Cypherpunks repositories - gostls13.git/commit

author	Filippo Valsorda <filippo@golang.org>
	Sat, 15 Mar 2025 14:12:39 +0000 (15:12 +0100)
committer	Gopher Robot <gobot@golang.org>
	Wed, 21 May 2025 22:09:29 +0000 (15:09 -0700)
commit	59211acb5dbde14647e025eb7379675debcf3930
tree	db98ad31b32d59f381e701cadda32590233d096c	tree
parent	4158ca8d7c521aee5cc48f285f559e74845e973c	commit \| diff

crypto/tls: disable SHA-1 signature algorithms in TLS 1.2

This implements RFC 9155 by removing support for SHA-1 algorithms:

  - we don't advertise them in ClientHello and CertificateRequest
    (where supportedSignatureAlgorithms is used directly)

  - we don't select them in our ServerKeyExchange and CertificateVerify
    (where supportedSignatureAlgorithms filters signatureSchemesForCertificate)

  - we reject them in the peer's ServerKeyExchange and CertificateVerify
    (where we check against the algorithms we advertised in ClientHello
    and CertificateRequest)

Fixes #72883

Change-Id: I6a6a4656e2aafd2c38cdd32090d3d8a9a8047818
Reviewed-on: https://go-review.googlesource.com/c/go/+/658216
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: David Chase <drchase@google.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>

doc/godebug.md		diff \| blob \| history
doc/next/6-stdlib/99-minor/crypto/tls/72883.md	[new file with mode: 0644]	blob
src/crypto/tls/auth.go		diff \| blob \| history
src/crypto/tls/auth_test.go		diff \| blob \| history
src/crypto/tls/bogo_config.json		diff \| blob \| history
src/crypto/tls/defaults.go		diff \| blob \| history
src/crypto/tls/handshake_client.go		diff \| blob \| history
src/crypto/tls/handshake_server.go		diff \| blob \| history
src/crypto/tls/key_agreement.go		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv10-ClientCert-ECDSA-ECDSA		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv10-ClientCert-ECDSA-RSA		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv10-ClientCert-RSA-ECDSA		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv10-ClientCert-RSA-RSA		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv10-ECDHE-ECDSA-AES		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv10-ECDHE-RSA-AES		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv10-ExportKeyingMaterial		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv10-RSA-RC4		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv11-ECDHE-ECDSA-AES		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv11-ECDHE-RSA-AES		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv11-RSA-RC4		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-AES128-GCM-SHA256		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-AES128-SHA256		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-AES256-GCM-SHA384		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-ALPN		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-ClientCert-ECDSA-ECDSA		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-ClientCert-ECDSA-RSA		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-ClientCert-Ed25519		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-AES256-GCM-SHA384		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-ECDSA		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-RSA		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-RSAPKCS1v15		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-RSAPSS		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-ECDHE-ECDSA-AES		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-ECDHE-ECDSA-AES-GCM		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-ECDHE-ECDSA-AES128-SHA256		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-ECDHE-ECDSA-AES256-GCM-SHA384		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-ECDHE-ECDSA-CHACHA20-POLY1305		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-ECDHE-RSA-AES		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-ECDHE-RSA-AES128-SHA256		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-ECDHE-RSA-CHACHA20-POLY1305		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-Ed25519		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-ExportKeyingMaterial		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-P256-ECDHE		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-RSA-RC4		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-RenegotiateOnce		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-RenegotiateTwice		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-RenegotiateTwiceRejected		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-RenegotiationRejected		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-SCT		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv12-X25519-ECDHE		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv13-AES128-SHA256		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv13-AES256-SHA384		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv13-ALPN		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv13-CHACHA20-SHA256		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv13-ClientCert-ECDSA-RSA		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv13-ClientCert-Ed25519		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv13-ClientCert-RSA-ECDSA		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv13-ClientCert-RSA-RSAPSS		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv13-ECDSA		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv13-Ed25519		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv13-ExportKeyingMaterial		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv13-HelloRetryRequest		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv13-KeyUpdate		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv13-P256-ECDHE		diff \| blob \| history
src/crypto/tls/testdata/Client-TLSv13-X25519-ECDHE		diff \| blob \| history
src/crypto/tls/testdata/Server-TLSv12-ClientAuthRequestedAndECDSAGiven		diff \| blob \| history
src/crypto/tls/testdata/Server-TLSv12-ClientAuthRequestedAndEd25519Given		diff \| blob \| history
src/crypto/tls/testdata/Server-TLSv12-ClientAuthRequestedAndGiven		diff \| blob \| history
src/crypto/tls/testdata/Server-TLSv12-ClientAuthRequestedAndPKCS1v15Given		diff \| blob \| history
src/crypto/tls/testdata/Server-TLSv12-ClientAuthRequestedNotGiven		diff \| blob \| history
src/internal/godebugs/godebugs_test.go		diff \| blob \| history
src/internal/godebugs/table.go		diff \| blob \| history
src/runtime/metrics/doc.go		diff \| blob \| history