• Filippo Valsorda's avatar
    crypto/tls: advertise support for SHA-512 signatures in 1.2 · 96cd66b2
    Filippo Valsorda authored
    This is the equivalent change to 1c105980 but for SHA-512.
    
    SHA-512 certificates are already supported by default since b53bb2ca,
    but some servers will refuse connections if the algorithm is not
    advertised in the overloaded signatureAndHash extension (see 09b238f1).
    
    This required adding support for SHA-512 signatures on CertificateVerify
    and ServerKeyExchange messages, because of said overloading.
    
    Some testdata/Client-TLSv1{0,1} files changed because they send a 1.2
    ClientHello even if the server picks a lower version.
    
    Closes #22422
    
    Change-Id: I16282d03a3040260d203711ec21e6b20a0e1e105
    Reviewed-on: https://go-review.googlesource.com/74950
    Run-TryBot: Filippo Valsorda <hi@filippo.io>
    TryBot-Result: Gobot Gobot <gobot@golang.org>
    Reviewed-by: 's avatarAdam Langley <agl@golang.org>
    96cd66b2
Client-TLSv10-ClientCert-RSA-ECDSA 9.52 KB