src/pkg/crypto/tls/testdata · 610f395189528d5eb6a9dde36e39314403d0b7a3 · go / golang

crypto/tls: pick ECDHE curves based on server preference. · db99a8fa

Adam Langley authored Feb 24, 2014

Currently an ECDHE handshake uses the client's curve preference. This
generally means that we use P-521. However, P-521's strength is
mismatched with the rest of the cipher suite in most cases and we have
a fast, constant-time implementation of P-256.

With this change, Go servers will use P-256 where the client supports
it although that can be overridden in the Config.

LGTM=bradfitz
R=bradfitz
CC=golang-codereviews
https://golang.org/cl/66060043

db99a8fa

Name	Last commit	Last update
..
Client-TLSv10-ClientCert-ECDSA-ECDSA		Loading commit data...
Client-TLSv10-ClientCert-ECDSA-RSA		Loading commit data...
Client-TLSv10-ClientCert-RSA-ECDSA		Loading commit data...
Client-TLSv10-ClientCert-RSA-RSA		Loading commit data...
Client-TLSv10-ECDHE-ECDSA-AES		Loading commit data...
Client-TLSv10-ECDHE-RSA-AES		Loading commit data...
Client-TLSv10-RSA-RC4		Loading commit data...
Client-TLSv11-ECDHE-ECDSA-AES		Loading commit data...
Client-TLSv11-ECDHE-RSA-AES		Loading commit data...
Client-TLSv11-RSA-RC4		Loading commit data...
Client-TLSv12-ClientCert-ECDSA-ECDSA		Loading commit data...
Client-TLSv12-ClientCert-ECDSA-RSA		Loading commit data...
Client-TLSv12-ClientCert-RSA-ECDSA		Loading commit data...
Client-TLSv12-ClientCert-RSA-RSA		Loading commit data...
Client-TLSv12-ECDHE-ECDSA-AES		Loading commit data...
Client-TLSv12-ECDHE-ECDSA-AES-GCM		Loading commit data...
Client-TLSv12-ECDHE-RSA-AES		Loading commit data...
Client-TLSv12-RSA-RC4		Loading commit data...
Server-SSLv3-RSA-3DES		Loading commit data...
Server-SSLv3-RSA-AES		Loading commit data...
Server-SSLv3-RSA-RC4		Loading commit data...
Server-TLSv10-ECDHE-ECDSA-AES		Loading commit data...
Server-TLSv10-RSA-3DES		Loading commit data...
Server-TLSv10-RSA-AES		Loading commit data...
Server-TLSv10-RSA-RC4		Loading commit data...
Server-TLSv11-RSA-RC4		Loading commit data...
Server-TLSv12-CipherSuiteCertPreferenceECDSA		Loading commit data...
Server-TLSv12-CipherSuiteCertPreferenceRSA		Loading commit data...
Server-TLSv12-ClientAuthRequestedAndECDSAGiven		Loading commit data...
Server-TLSv12-ClientAuthRequestedAndGiven		Loading commit data...
Server-TLSv12-ClientAuthRequestedNotGiven		Loading commit data...
Server-TLSv12-ECDHE-ECDSA-AES		Loading commit data...
Server-TLSv12-IssueTicket		Loading commit data...
Server-TLSv12-RSA-3DES		Loading commit data...
Server-TLSv12-RSA-AES		Loading commit data...
Server-TLSv12-RSA-AES-GCM		Loading commit data...
Server-TLSv12-RSA-RC4		Loading commit data...
Server-TLSv12-Resume		Loading commit data...
Server-TLSv12-SNI		Loading commit data...