Files · 96cd66b266a24d8ed1f66dfa10ddb86d88b50fca · go / golang

crypto/tls: advertise support for SHA-512 signatures in 1.2 · 96cd66b2

Filippo Valsorda authored Oct 31, 2017

This is the equivalent change to 1c105980 but for SHA-512.

SHA-512 certificates are already supported by default since b53bb2ca,
but some servers will refuse connections if the algorithm is not
advertised in the overloaded signatureAndHash extension (see 09b238f1).

This required adding support for SHA-512 signatures on CertificateVerify
and ServerKeyExchange messages, because of said overloading.

Some testdata/Client-TLSv1{0,1} files changed because they send a 1.2
ClientHello even if the server picks a lower version.

Closes #22422

Change-Id: I16282d03a3040260d203711ec21e6b20a0e1e105
Reviewed-on: https://go-review.googlesource.com/74950
Run-TryBot: Filippo Valsorda <hi@filippo.io>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Adam Langley <agl@golang.org>

96cd66b2

Name	Last commit	Last update
.github		Loading commit data...
api		Loading commit data...
doc		Loading commit data...
lib/time		Loading commit data...
misc		Loading commit data...
src		Loading commit data...
test		Loading commit data...
.gitattributes		Loading commit data...
.gitignore		Loading commit data...
AUTHORS		Loading commit data...
CONTRIBUTING.md		Loading commit data...
CONTRIBUTORS		Loading commit data...
LICENSE		Loading commit data...
PATENTS		Loading commit data...
README.md		Loading commit data...
favicon.ico		Loading commit data...
robots.txt		Loading commit data...

README.md