdata/Server-TLSv12-IssueTicket
index 73d01585eb..f70c75993c 100644
--- a/src/crypto/tls/testdata/Server-TLSv12-IssueTicket
+++ b/src/crypto/tls/testdata/Server-TLSv12-IssueTicket
@@ -1,7 +1,7 @@
 >>> Flow 1 (client to server)
-00000000  16 03 01 00 71 01 00 00  6d 03 03 60 fd 9b 74 aa  |....q...m..`..t.|
-00000010  16 9f 07 32 7e 57 d0 91  86 ea 59 b7 f3 38 bb 4f  |...2~W....Y..8.O|
-00000020  7f 2c 36 eb 67 21 57 f2  12 2b 38 00 00 04 00 2f  |.,6.g!W..+8..../|
+00000000  16 03 01 00 71 01 00 00  6d 03 03 3d 21 91 3a 4e  |....q...m..=!.:N|
+00000010  8e cd 65 eb 0f 1c ae 2a  58 40 4c 38 22 c9 46 2c  |..e....*X@L8".F,|
+00000020  b8 cd dd 38 ad c6 4b a7  60 a9 56 00 00 04 00 2f  |...8..K.`.V..../|
 00000030  00 ff 01 00 00 40 00 23  00 00 00 16 00 00 00 17  |.....@.#........|
 00000040  00 00 00 0d 00 30 00 2e  04 03 05 03 06 03 08 07  |.....0..........|
 00000050  08 08 08 09 08 0a 08 0b  08 04 08 05 08 06 04 01  |................|
@@ -52,40 +52,40 @@
 00000290  84 5c 21 d3 3b e9 fa e7  16 03 03 00 04 0e 00 00  |.\!.;...........|
 000002a0  00                                                |.|
 >>> Flow 3 (client to server)
-00000000  16 03 03 00 86 10 00 00  82 00 80 2c d6 6d 84 0c  |...........,.m..|
-00000010  d9 ef 52 bb cc 0b 41 47  d7 64 c7 a6 b0 fa 3c 6f  |..R...AG.d....<o|
-00000020  c3 31 95 bc ab 4b c6 72  45 ef fb 49 6f fc 5c 63  |.1...K.rE..Io.\c|
-00000030  48 d6 db 97 3b 9e 8b d9  a6 f4 59 ae 27 07 6d 1d  |H...;.....Y.'.m.|
-00000040  3b 56 72 a7 5c 6f 9d 84  e2 ea ed e9 ce 8a d1 9f  |;Vr.\o..........|
-00000050  bf b6 89 c9 36 be 76 cb  3f f2 40 7d b6 b8 af 4c  |....6.v.?.@}...L|
-00000060  35 85 40 b8 02 7b 53 0a  33 21 fa 49 ce af 85 27  |5.@..{S.3!.I...'|
-00000070  7f ae 03 ec a2 62 5a e3  f3 41 d5 bd 8e dc e8 81  |.....bZ..A......|
-00000080  79 f0 63 95 47 bf a0 55  22 4f 42 14 03 03 00 01  |y.c.G..U"OB.....|
-00000090  01 16 03 03 00 40 63 27  d9 ca 1e 88 7d 52 6a 2c  |.....@c'....}Rj,|
-000000a0  06 db f7 db 18 28 ec 4b  ff 57 76 8c 3b 3d de a7  |.....(.K.Wv.;=..|
-000000b0  7b 11 75 59 61 69 3d 6d  5a 90 c4 3b b4 a7 e8 38  |{.uYai=mZ..;...8|
-000000c0  81 06 96 ca af c0 5b 42  ba 05 4b 61 82 dd eb 04  |......[B..Ka....|
-000000d0  07 81 7a 58 30 a4                                 |..zX0.|
+00000000  16 03 03 00 86 10 00 00  82 00 80 1d 1a 1a b8 f4  |................|
+00000010  05 77 7a 96 2b 5f 50 7f  1e 69 14 be 40 ad 0c c9  |.wz.+_P..i..@...|
+00000020  7e df 2f 1d aa 74 ee b4  a5 05 fa 05 e1 85 a4 87  |~./..t..........|
+00000030  59 6a d1 e4 98 ce df e3  a5 82 98 77 c2 c4 fc 2f  |Yj.........w.../|
+00000040  ec 1d 2e 96 0c 27 12 0d  64 ba 58 90 ff 7d d1 27  |.....'..d.X..}.'|
+00000050  9a b9 b5 fb 1d 76 6f 3e  af f8 70 a3 cc 53 95 98  |.....vo>..p..S..|
+00000060  2c 7e a9 42 25 e5 3a e2  55 3f 19 57 6b 83 43 6a  |,~.B%.:.U?.Wk.Cj|
+00000070  93 34 2c 6e cb 4e 9d 25  8b 4d 7d d7 cc e1 16 59  |.4,n.N.%.M}....Y|
+00000080  2a 95 60 e4 31 0e df 7f  cb 9d b7 14 03 03 00 01  |*.`.1...........|
+00000090  01 16 03 03 00 40 28 33  df 69 4f 4c 48 b1 fb 8d  |.....@(3.iOLH...|
+000000a0  3f 3c d2 81 7c 33 cf 21  6a f7 d6 43 82 22 5b de  |?<..|3.!j..C."[.|
+000000b0  46 7f 7b e2 39 23 bd 39  fa 03 bd 11 9d a8 a2 84  |F.{.9#.9........|
+000000c0  4a 90 1a ab e1 b4 23 9f  72 d0 97 9e 05 5c 47 2b  |J.....#.r....\G+|
+000000d0  7a 53 bb ec a0 07                                 |zS....|
 >>> Flow 4 (server to client)
 00000000  16 03 03 00 8b 04 00 00  87 00 00 00 00 00 81 50  |...............P|
 00000010  46 ad c1 db a8 38 86 7b  2b bb fd d0 c3 42 3e 00  |F....8.{+....B>.|
 00000020  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 94  |................|
-00000030  6f 2c 9f 83 51 ed 14 ef  68 ca 42 c5 4c 92 cc 13  |o,..Q...h.B.L...|
-00000040  05 4e 15 de 98 0a 74 d5  a9 2e 80 89 98 89 72 39  |.N....t.......r9|
-00000050  5f fe 49 56 66 ac 4d 73  b1 5b 4b 81 db 25 a7 5b  |_.IVf.Ms.[K..%.[|
-00000060  54 5b 10 13 3d 96 71 d7  b7 23 53 ea 62 49 38 16  |T[..=.q..#S.bI8.|
-00000070  cc 4f 0d 9d 80 99 6e 0f  01 b3 d7 e4 8a 75 d1 b6  |.O....n......u..|
-00000080  7b 74 80 b2 b8 06 a9 71  6b 31 2a fd cf 6e 44 dc  |{t.....qk1*..nD.|
+00000030  6f 2c 9f 83 51 ed 14 ef  68 ca 42 c5 4c 75 5e a5  |o,..Q...h.B.Lu^.|
+00000040  6f d2 49 61 e4 fb 83 46  7c 4c ab f9 c6 d1 3c 9e  |o.Ia...F|L....<.|
+00000050  5b 8d d8 bc c0 a5 2d 84  db 24 dd a0 16 60 1d 87  |[.....-..$...`..|
+00000060  a0 52 88 25 6c c6 8e 5b  71 0f 74 c3 48 49 38 16  |.R.%l..[q.t.HI8.|
+00000070  92 8c de 77 bd 8a 2b 45  4d 58 86 40 b1 d6 0f 99  |...w..+EMX.@....|
+00000080  de 27 41 b2 41 27 aa fe  26 e9 24 91 2a 00 ff 08  |.'A.A'..&.$.*...|
 00000090  14 03 03 00 01 01 16 03  03 00 40 00 00 00 00 00  |..........@.....|
-000000a0  00 00 00 00 00 00 00 00  00 00 00 76 c4 85 3d 05  |...........v..=.|
-000000b0  60 a2 b3 ce 38 7f 1c f9  e3 19 87 b0 e1 af 08 b7  |`...8...........|
-000000c0  15 90 50 b9 51 85 c4 88  90 52 cd 6d b6 69 ee b5  |..P.Q....R.m.i..|
-000000d0  36 a8 0c 61 c4 78 09 6a  49 4d e9 17 03 03 00 40  |6..a.x.jIM.....@|
+000000a0  00 00 00 00 00 00 00 00  00 00 00 fc cd 6b 01 90  |.............k..|
+000000b0  7b 0c 31 54 a0 3a 8b f7  ba 45 e7 e0 df 9a 59 6d  |{.1T.:...E....Ym|
+000000c0  83 b6 b2 c8 93 d8 d9 b6  fe 19 56 51 75 a3 ea 0e  |..........VQu...|
+000000d0  f4 4b 64 27 66 fc 19 7b  7e 13 e7 17 03 03 00 40  |.Kd'f..{~......@|
 000000e0  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
-000000f0  76 31 e3 05 f8 b3 05 ca  e2 55 84 b9 15 85 5d 4a  |v1.......U....]J|
-00000100  83 a5 76 db b0 5f b9 65  b4 21 3e 00 36 9a e8 d7  |..v.._.e.!>.6...|
-00000110  02 81 23 83 19 13 c8 9c  cd 02 ae 10 b9 cf 75 96  |..#...........u.|
+000000f0  c2 1b 6f f1 1e 05 1b 8a  19 16 67 00 0f dc a8 a2  |..o.......g.....|
+00000100  00 56 49 0a bb c5 df 7e  96 0c 5c db a0 f4 3e b4  |.VI....~..\...>.|
+00000110  30 3e b6 f0 16 dd d4 ed  c9 de 64 49 00 9b 51 dc  |0>........dI..Q.|
 00000120  15 03 03 00 30 00 00 00  00 00 00 00 00 00 00 00  |....0...........|
-00000130  00 00 00 00 00 f9 ae b4  16 27 75 dc 72 4d 39 0e  |.........'u.rM9.|
-00000140  ba 1f 31 b2 39 ec 99 36  bc 41 34 03 54 9b de 7b  |..1.9..6.A4.T..{|
-00000150  4b 65 ef 99 a6                                    |Ke...|
+00000130  00 00 00 00 00 e1 9d 08  1a 2e 9a 0f 84 6d 4e e5  |.............mN.|
+00000140  2c 50 b9 28 5d 88 ea bb  48 4d af 26 7f 82 0b 56  |,P.(]...HM.&...V|
+00000150  c5 87 71 2a e7                                    |..q*.|
-- 
cgit v1.3