src/crypto/tls · 7ccd3583eddcd79679fb29cfc83a6e6fb6973f1e · go / golang

crypto/tls: disable RSA-PSS in TLS 1.2 · 7ccd3583

Filippo Valsorda authored Feb 05, 2019

Most of the issues that led to the decision on #30055 were related to
incompatibility with or faulty support for RSA-PSS (#29831, #29779,
v1.5 signatures). RSA-PSS is required by TLS 1.3, but is also available
to be negotiated in TLS 1.2.

Altering TLS 1.2 behavior based on GODEBUG=tls13=1 feels surprising, so
just disable RSA-PSS entirely in TLS 1.2 until TLS 1.3 is on by default,
so breakage happens all at once.

Updates #30055

Change-Id: Iee90454a20ded8895e5302e8bcbcd32e4e3031c2
Reviewed-on: https://go-review.googlesource.com/c/160998
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Adam Langley <agl@golang.org>

7ccd3583

Name	Last commit	Last update
..
testdata		Loading commit data...
alert.go		Loading commit data...
auth.go		Loading commit data...
auth_test.go		Loading commit data...
cipher_suites.go		Loading commit data...
common.go		Loading commit data...
conn.go		Loading commit data...
conn_test.go		Loading commit data...
example_test.go		Loading commit data...
generate_cert.go		Loading commit data...
handshake_client.go		Loading commit data...
handshake_client_test.go		Loading commit data...
handshake_client_tls13.go		Loading commit data...
handshake_messages.go		Loading commit data...
handshake_messages_test.go		Loading commit data...
handshake_server.go		Loading commit data...
handshake_server_test.go		Loading commit data...
handshake_server_tls13.go		Loading commit data...
handshake_test.go		Loading commit data...
key_agreement.go		Loading commit data...
key_schedule.go		Loading commit data...
key_schedule_test.go		Loading commit data...
prf.go		Loading commit data...
prf_test.go		Loading commit data...
ticket.go		Loading commit data...
tls.go		Loading commit data...
tls_test.go		Loading commit data...