crypto/tls: update bogo version

Change-Id: Ia80dd969a2033328692d337ececef4e13986aa88
Reviewed-on: https://go-review.googlesource.com/c/go/+/726381
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
Reviewed-by: Neal Patel <nealpatel@google.com>
Auto-Submit: Roland Shoemaker <roland@golang.org>
Reviewed-by: Nicholas Husin <husin@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>

diff --git a/src/crypto/tls/bogo_config.json b/src/crypto/tls/bogo_config.json
index a4664d6e6f823e2016d7aece2909859d6c6d8e46..d57b72aaf8fc066cb1ac07604dcb336b94113795 100644 (file)
--- a/src/crypto/tls/bogo_config.json
+++ b/src/crypto/tls/bogo_config.json
@@ -76,6 +76,27 @@
         "PAKE-Extension-*": "We don't support PAKE",
         "*TicketFlags": "We don't support draft-ietf-tls-tlsflags",
 
+        "BothMLKEMAndKyber-MLKEM1024": "We don't support ML-KEM 1024 KEX",
+        "CurveTest-Client-MLKEM1024-TLS13": "We don't support ML-KEM 1024 KEX",
+        "CurveTest-Invalid-MLKEMEncapKeyNotReduced-Server-MLKEM1024-TLS13": "We don't support ML-KEM 1024 KEX",
+        "CurveTest-Invalid-PadKeyShare-Client-MLKEM1024-TLS13": "We don't support ML-KEM 1024 KEX",
+        "CurveTest-Invalid-PadKeyShare-Server-MLKEM1024-TLS13": "We don't support ML-KEM 1024 KEX",
+        "CurveTest-Invalid-TruncateKeyShare-Client-MLKEM1024-TLS13": "We don't support ML-KEM 1024 KEX",
+        "CurveTest-Invalid-TruncateKeyShare-Server-MLKEM1024-TLS13": "We don't support ML-KEM 1024 KEX",
+        "CurveTest-Server-MLKEM1024-TLS13": "We don't support ML-KEM 1024 KEX",
+        "JustConfiguringMLKEMWorks-MLKEM1024": "We don't support ML-KEM 1024 KEX",
+        "NotJustMLKEMKeyShare-MLKEM1024": "We don't support ML-KEM 1024 KEX",
+        "TwoMLKEMs": "We don't support ML-KEM 1024 KEX",
+        "MLKEMKeyShareIncludedSecond-MLKEM1024": "We don't support ML-KEM 1024 KEX",
+        "MLKEMKeyShareIncludedSecond-X25519MLKEM768": "We don't support ML-KEM 1024 KEX",
+        "MLKEMKeyShareIncludedThird-MLKEM1024": "We don't support ML-KEM 1024 KEX",
+
+        "MLKEMKeyShareIncludedThird-X25519MLKEM768": "We don't return key shares in client preference order",
+
+        "ECDSAKeyUsage-*": "We don't enforce ECDSA KU",
+
+        "RSAKeyUsage-*": "We don't enforce RSA KU",
+
         "CheckLeafCurve": "TODO: first pass, this should be fixed",
         "KeyUpdate-RequestACK": "TODO: first pass, this should be fixed",
         "SupportedVersionSelection-TLS12": "TODO: first pass, this should be fixed",
@@ -167,19 +188,6 @@
         "HelloRetryRequest-DuplicateCookie-TLS13": "TODO: first pass, this should be fixed",
         "HelloRetryRequest-Unknown-TLS13": "TODO: first pass, this should be fixed",
         "SendPostHandshakeChangeCipherSpec-TLS13": "TODO: first pass, this should be fixed",
-        "ECDSAKeyUsage-Server-TLS12": "TODO: first pass, this should be fixed",
-        "ECDSAKeyUsage-Server-TLS13": "TODO: first pass, this should be fixed",
-        "RSAKeyUsage-Client-WantEncipherment-GotEnciphermentTLS1": "TODO: first pass, this should be fixed",
-        "RSAKeyUsage-Server-WantSignature-GotEncipherment-TLS1": "TODO: first pass, this should be fixed",
-        "RSAKeyUsage-Client-WantSignature-GotSignature-TLS1": "TODO: first pass, this should be fixed",
-        "RSAKeyUsage-Client-WantEncipherment-GotEnciphermentTLS11": "TODO: first pass, this should be fixed",
-        "RSAKeyUsage-Client-WantSignature-GotSignature-TLS11": "TODO: first pass, this should be fixed",
-        "RSAKeyUsage-Client-WantEncipherment-GotEnciphermentTLS12": "TODO: first pass, this should be fixed",
-        "RSAKeyUsage-Server-WantSignature-GotEncipherment-TLS12": "TODO: first pass, this should be fixed",
-        "RSAKeyUsage-Server-WantSignature-GotEncipherment-TLS11": "TODO: first pass, this should be fixed",
-        "RSAKeyUsage-Client-WantSignature-GotSignature-TLS12": "TODO: first pass, this should be fixed",
-        "RSAKeyUsage-Client-WantSignature-GotSignature-TLS13": "TODO: first pass, this should be fixed",
-        "RSAKeyUsage-Server-WantSignature-GotEncipherment-TLS13": "TODO: first pass, this should be fixed",
         "EmptyExtensions-ClientHello-TLS1": "TODO: first pass, this should be fixed",
         "OmitExtensions-ClientHello-TLS1": "TODO: first pass, this should be fixed",
         "EmptyExtensions-ClientHello-TLS12": "TODO: first pass, this should be fixed",
@@ -214,15 +222,6 @@
         "KeyUpdate-Requested": "TODO: 2025/06  BoGo update, should be fixed",
         "AppDataBeforeTLS13KeyChange-*": "TODO: 2025/06  BoGo update, should be fixed"
     },
-    "AllCurves": [
-        23,
-        24,
-        25,
-        29,
-        4587,
-        4588,
-        4589
-    ],
     "ErrorMap": {
         ":ECH_REJECTED:": ["tls: server rejected ECH"]
     }

diff --git a/src/crypto/tls/bogo_shim_test.go b/src/crypto/tls/bogo_shim_test.go
index ccac47c271076bc91c8d84ad740f5838e49fea20..5e6110a8daf9bfd77d79332c1e4b70f3a6665ed7 100644 (file)
--- a/src/crypto/tls/bogo_shim_test.go
+++ b/src/crypto/tls/bogo_shim_test.go
@@ -32,7 +32,11 @@ import (
        "golang.org/x/crypto/cryptobyte"
 )
 
-const boringsslModVer = "v0.0.0-20250620172916-f51d8b099832"
+// boringsslModVer is the version of BoringSSL that we test against.
+// The pseudo-version can be found by executing:
+//
+//     go mod download -json boringssl.googlesource.com/boringssl.git@latest
+const boringsslModVer = "v0.0.0-20260209204302-2a7ca5404e13"
 
 var (
        port   = flag.String("port", "", "")
@@ -619,8 +623,8 @@ func TestBogoSuite(t *testing.T) {
        // are present in the output. They are only checked if -bogo-filter
        // was not passed.
        assertResults := map[string]string{
-               "CurveTest-Client-MLKEM-TLS13": "PASS",
-               "CurveTest-Server-MLKEM-TLS13": "PASS",
+               "CurveTest-Client-X25519MLKEM768-TLS13": "PASS",
+               "CurveTest-Server-X25519MLKEM768-TLS13": "PASS",
 
                // Various signature algorithm tests checking that we enforce our
                // preferences on the peer.