Cypherpunks.ru repositories - gostls13.git/commit

author	Filippo Valsorda <filippo@golang.org>
	Thu, 16 May 2019 23:13:29 +0000 (19:13 -0400)
committer	Filippo Valsorda <filippo@golang.org>
	Fri, 17 May 2019 16:13:45 +0000 (16:13 +0000)
commit	f35338582d0e0e7047fa45be3cb8064c43c50f25
tree	591f08ef243b8afb1ff450b1277b5ba726080f30	tree
parent	ee551846fa015a04aaa55e44e8d9b6647156e301	commit \| diff

crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3

Support for Ed25519 certificates was added in CL 175478, this wires them
up into the TLS stack according to RFC 8422 (TLS 1.2) and RFC 8446 (TLS 1.3).

RFC 8422 also specifies support for TLS 1.0 and 1.1, and I initially
implemented that, but even OpenSSL doesn't take the complexity, so I
just dropped it. It would have required keeping a buffer of the
handshake transcript in order to do the direct Ed25519 signatures. We
effectively need to support TLS 1.2 because it shares ClientHello
signature algorithms with TLS 1.3.

While at it, reordered the advertised signature algorithms in the rough
order we would want to use them, also based on what curves have fast
constant-time implementations.

Client and client auth tests changed because of the change in advertised
signature algorithms in ClientHello and CertificateRequest.

Fixes #25355

Change-Id: I9fdd839afde4fd6b13fcbc5cc7017fd8c35085ee
Reviewed-on: https://go-review.googlesource.com/c/go/+/177698
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Adam Langley <agl@golang.org>

src/crypto/tls/auth.go		diff \| blob \| history
src/crypto/tls/auth_test.go		diff \| blob \| history
src/crypto/tls/cipher_suites.go		diff \| blob \| history
src/crypto/tls/common.go		diff \| blob \| history
src/crypto/tls/generate_cert.go		diff \| blob \| history
src/crypto/tls/handshake_client.go		diff \| blob \| history
src/crypto/tls/handshake_client_test.go		diff \| blob \| history
src/crypto/tls/handshake_client_tls13.go		diff \| blob \| history
src/crypto/tls/handshake_server.go		diff \| blob \| history
src/crypto/tls/handshake_server_test.go		diff \| blob \| history
src/crypto/tls/handshake_server_tls13.go		diff \| blob \| history
src/crypto/tls/key_agreement.go		diff \| blob \| history
src/crypto/tls/prf.go		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv10-ClientCert-ECDSA-ECDSA		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv10-ClientCert-ECDSA-RSA		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv10-ClientCert-Ed25519	[new file with mode: 0644]	blob
src/crypto/tls/testdata/Client-TLSv10-ClientCert-RSA-ECDSA		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv10-ClientCert-RSA-RSA		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv10-ECDHE-ECDSA-AES		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv10-ECDHE-RSA-AES		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv10-Ed25519	[new file with mode: 0644]	blob
src/crypto/tls/testdata/Client-TLSv10-ExportKeyingMaterial		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv10-RSA-RC4		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv11-ECDHE-ECDSA-AES		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv11-ECDHE-RSA-AES		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv11-Ed25519	[new file with mode: 0644]	blob
src/crypto/tls/testdata/Client-TLSv11-RSA-RC4		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-AES128-GCM-SHA256		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-AES128-SHA256		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-AES256-GCM-SHA384		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-ALPN		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-ClientCert-ECDSA-ECDSA		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-ClientCert-ECDSA-RSA		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-ClientCert-Ed25519	[new file with mode: 0644]	blob
src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-AES256-GCM-SHA384		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-ECDSA		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-RSA		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-RSAPKCS1v15		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-RSAPSS		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-ECDHE-ECDSA-AES		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-ECDHE-ECDSA-AES-GCM		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-ECDHE-ECDSA-AES128-SHA256		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-ECDHE-ECDSA-AES256-GCM-SHA384		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-ECDHE-ECDSA-CHACHA20-POLY1305		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-ECDHE-RSA-AES		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-ECDHE-RSA-AES128-SHA256		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-ECDHE-RSA-CHACHA20-POLY1305		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-Ed25519	[new file with mode: 0644]	blob
src/crypto/tls/testdata/Client-TLSv12-ExportKeyingMaterial		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-P256-ECDHE		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-RSA-RC4		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-RenegotiateOnce		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-RenegotiateTwice		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-RenegotiateTwiceRejected		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-RenegotiationRejected		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-SCT		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-X25519-ECDHE		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv13-AES128-SHA256		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv13-AES256-SHA384		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv13-ALPN		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv13-CHACHA20-SHA256		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv13-ClientCert-ECDSA-RSA		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv13-ClientCert-Ed25519	[new file with mode: 0644]	blob
src/crypto/tls/testdata/Client-TLSv13-ClientCert-RSA-ECDSA		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv13-ClientCert-RSA-RSAPSS		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv13-ECDSA		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv13-Ed25519	[new file with mode: 0644]	blob
src/crypto/tls/testdata/Client-TLSv13-ExportKeyingMaterial		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv13-HelloRetryRequest		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv13-KeyUpdate		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv13-P256-ECDHE		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv13-X25519-ECDHE		diff \| blob \| history
src/crypto/tls/testdata/Server-TLSv12-ClientAuthRequestedAndECDSAGiven		diff \| blob \| history
src/crypto/tls/testdata/Server-TLSv12-ClientAuthRequestedAndEd25519Given	[new file with mode: 0644]	blob
src/crypto/tls/testdata/Server-TLSv12-ClientAuthRequestedAndGiven		diff \| blob \| history
src/crypto/tls/testdata/Server-TLSv12-ClientAuthRequestedAndPKCS1v15Given		diff \| blob \| history
src/crypto/tls/testdata/Server-TLSv12-ClientAuthRequestedNotGiven		diff \| blob \| history
src/crypto/tls/testdata/Server-TLSv12-Ed25519	[new file with mode: 0644]	blob
src/crypto/tls/testdata/Server-TLSv13-ClientAuthRequestedAndECDSAGiven		diff \| blob \| history
src/crypto/tls/testdata/Server-TLSv13-ClientAuthRequestedAndEd25519Given	[new file with mode: 0644]	blob
src/crypto/tls/testdata/Server-TLSv13-ClientAuthRequestedAndGiven		diff \| blob \| history
src/crypto/tls/testdata/Server-TLSv13-ClientAuthRequestedNotGiven		diff \| blob \| history
src/crypto/tls/testdata/Server-TLSv13-Ed25519	[new file with mode: 0644]	blob
src/crypto/tls/tls.go		diff \| blob \| history
src/go/build/deps_test.go		diff \| blob \| history