Compare commits
1 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 Adam Langley
|
78684e5b22 |
+47
-14
@@ -1774,20 +1774,53 @@ static bool TestClientHello() {
|
||||
}
|
||||
|
||||
static const uint8_t kTLS12ClientHello[] = {
|
||||
0x16, 0x03, 0x01, 0x00, 0xa2, 0x01, 0x00, 0x00, 0x9e, 0x03, 0x03, 0x00,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x3a, 0xcc, 0xa9,
|
||||
0xcc, 0xa8, 0xcc, 0x14, 0xcc, 0x13, 0xc0, 0x2b, 0xc0, 0x2f, 0x00, 0x9e,
|
||||
0xc0, 0x2c, 0xc0, 0x30, 0x00, 0x9f, 0xc0, 0x09, 0xc0, 0x23, 0xc0, 0x13,
|
||||
0xc0, 0x27, 0x00, 0x33, 0x00, 0x67, 0xc0, 0x0a, 0xc0, 0x24, 0xc0, 0x14,
|
||||
0xc0, 0x28, 0x00, 0x39, 0x00, 0x6b, 0x00, 0x9c, 0x00, 0x9d, 0x00, 0x2f,
|
||||
0x00, 0x3c, 0x00, 0x35, 0x00, 0x3d, 0x00, 0x0a, 0x01, 0x00, 0x00, 0x3b,
|
||||
0xff, 0x01, 0x00, 0x01, 0x00, 0x00, 0x17, 0x00, 0x00, 0x00, 0x23, 0x00,
|
||||
0x00, 0x00, 0x0d, 0x00, 0x18, 0x00, 0x16, 0x08, 0x06, 0x06, 0x01, 0x06,
|
||||
0x03, 0x08, 0x05, 0x05, 0x01, 0x05, 0x03, 0x08, 0x04, 0x04, 0x01, 0x04,
|
||||
0x03, 0x02, 0x01, 0x02, 0x03, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00,
|
||||
0x0a, 0x00, 0x08, 0x00, 0x06, 0x00, 0x1d, 0x00, 0x17, 0x00, 0x18,
|
||||
0x16,
|
||||
0x03, 0x01,
|
||||
0x00, 0x9c,
|
||||
0x01,
|
||||
0x00, 0x00, 0x98,
|
||||
0x03, 0x03,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||
0x00,
|
||||
0x00, 0x3a,
|
||||
0xcc, 0xa9,
|
||||
0xcc, 0xa8,
|
||||
0xcc, 0x14,
|
||||
0xcc, 0x13,
|
||||
0xc0, 0x2b,
|
||||
0xc0, 0x2f,
|
||||
0x00, 0x9e,
|
||||
0xc0, 0x2c,
|
||||
0xc0, 0x30,
|
||||
0x00, 0x9f,
|
||||
0xc0, 0x09,
|
||||
0xc0, 0x23,
|
||||
0xc0, 0x13,
|
||||
0xc0, 0x27,
|
||||
0x00, 0x33,
|
||||
0x00, 0x67,
|
||||
0xc0, 0x0a,
|
||||
0xc0, 0x24,
|
||||
0xc0, 0x14,
|
||||
0xc0, 0x28,
|
||||
0x00, 0x39,
|
||||
0x00, 0x6b,
|
||||
0x00, 0x9c,
|
||||
0x00, 0x9d,
|
||||
0x00, 0x2f,
|
||||
0x00, 0x3c,
|
||||
0x00, 0x35,
|
||||
0x00, 0x3d,
|
||||
0x00, 0x0a,
|
||||
0x01, 0x00, 0x00, 0x35, 0xff, 0x01, 0x00, 0x01,
|
||||
0x00, 0x00, 0x17, 0x00, 0x00, 0x00, 0x23, 0x00, 0x00, 0x00, 0x0d, 0x00,
|
||||
0x12, 0x00, 0x10, 0x06, 0x01, 0x06, 0x03, 0x05, 0x01, 0x05, 0x03, 0x04,
|
||||
0x01, 0x04, 0x03, 0x02, 0x01, 0x02, 0x03, 0x00, 0x0b, 0x00, 0x02, 0x01,
|
||||
0x00, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x06, 0x00, 0x1d, 0x00, 0x17, 0x00,
|
||||
0x18,
|
||||
};
|
||||
if (!ClientHelloMatches(TLS1_2_VERSION, kTLS12ClientHello,
|
||||
sizeof(kTLS12ClientHello))) {
|
||||
|
||||
+31
-11
@@ -512,24 +512,29 @@ done:
|
||||
* customisable at some point, for now include everything we support. */
|
||||
|
||||
static const uint16_t kDefaultSignatureAlgorithms[] = {
|
||||
/* For now, do not ship RSA-PSS signature algorithms on Android's system
|
||||
* BoringSSL. Once TLS 1.3 is finalized and the change in Chrome has stuck,
|
||||
* restore them. */
|
||||
#if !defined(BORINGSSL_ANDROID_SYSTEM)
|
||||
SSL_SIGN_RSA_PSS_SHA512,
|
||||
#endif
|
||||
SSL_SIGN_RSA_PKCS1_SHA512,
|
||||
SSL_SIGN_ECDSA_SECP521R1_SHA512,
|
||||
|
||||
#if !defined(BORINGSSL_ANDROID_SYSTEM)
|
||||
SSL_SIGN_RSA_PSS_SHA384,
|
||||
#endif
|
||||
SSL_SIGN_RSA_PKCS1_SHA384,
|
||||
SSL_SIGN_ECDSA_SECP384R1_SHA384,
|
||||
|
||||
#if !defined(BORINGSSL_ANDROID_SYSTEM)
|
||||
SSL_SIGN_RSA_PKCS1_SHA256,
|
||||
SSL_SIGN_ECDSA_SECP256R1_SHA256,
|
||||
|
||||
SSL_SIGN_RSA_PKCS1_SHA1,
|
||||
SSL_SIGN_ECDSA_SHA1,
|
||||
};
|
||||
|
||||
static const uint16_t kDefaultTLS13SignatureAlgorithms[] = {
|
||||
SSL_SIGN_RSA_PSS_SHA512,
|
||||
SSL_SIGN_RSA_PKCS1_SHA512,
|
||||
SSL_SIGN_ECDSA_SECP521R1_SHA512,
|
||||
|
||||
SSL_SIGN_RSA_PSS_SHA384,
|
||||
SSL_SIGN_RSA_PKCS1_SHA384,
|
||||
SSL_SIGN_ECDSA_SECP384R1_SHA384,
|
||||
|
||||
SSL_SIGN_RSA_PSS_SHA256,
|
||||
#endif
|
||||
SSL_SIGN_RSA_PKCS1_SHA256,
|
||||
SSL_SIGN_ECDSA_SECP256R1_SHA256,
|
||||
|
||||
@@ -538,6 +543,21 @@ static const uint16_t kDefaultSignatureAlgorithms[] = {
|
||||
};
|
||||
|
||||
size_t tls12_get_psigalgs(SSL *ssl, const uint16_t **psigs) {
|
||||
uint16_t min_version, max_version;
|
||||
if (!ssl_get_version_range(ssl, &min_version, &max_version)) {
|
||||
assert(0); /* This should never happen. */
|
||||
|
||||
/* Return an empty list. */
|
||||
ERR_clear_error();
|
||||
*psigs = NULL;
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (max_version >= TLS1_3_VERSION) {
|
||||
*psigs = kDefaultTLS13SignatureAlgorithms;
|
||||
return OPENSSL_ARRAY_SIZE(kDefaultTLS13SignatureAlgorithms);
|
||||
}
|
||||
|
||||
*psigs = kDefaultSignatureAlgorithms;
|
||||
return OPENSSL_ARRAY_SIZE(kDefaultSignatureAlgorithms);
|
||||
}
|
||||
|
||||
+24
-21
@@ -6484,30 +6484,33 @@ func addSignatureAlgorithmTests() {
|
||||
expectedError: ":NO_COMMON_SIGNATURE_ALGORITHMS:",
|
||||
})
|
||||
|
||||
// Test that RSA-PSS is enabled by default for TLS 1.2.
|
||||
testCases = append(testCases, testCase{
|
||||
testType: clientTest,
|
||||
name: "RSA-PSS-Default-Verify",
|
||||
config: Config{
|
||||
MaxVersion: VersionTLS12,
|
||||
SignSignatureAlgorithms: []signatureAlgorithm{
|
||||
signatureRSAPSSWithSHA256,
|
||||
// Disabled because RSA-PSS support was removed in this branch.
|
||||
if false {
|
||||
// Test that RSA-PSS is enabled by default for TLS 1.2.
|
||||
testCases = append(testCases, testCase{
|
||||
testType: clientTest,
|
||||
name: "RSA-PSS-Default-Verify",
|
||||
config: Config{
|
||||
MaxVersion: VersionTLS12,
|
||||
SignSignatureAlgorithms: []signatureAlgorithm{
|
||||
signatureRSAPSSWithSHA256,
|
||||
},
|
||||
},
|
||||
},
|
||||
flags: []string{"-max-version", strconv.Itoa(VersionTLS12)},
|
||||
})
|
||||
flags: []string{"-max-version", strconv.Itoa(VersionTLS12)},
|
||||
})
|
||||
|
||||
testCases = append(testCases, testCase{
|
||||
testType: serverTest,
|
||||
name: "RSA-PSS-Default-Sign",
|
||||
config: Config{
|
||||
MaxVersion: VersionTLS12,
|
||||
VerifySignatureAlgorithms: []signatureAlgorithm{
|
||||
signatureRSAPSSWithSHA256,
|
||||
testCases = append(testCases, testCase{
|
||||
testType: serverTest,
|
||||
name: "RSA-PSS-Default-Sign",
|
||||
config: Config{
|
||||
MaxVersion: VersionTLS12,
|
||||
VerifySignatureAlgorithms: []signatureAlgorithm{
|
||||
signatureRSAPSSWithSHA256,
|
||||
},
|
||||
},
|
||||
},
|
||||
flags: []string{"-max-version", strconv.Itoa(VersionTLS12)},
|
||||
})
|
||||
flags: []string{"-max-version", strconv.Itoa(VersionTLS12)},
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
// timeouts is the retransmit schedule for BoringSSL. It doubles and
|
||||
|
||||
Reference in New Issue
Block a user