aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFilippo Valsorda <filippo@golang.org>2019-02-05 15:27:56 -0500
committerFilippo Valsorda <filippo@golang.org>2019-02-07 18:34:43 +0000
commit7ccd3583eddcd79679fb29cfc83a6e6fb6973f1e (patch)
tree2e0003c76862f5f80907778c5e6265fdb7c5814f
parent5d9bc60893d66073ca82eecee7c9800321535f52 (diff)
downloadgo-7ccd3583eddcd79679fb29cfc83a6e6fb6973f1e.tar.gz
go-7ccd3583eddcd79679fb29cfc83a6e6fb6973f1e.zip
crypto/tls: disable RSA-PSS in TLS 1.2
Most of the issues that led to the decision on #30055 were related to incompatibility with or faulty support for RSA-PSS (#29831, #29779, v1.5 signatures). RSA-PSS is required by TLS 1.3, but is also available to be negotiated in TLS 1.2. Altering TLS 1.2 behavior based on GODEBUG=tls13=1 feels surprising, so just disable RSA-PSS entirely in TLS 1.2 until TLS 1.3 is on by default, so breakage happens all at once. Updates #30055 Change-Id: Iee90454a20ded8895e5302e8bcbcd32e4e3031c2 Reviewed-on: https://go-review.googlesource.com/c/160998 Run-TryBot: Filippo Valsorda <filippo@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Adam Langley <agl@golang.org>
Diffstat
-rw-r--r--doc/go1.12.html10
-rw-r--r--src/crypto/tls/common.go5
-rw-r--r--src/crypto/tls/conn_test.go1
-rw-r--r--src/crypto/tls/handshake_client_test.go24
-rw-r--r--src/crypto/tls/handshake_server.go4
-rw-r--r--src/crypto/tls/handshake_server_test.go146
-rw-r--r--src/crypto/tls/key_agreement.go2
-rw-r--r--src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-PSS-Disabled137
-rw-r--r--src/crypto/tls/testdata/Client-TLSv13-ClientCert-RSA-PSS-Disabled138
-rw-r--r--src/crypto/tls/testdata/Server-TLSv12-ClientAuthRequestedAndGiven-PSS-Disabled126
-rw-r--r--src/crypto/tls/testdata/Server-TLSv12-ClientAuthRequestedAndGiven-PSS-Disabled-Required74
-rw-r--r--src/crypto/tls/testdata/Server-TLSv12-RSA-PSS-Disabled84
-rw-r--r--src/crypto/tls/testdata/Server-TLSv12-RSA-PSS-Disabled-Required54
-rw-r--r--src/crypto/tls/testdata/Server-TLSv13-ClientAuthRequestedAndGiven-PSS-Disabled182
-rw-r--r--src/crypto/tls/testdata/Server-TLSv13-RSA-PSS-Disabled103
-rw-r--r--src/crypto/tls/tls_test.go8
16 files changed, 1047 insertions, 51 deletions
diff --git a/doc/go1.12.html b/doc/go1.12.html
index 0f076e379d..3b086e7001 100644
--- a/doc/go1.12.html
+++ b/doc/go1.12.html
@@ -406,7 +406,8 @@ for {
and renegotiation are available in TLS 1.3 and provide equivalent or
better security and performance. Note that even though TLS 1.3 is backwards
compatible with previous versions, certain legacy systems might not work
- correctly when attempting to negotiate it.
+ correctly when attempting to negotiate it. RSA certificate keys too small
+ to be secure (including 512-bit keys) will not work with TLS 1.3.
</p>
<p>
@@ -500,13 +501,6 @@ for {
<dl id="crypto/tls"><dt><a href="/pkg/crypto/tls/">crypto/tls</a></dt>
<dd>
- <p><!-- CL 146258 -->
- TLS 1.2 clients and servers will now advertise and accept RSA-PSS
- signature algorithms for use with regular RSA public keys. Certain
- insecure certificate keys (including 512-bit RSA keys) will
- now cause a handshake failure if RSA-PSS is selected.
- </p>
-
<p><!-- CL 143177 -->
If a client sends an initial message that does not look like TLS, the server
will no longer reply with an alert, and it will expose the underlying
diff --git a/src/crypto/tls/common.go b/src/crypto/tls/common.go
index 0b08700d83..f695528fe0 100644
--- a/src/crypto/tls/common.go
+++ b/src/crypto/tls/common.go
@@ -161,7 +161,7 @@ const (
)
// supportedSignatureAlgorithms contains the signature and hash algorithms that
-// the code advertises as supported in a TLS 1.2 ClientHello and in a TLS 1.2
+// the code advertises as supported in a TLS 1.2+ ClientHello and in a TLS 1.2+
// CertificateRequest. The two fields are merged to match with TLS 1.3.
// Note that in TLS 1.2, the ECDSA algorithms are not constrained to P-256, etc.
var supportedSignatureAlgorithms = []SignatureScheme{
@@ -178,6 +178,9 @@ var supportedSignatureAlgorithms = []SignatureScheme{
ECDSAWithSHA1,
}
+// RSA-PSS is disabled in TLS 1.2 for Go 1.12. See Issue 30055.
+var supportedSignatureAlgorithmsTLS12 = supportedSignatureAlgorithms[3:]
+
// helloRetryRequestRandom is set as the Random value of a ServerHello
// to signal that the message is actually a HelloRetryRequest.
var helloRetryRequestRandom = []byte{ // See RFC 8446, Section 4.1.3.
diff --git a/src/crypto/tls/conn_test.go b/src/crypto/tls/conn_test.go
index 76cef7174b..57f61050e5 100644
--- a/src/crypto/tls/conn_test.go
+++ b/src/crypto/tls/conn_test.go
@@ -142,6 +142,7 @@ func runDynamicRecordSizingTest(t *testing.T, config *Config) {
handshakeDone := make(chan struct{})
recordSizesChan := make(chan []int, 1)
+ defer func() { <-recordSizesChan }() // wait for the goroutine to exit
go func() {
// This goroutine performs a TLS handshake over clientConn and
// then reads TLS records until EOF. It writes a slice that
diff --git a/src/crypto/tls/handshake_client_test.go b/src/crypto/tls/handshake_client_test.go
index ececd7b04d..7441e5b556 100644
--- a/src/crypto/tls/handshake_client_test.go
+++ b/src/crypto/tls/handshake_client_test.go
@@ -855,6 +855,30 @@ func TestHandshakeClientCertRSAPKCS1v15(t *testing.T) {
runClientTestTLS12(t, test)
}
+func TestHandshakeClientCertPSSDisabled(t *testing.T) {
+ config := testConfig.Clone()
+ cert, _ := X509KeyPair([]byte(clientCertificatePEM), []byte(clientKeyPEM))
+ config.Certificates = []Certificate{cert}
+
+ test := &clientTest{
+ name: "ClientCert-RSA-PSS-Disabled",
+ args: []string{"-cipher", "AES128", "-Verify", "1"},
+ config: config,
+ }
+
+ // Restore the default signature algorithms, disabling RSA-PSS in TLS 1.2,
+ // and check that handshakes still work.
+ testSupportedSignatureAlgorithmsTLS12 := supportedSignatureAlgorithmsTLS12
+ defer func() { supportedSignatureAlgorithmsTLS12 = testSupportedSignatureAlgorithmsTLS12 }()
+ supportedSignatureAlgorithmsTLS12 = savedSupportedSignatureAlgorithmsTLS12
+
+ // Use t.Run to ensure the defer runs after all parallel tests end.
+ t.Run("", func(t *testing.T) {
+ runClientTestTLS12(t, test)
+ runClientTestTLS13(t, test)
+ })
+}
+
func TestClientKeyUpdate(t *testing.T) {
test := &clientTest{
name: "KeyUpdate",
diff --git a/src/crypto/tls/handshake_server.go b/src/crypto/tls/handshake_server.go
index 2745f3313f..4f4b60ae2c 100644
--- a/src/crypto/tls/handshake_server.go
+++ b/src/crypto/tls/handshake_server.go
@@ -463,7 +463,7 @@ func (hs *serverHandshakeState) doFullHandshake() error {
}
if c.vers >= VersionTLS12 {
certReq.hasSignatureAlgorithm = true
- certReq.supportedSignatureAlgorithms = supportedSignatureAlgorithms
+ certReq.supportedSignatureAlgorithms = supportedSignatureAlgorithmsTLS12
}
// An empty list of certificateAuthorities signals to
@@ -559,7 +559,7 @@ func (hs *serverHandshakeState) doFullHandshake() error {
}
// Determine the signature type.
- _, sigType, hashFunc, err := pickSignatureAlgorithm(pub, []SignatureScheme{certVerify.signatureAlgorithm}, supportedSignatureAlgorithms, c.vers)
+ _, sigType, hashFunc, err := pickSignatureAlgorithm(pub, []SignatureScheme{certVerify.signatureAlgorithm}, supportedSignatureAlgorithmsTLS12, c.vers)
if err != nil {
c.sendAlert(alertIllegalParameter)
return err
diff --git a/src/crypto/tls/handshake_server_test.go b/src/crypto/tls/handshake_server_test.go
index 411648ef68..c23f98f6bc 100644
--- a/src/crypto/tls/handshake_server_test.go
+++ b/src/crypto/tls/handshake_server_test.go
@@ -1211,6 +1211,33 @@ func TestHandshakeServerRSAPSS(t *testing.T) {
runServerTestTLS13(t, test)
}
+func TestHandshakeServerPSSDisabled(t *testing.T) {
+ test := &serverTest{
+ name: "RSA-PSS-Disabled",
+ command: []string{"openssl", "s_client", "-no_ticket"},
+ wait: true,
+ }
+
+ // Restore the default signature algorithms, disabling RSA-PSS in TLS 1.2,
+ // and check that handshakes still work.
+ testSupportedSignatureAlgorithmsTLS12 := supportedSignatureAlgorithmsTLS12
+ defer func() { supportedSignatureAlgorithmsTLS12 = testSupportedSignatureAlgorithmsTLS12 }()
+ supportedSignatureAlgorithmsTLS12 = savedSupportedSignatureAlgorithmsTLS12
+
+ runServerTestTLS12(t, test)
+ runServerTestTLS13(t, test)
+
+ test = &serverTest{
+ name: "RSA-PSS-Disabled-Required",
+ command: []string{"openssl", "s_client", "-no_ticket", "-sigalgs", "rsa_pss_rsae_sha256"},
+ wait: true,
+
+ expectHandshakeErrorIncluding: "peer doesn't support any common signature algorithms",
+ }
+
+ runServerTestTLS12(t, test)
+}
+
func benchmarkHandshakeServer(b *testing.B, version uint16, cipherSuite uint16, curve CurveID, cert []byte, key crypto.PrivateKey) {
config := testConfig.Clone()
config.CipherSuites = []uint16{cipherSuite}
@@ -1390,49 +1417,82 @@ func TestClientAuth(t *testing.T) {
defer os.Remove(ecdsaCertPath)
ecdsaKeyPath = tempFile(clientECDSAKeyPEM)
defer os.Remove(ecdsaKeyPath)
- } else {
- t.Parallel()
}
- config := testConfig.Clone()
- config.ClientAuth = RequestClientCert
+ t.Run("Normal", func(t *testing.T) {
+ config := testConfig.Clone()
+ config.ClientAuth = RequestClientCert
- test := &serverTest{
- name: "ClientAuthRequestedNotGiven",
- command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA"},
- config: config,
- }
- runServerTestTLS12(t, test)
- runServerTestTLS13(t, test)
+ test := &serverTest{
+ name: "ClientAuthRequestedNotGiven",
+ command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA"},
+ config: config,
+ }
+ runServerTestTLS12(t, test)
+ runServerTestTLS13(t, test)
- test = &serverTest{
- name: "ClientAuthRequestedAndGiven",
- command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA",
- "-cert", certPath, "-key", keyPath, "-sigalgs", "rsa_pss_rsae_sha256"},
- config: config,
- expectedPeerCerts: []string{clientCertificatePEM},
- }
- runServerTestTLS12(t, test)
- runServerTestTLS13(t, test)
+ config.ClientAuth = RequireAnyClientCert
- test = &serverTest{
- name: "ClientAuthRequestedAndECDSAGiven",
- command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA",
- "-cert", ecdsaCertPath, "-key", ecdsaKeyPath},
- config: config,
- expectedPeerCerts: []string{clientECDSACertificatePEM},
- }
- runServerTestTLS12(t, test)
- runServerTestTLS13(t, test)
+ test = &serverTest{
+ name: "ClientAuthRequestedAndGiven",
+ command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA",
+ "-cert", certPath, "-key", keyPath, "-sigalgs", "rsa_pss_rsae_sha256"},
+ config: config,
+ expectedPeerCerts: []string{clientCertificatePEM},
+ }
+ runServerTestTLS12(t, test)
+ runServerTestTLS13(t, test)
+
+ test = &serverTest{
+ name: "ClientAuthRequestedAndECDSAGiven",
+ command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA",
+ "-cert", ecdsaCertPath, "-key", ecdsaKeyPath},
+ config: config,
+ expectedPeerCerts: []string{clientECDSACertificatePEM},
+ }
+ runServerTestTLS12(t, test)
+ runServerTestTLS13(t, test)
+
+ test = &serverTest{
+ name: "ClientAuthRequestedAndPKCS1v15Given",
+ command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA",
+ "-cert", certPath, "-key", keyPath, "-sigalgs", "rsa_pkcs1_sha256"},
+ config: config,
+ expectedPeerCerts: []string{clientCertificatePEM},
+ }
+ runServerTestTLS12(t, test)
+ })
- test = &serverTest{
- name: "ClientAuthRequestedAndPKCS1v15Given",
- command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA",
- "-cert", certPath, "-key", keyPath, "-sigalgs", "rsa_pkcs1_sha256"},
- config: config,
- expectedPeerCerts: []string{clientCertificatePEM},
- }
- runServerTestTLS12(t, test)
+ // Restore the default signature algorithms, disabling RSA-PSS in TLS 1.2,
+ // and check that handshakes still work.
+ testSupportedSignatureAlgorithmsTLS12 := supportedSignatureAlgorithmsTLS12
+ defer func() { supportedSignatureAlgorithmsTLS12 = testSupportedSignatureAlgorithmsTLS12 }()
+ supportedSignatureAlgorithmsTLS12 = savedSupportedSignatureAlgorithmsTLS12
+
+ t.Run("PSSDisabled", func(t *testing.T) {
+ config := testConfig.Clone()
+ config.ClientAuth = RequireAnyClientCert
+
+ test := &serverTest{
+ name: "ClientAuthRequestedAndGiven-PSS-Disabled",
+ command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA",
+ "-cert", certPath, "-key", keyPath},
+ config: config,
+ expectedPeerCerts: []string{clientCertificatePEM},
+ }
+ runServerTestTLS12(t, test)
+ runServerTestTLS13(t, test)
+
+ test = &serverTest{
+ name: "ClientAuthRequestedAndGiven-PSS-Disabled-Required",
+ command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA",
+ "-cert", certPath, "-key", keyPath, "-client_sigalgs", "rsa_pss_rsae_sha256"},
+ config: config,
+
+ expectHandshakeErrorIncluding: "client didn't provide a certificate",
+ }
+ runServerTestTLS12(t, test)
+ })
}
func TestSNIGivenOnFailure(t *testing.T) {
@@ -1722,6 +1782,7 @@ T+E0J8wlH24pgwQHzy7Ko2qLwn1b5PW8ecrlvP1g
if err != nil {
t.Fatal(err)
}
+
done := make(chan struct{})
go func() {
config := testConfig.Clone()
@@ -1739,4 +1800,15 @@ T+E0J8wlH24pgwQHzy7Ko2qLwn1b5PW8ecrlvP1g
t.Errorf(`expected "handshake failure", got %q`, err)
}
<-done
+
+ // With RSA-PSS disabled and TLS 1.2, this should work.
+
+ testSupportedSignatureAlgorithmsTLS12 := supportedSignatureAlgorithmsTLS12
+ defer func() { supportedSignatureAlgorithmsTLS12 = testSupportedSignatureAlgorithmsTLS12 }()
+ supportedSignatureAlgorithmsTLS12 = savedSupportedSignatureAlgorithmsTLS12
+
+ serverConfig := testConfig.Clone()
+ serverConfig.Certificates = []Certificate{cert}
+ serverConfig.MaxVersion = VersionTLS12
+ testHandshake(t, testConfig, serverConfig)
}
diff --git a/src/crypto/tls/key_agreement.go b/src/crypto/tls/key_agreement.go
index 628e578e48..05fe77b3e2 100644
--- a/src/crypto/tls/key_agreement.go
+++ b/src/crypto/tls/key_agreement.go
@@ -177,7 +177,7 @@ NextCandidate:
return nil, errors.New("tls: certificate private key does not implement crypto.Signer")
}
- signatureAlgorithm, sigType, hashFunc, err := pickSignatureAlgorithm(priv.Public(), clientHello.supportedSignatureAlgorithms, supportedSignatureAlgorithms, ka.version)
+ signatureAlgorithm, sigType, hashFunc, err := pickSignatureAlgorithm(priv.Public(), clientHello.supportedSignatureAlgorithms, supportedSignatureAlgorithmsTLS12, ka.version)
if err != nil {
return nil, err
}
diff --git a/src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-PSS-Disabled b/src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-PSS-Disabled
new file mode 100644
index 0000000000..9d59cb125d
--- /dev/null
+++ b/src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-PSS-Disabled
@@ -0,0 +1,137 @@
+>>> Flow 1 (client to server)
+00000000 16 03 01 00 f8 01 00 00 f4 03 03 00 00 00 00 00 |................|
+00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
+00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....|
+00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
+00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..|
+00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#|
+00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5|
+00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................|
+00000080 01 00 00 79 00 05 00 05 01 00 00 00 00 00 0a 00 |...y............|
+00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................|
+000000a0 00 00 0d 00 18 00 16 08 04 08 05 08 06 04 01 04 |................|
+000000b0 03 05 01 05 03 06 01 06 03 02 01 02 03 ff 01 00 |................|
+000000c0 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 03 03 |.......+........|
+000000d0 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f e5 7d |....3.&.$... /.}|
+000000e0 a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 ff f6 |.G.bC.(.._.).0..|
+000000f0 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |........_X.;t|
+>>> Flow 2 (server to client)
+00000000 16 03 03 00 59 02 00 00 55 03 03 33 ad 8d f8 90 |....Y...U..3....|
+00000010 d1 72 5d ef e8 94 0f d7 58 15 59 9f 0b f9 ec 73 |.r].....X.Y....s|
+00000020 99 53 f7 03 81 53 1a aa 05 f0 17 20 55 a1 9e 4e |.S...S..... U..N|
+00000030 98 26 6b b8 d5 bc 2c 3e ca f6 a0 d9 bb f2 3b dd |.&k...,>......;.|
+00000040 be 99 f1 35 de 1c f6 51 5b 19 4f 55 c0 2f 00 00 |...5...Q[.OU./..|
+00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................|
+00000060 03 02 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 |..Y...U..R..O0..|
+00000070 4b 30 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d |K0..............|
+00000080 3f e2 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 |?.[..0...*.H....|
+00000090 01 0b 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 |....0.1.0...U...|
+000000a0 02 47 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f |.Go1.0...U....Go|
+000000b0 20 52 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 | Root0...1601010|
+000000c0 30 30 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 |00000Z..25010100|
+000000d0 30 30 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a |0000Z0.1.0...U..|
+000000e0 13 02 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 |..Go1.0...U....G|
+000000f0 6f 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 |o0..0...*.H.....|
+00000100 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 |.......0.......F|
+00000110 7d 93 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 |}...'.H..(!.~...|
+00000120 5d fe 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 |]..RE.z6G....B[.|
+00000130 81 c0 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 |....y.@.Om..+...|
+00000140 a5 2e 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b |..g....."8.J.ts+|
+00000150 c2 34 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c |.4......t{.X.la<|
+00000160 c0 b0 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d |..A..++$#w[.;.u]|
+00000170 ce 20 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b |. T..c...$....P.|
+00000180 aa b6 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 |...C...ub...R...|
+00000190 01 00 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f |......0..0...U..|
+000001a0 01 01 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 |.........0...U.%|
+000001b0 04 16 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 |..0...+.........|
+000001c0 2b 06 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 |+.......0...U...|
+000001d0 01 ff 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 |....0.0...U.....|
+000001e0 10 9f 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f |.....CC>I..m....|
+000001f0 60 30 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 |`0...U.#..0...H.|
+00000200 49 4d 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 |IM.~.1......n{0.|
+00000210 06 03 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 |..U....0...examp|
+00000220 6c 65 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 |le.golang0...*.H|
+00000230 86 f7 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 |.............0.@|
+00000240 2b 5b 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 |+[P.a...SX...(.X|
+00000250 1a a9 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d |..8....1Z..f=C.-|
+00000260 d9 0b f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c |...... d8.$:....|
+00000270 7d b7 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 |}.@ ._...a..v...|
+00000280 cc e1 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 |...\.....l..s..C|
+00000290 77 8d 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d |w.......@.a.Lr+.|
+000002a0 ae db 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db |..F..M...>...B..|
+000002b0 fe 3d 13 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 |.=.`.\!.;.......|
+000002c0 ac 0c 00 00 a8 03 00 1d 20 2d c8 0c d2 27 fc f9 |........ -...'..|
+000002d0 79 71 c4 17 ea 45 ec 0b dd 66 ce af ec 49 96 7d |yq...E...f...I.}|
+000002e0 43 ff 88 68 b1 a8 bb e1 38 08 04 00 80 5a ab 5b |C..h....8....Z.[|
+000002f0 e6 b3 32 e2 98 ae c3 ed 7c f9 90 c4 a4 ea dd 70 |..2.....|......p|
+00000300 fc a4 f8 ef d1 15 0d b7 ad b8 e3 1f 3e c0 e4 40 |............>..@|
+00000310 0d 7b 50 36 8f 88 cb 88 59 7c 20 63 d1 7f 36 9e |.{P6....Y| c..6.|
+00000320 de a7 cb 6a 49 fd 65 32 36 0b 10 6a df 58 ef fd |...jI.e26..j.X..|
+00000330 f6 fc e6 65 e7 81 0e 73 25 87 c7 89 dc ec ae 7c |...e...s%......||
+00000340 e4 81 79 79 a2 b9 12 28 ab 3b d0 2e 5e 81 47 2a |..yy...(.;..^.G*|
+00000350 79 1e 16 21 fa 64 78 24 33 24 f7 ac f1 11 a7 15 |y..!.dx$3$......|
+00000360 98 f6 24 52 14 7c 1f 28 0c 24 b1 a9 8a 16 03 03 |..$R.|.(.$......|
+00000370 00 3a 0d 00 00 36 03 01 02 40 00 2e 04 03 05 03 |.:...6...@......|
+00000380 06 03 08 07 08 08 08 09 08 0a 08 0b 08 04 08 05 |................|
+00000390 08 06 04 01 05 01 06 01 03 03 02 03 03 01 02 01 |................|
+000003a0 03 02 02 02 04 02 05 02 06 02 00 00 16 03 03 00 |................|
+000003b0 04 0e 00 00 00 |.....|
+>>> Flow 3 (client to server)
+00000000 16 03 03 01 fd 0b 00 01 f9 00 01 f6 00 01 f3 30 |...............0|
+00000010 82 01 ef 30 82 01 58 a0 03 02 01 02 02 10 5c 19 |...0..X.......\.|
+00000020 c1 89 65 83 55 6f dc 0b c9 b9 93 9f e9 bc 30 0d |..e.Uo........0.|
+00000030 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 12 31 |..*.H........0.1|
+00000040 10 30 0e 06 03 55 04 0a 13 07 41 63 6d 65 20 43 |.0...U....Acme C|
+00000050 6f 30 1e 17 0d 31 36 30 38 31 37 32 31 35 32 33 |o0...16081721523|
+00000060 31 5a 17 0d 31 37 30 38 31 37 32 31 35 32 33 31 |1Z..170817215231|
+00000070 5a 30 12 31 10 30 0e 06 03 55 04 0a 13 07 41 63 |Z0.1.0...U....Ac|
+00000080 6d 65 20 43 6f 30 81 9f 30 0d 06 09 2a 86 48 86 |me Co0..0...*.H.|
+00000090 f7 0d 01 01 01 05 00 03 81 8d 00 30 81 89 02 81 |...........0....|
+000000a0 81 00 ba 6f aa 86 bd cf bf 9f f2 ef 5c 94 60 78 |...o........\.`x|
+000000b0 6f e8 13 f2 d1 96 6f cd d9 32 6e 22 37 ce 41 f9 |o.....o..2n"7.A.|
+000000c0 ca 5d 29 ac e1 27 da 61 a2 ee 81 cb 10 c7 df 34 |.])..'.a.......4|
+000000d0 58 95 86 e9 3d 19 e6 5c 27 73 60 c8 8d 78 02 f4 |X...=..\'s`..x..|
+000000e0 1d a4 98 09 a3 19 70 69 3c 25 62 66 2a ab 22 23 |......pi<%bf*."#|
+000000f0 c5 7b 85 38 4f 2e 09 73 32 a7 bd 3e 9b ad ca 84 |.{.8O..s2..>....|
+00000100 07 e6 0f 3a ff 77 c5 9d 41 85 00 8a b6 9b ee b0 |...:.w..A.......|
+00000110 a4 3f 2d 4c 4c e6 42 3e bb 51 c8 dd 48 54 f4 0c |.?-LL.B>.Q..HT..|
+00000120 8e 47 02 03 01 00 01 a3 46 30 44 30 0e 06 03 55 |.G......F0D0...U|
+00000130 1d 0f 01 01 ff 04 04 03 02 05 a0 30 13 06 03 55 |...........0...U|
+00000140 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 07 03 01 |.%..0...+.......|
+00000150 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 0f |0...U.......0.0.|
+00000160 06 03 55 1d 11 04 08 30 06 87 04 7f 00 00 01 30 |..U....0.......0|
+00000170 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 81 |...*.H..........|
+00000180 81 00 46 ab 44 a2 fb 28 54 f8 5a 67 f8 62 94 f1 |..F.D..(T.Zg.b..|
+00000190 9a b2 18 9e f2 b1 de 1d 7e 6f 76 95 a9 ba e7 5d |........~ov....]|
+000001a0 a8 16 6c 9c f7 09 d3 37 e4 4b 2b 36 7c 01 ad 41 |..l....7.K+6|..A|
+000001b0 d2 32 d8 c3 d2 93 f9 10 6b 8e 95 b9 2c 17 8a a3 |.2......k...,...|
+000001c0 44 48 bc 59 13 83 16 04 88 a4 81 5c 25 0d 98 0c |DH.Y.......\%...|
+000001d0 ac 11 b1 28 56 be 1d cd 61 62 84 09 bf d6 80 c6 |...(V...ab......|
+000001e0 45 8d 82 2c b4 d8 83 9b db c9 22 b7 2a 12 11 7b |E..,......".*..{|
+000001f0 fa 02 3b c1 c9 ff ea c9 9d a8 49 d3 95 d7 d5 0e |..;.......I.....|
+00000200 e5 35 16 03 03 00 25 10 00 00 21 20 2f e5 7d a3 |.5....%...! /.}.|
+00000210 47 cd 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 |G.bC.(.._.).0...|
+00000220 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 16 03 03 00 |......._X.;t....|
+00000230 88 0f 00 00 84 08 04 00 80 8b ad 4b 9a 7a 53 b8 |...........K.zS.|
+00000240 6a 0a e7 71 6a 9b 8b 89 7d 3a 49 c9 af ce 3f e2 |j..qj...}:I...?.|
+00000250 3e cc 0b da 57 9b 8c 2f 58 0f a9 05 4d e9 de 83 |>...W../X...M...|
+00000260 60 e8 1c 77 ef 23 e4 aa 6b c3 15 64 98 f8 b1 72 |`..w.#..k..d...r|
+00000270 b2 8a 9e a3 19 3d 73 84 05 53 59 e1 bb e1 db 51 |.....=s..SY....Q|
+00000280 49 38 cf 8b ee 3c b6 05 0d ba 62 02 b3 36 dc c1 |I8...<....b..6..|
+00000290 e1 52 4d bd 6a c1 3e 55 ff 82 5f e3 7c 84 1c 65 |.RM.j.>U.._.|..e|
+000002a0 45 53 b9 c0 56 99 ac 56 d7 4a fa 72 3e 63 36 06 |ES..V..V.J.r>c6.|
+000002b0 d3 60 ef 34 05 3f 57 20 79 14 03 03 00 01 01 16 |.`.4.?W y.......|
+000002c0 03 03 00 28 00 00 00 00 00 00 00 00 00 26 b7 73 |...(.........&.s|
+000002d0 b5 e9 b3 8a 63 00 9b 36 a0 cf 2a 60 0f 8a 59 75 |....c..6..*`..Yu|
+000002e0 08 71 97 dc 66 73 15 04 08 b4 d3 91 |.q..fs......|
+>>> Flow 4 (server to client)
+00000000 14 03 03 00 01 01 16 03 03 00 28 d2 b2 3f a8 43 |..........(..?.C|
+00000010 41 1a 85 20 9f ee 21 6a c5 96 cf 7c 01 8e f6 3a |A.. ..!j...|...:|
+00000020 e3 29 14 68 ea 74 a3 ef 85 04 78 33 db c7 d4 c9 |.).h.t....x3....|
+00000030 a2 fd 6a |..j|
+>>> Flow 5 (client to server)
+00000000 17 03 03 00 1e 00 00 00 00 00 00 00 01 c3 3b 68 |..............;h|
+00000010 b5 e9 4d 75 22 92 fb 19 85 88 38 97 12 3f ce ca |..Mu".....8..?..|
+00000020 36 c0 d6 15 03 03 00 1a 00 00 00 00 00 00 00 02 |6...............|
+00000030 c1 a9 03 81 61 04 7c 86 24 e9 90 22 59 6f c7 bc |....a.|.$.."Yo..|
+00000040 c2 a1 |..|
diff --git a/src/crypto/tls/testdata/Client-TLSv13-ClientCert-RSA-PSS-Disabled b/src/crypto/tls/testdata/Client-TLSv13-ClientCert-RSA-PSS-Disabled
new file mode 100644
index 0000000000..98d718bab2
--- /dev/null
+++ b/src/crypto/tls/testdata/Client-TLSv13-ClientCert-RSA-PSS-Disabled
@@ -0,0 +1,138 @@
+>>> Flow 1 (client to server)
+00000000 16 03 01 00 f8 01 00 00 f4 03 03 00 00 00 00 00 |................|
+00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
+00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....|
+00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
+00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..|
+00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#|
+00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5|
+00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................|
+00000080 01 00 00 79 00 05 00 05 01 00 00 00 00 00 0a 00 |...y............|
+00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................|
+000000a0 00 00 0d 00 18 00 16 08 04 08 05 08 06 04 01 04 |................|
+000000b0 03 05 01 05 03 06 01 06 03 02 01 02 03 ff 01 00 |................|
+000000c0 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 03 03 |.......+........|
+000000d0 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f e5 7d |....3.&.$... /.}|
+000000e0 a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 ff f6 |.G.bC.(.._.).0..|
+000000f0 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |........_X.;t|
+>>> Flow 2 (server to client)
+00000000 16 03 03 00 7a 02 00 00 76 03 03 e5 55 1c 7e bc |....z...v...U.~.|
+00000010 05 a3 af 8b 02 03 6a 08 34 35 43 9f 35 c1 39 36 |......j.45C.5.96|
+00000020 97 ab d9 4f 77 26 88 31 f8 1c a4 20 00 00 00 00 |...Ow&.1... ....|
+00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
+00000040 00 00 00 00 00 00 00 00 00 00 00 00 13 01 00 00 |................|
+00000050 2e 00 2b 00 02 03 04 00 33 00 24 00 1d 00 20 63 |..+.....3.$... c|
+00000060 74 2f 45 26 f4 7c cd d6 cb 8d 9f b5 6b 88 41 ef |t/E&.|......k.A.|
+00000070 f4 cd 00 54 91 29 98 e4 a0 6b 6d b5 2f 39 01 14 |...T.)...km./9..|
+00000080 03 03 00 01 01 17 03 03 00 17 e6 81 13 75 85 fe |.............u..|
+00000090 7d c6 09 24 01 bf 44 78 65 4e 5f d0 37 b9 89 15 |}..$..DxeN_.7...|
+000000a0 98 17 03 03 00 42 88 5c b3 19 ee 62 c0 2d 95 51 |.....B.\...b.-.Q|
+000000b0 fd 88 e0 13 aa 53 e5 5a 45 be 0f 07 6f 46 c8 1b |.....S.ZE...oF..|
+000000c0 a2 b5 2a 7c 46 5f b5 90 46 95 b9 a4 ce 44 a8 a7 |..*|F_..F....D..|
+000000d0 3d 8e ce d2 76 57 44 e0 0e 83 af f3 2f 00 55 cb |=...vWD...../.U.|
+000000e0 1f e7 d2 42 22 6f 78 0c 17 03 03 02 6d 45 f7 95 |...B"ox.....mE..|
+000000f0 68 b9 ad 32 13 34 84 c2 dd 62 a7 f5 18 0f 0b a6 |h..2.4...b......|
+00000100 b8 5c dd 06 69 0d 07 ea 6b ec ad ad a7 13 ea f3 |.\..i...k.......|
+00000110 87 9b 74 a9 53 49 b3 a9 ff f3 eb 71 1b 25 63 8b |..t.SI.....q.%c.|
+00000120 c6 0f 6a 21 bc f1 fb 4b 8e d4 07 6e c6 8e 9f bf |..j!...K...n....|
+00000130 73 eb 1e a5 d7 e4 a1 cd 6e 7e de 45 a2 b4 6f 25 |s.......n~.E..o%|
+00000140 fe c2 a1 84 b8 09 d1 65 90 6d ef 07 ea d0 25 01 |.......e.m....%.|
+00000150 54 f2 8e f8 53 38 1e 35 a9 af be 2a 8d 81 9b 77 |T...S8.5...*...w|
+00000160 38 22 42 b8 56 ea 72 ab c3 ac 9b 17 1a 0b 65 94 |8"B.V.r.......e.|
+00000170 8a 81 6d 83 c6 f4 76 32 ed f7 84 4d ec 17 0e 45 |..m...v2...M...E|
+00000180 74 e8 ba b0 46 92 62 8c 73 07 a8 1f d5 d3 44 d1 |t...F.b.s.....D.|
+00000190 53 21 62 8b 02 c6 20 40 1d f1 75 2b 8a 6a 60 2a |S!b... @..u+.j`*|
+000001a0 ee 04 5f c0 46 6d 74 7a 18 4a e0 ca d4 a6 6a a2 |.._.Fmtz.J....j.|
+000001b0 11 21 20 4a 3e 57 3c 67 ff 61 3d 15 32 14 f2 01 |.! J>W<g.a=.2...|
+000001c0 a2 cc 96 f6 d1 2d 4f ba 67 ed 02 ae a9 08 13 74 |.....-O.g......t|
+000001d0 33 f6 b5 ad e3 e3 ee 0e 65 f6 89 db 80 d4 f5 23 |3.......e......#|
+000001e0 7b 5d 7a af 5f c6 43 b7 87 f6 90 25 5a f0 f6 76 |{]z._.C....%Z..v|
+000001f0 63 9c 93 d0 f3 94 9c 55 f7 e7 8f 2d cb 83 fb a1 |c......U...-....|
+00000200 b3 db 11 d7 f9 f7 4b 66 50 55 64 31 3f fc 97 df |......KfPUd1?...|
+00000210 65 f9 e0 eb a2 5e 4d 9d c7 35 fb 1c 22 79 b1 00 |e....^M..5.."y..|
+00000220 28 e9 54 28 a9 e6 97 e8 33 92 ac 8e f7 c0 82 ac |(.T(....3.......|
+00000230 99 04 f0 f0 cc e7 4f 04 ad fe dc 9f 25 82 93 12 |......O.....%...|
+00000240 64 4a f6 34 da 41 8a f7 a9 3e fe 24 ae be 40 b7 |dJ.4.A...>.$..@.|
+00000250 10 59 17 11 6f 3c 11 8b eb b2 42 e7 d5 b7 ee d2 |.Y..o<....B.....|
+00000260 ae 95 9c 21 48 34 d9 5a 20 95 7c 72 35 05 5e 6c |...!H4.Z .|r5.^l|
+00000270 a2 05 46 30 e6 33 d3 91 ac c8 17 4b b1 15 cc f0 |..F0.3.....K....|
+00000280 af bb 7c 56 e0 5b 25 8e 35 e0 2e 35 91 0d e0 bc |..|V.[%.5..5....|
+00000290 f6 9c 3b 15 f8 96 dc 4e 6c aa 57 c9 f0 1f 55 e2 |..;....Nl.W...U.|
+000002a0 d9 5d 09 71 f9 af 17 69 29 d5 94 8a 5f fa b2 ad |.].q...i)..._...|
+000002b0 1b b9 ce 90 e7 bd 02 1b ad 9d 91 19 7e f3 8f 2d |............~..-|
+000002c0 70 d5 af 2c e7 29 b1 f9 3c 5a 7f 04 6f 73 88 da |p..,.)..<Z..os..|
+000002d0 84 bd d7 ad 01 dd 35 b7 1f 64 79 89 ab cb 21 d1 |......5..dy...!.|
+000002e0 20 c5 71 b7 78 fe 93 c0 41 33 d8 aa a2 ed a4 64 | .q.x...A3.....d|
+000002f0 fb 5b c1 6e 0d 1e f7 ca f6 01 a1 9a fc 82 af 34 |.[.n...........4|
+00000300 e3 45 d8 5a b9 81 e7 e4 c2 26 a7 79 b7 f4 87 9f |.E.Z.....&.y....|
+00000310 2e 16 ab 96 21 e2 5f 1f c9 e0 30 3e 97 27 42 15 |....!._...0>.'B.|
+00000320 6f 13 da a1 b2 b1 43 76 69 eb f1 c6 e2 b5 6c 57 |o.....Cvi.....lW|
+00000330 e0 88 c9 0d 7d 37 1b 0b a0 b7 cd 6b ba 3a 52 55 |....}7.....k.:RU|
+00000340 61 c6 5c 71 ce 1e 69 b9 ea b4 c6 a5 78 c5 b8 b6 |a.\q..i.....x...|
+00000350 4e b1 94 84 a3 d4 31 d9 3b 15 17 03 03 00 99 6c |N.....1.;......l|
+00000360 5d dd 43 24 9d 6e 5d 64 d3 54 30 aa 98 c3 7e 21 |].C$.n]d.T0...~!|
+00000370 05 06 fc 3b eb 52 12 36 6b 2e e1 32 5a 59 30 a7 |...;.R.6k..2ZY0.|
+00000380 b0 bb 52 1a 36 e6 78 20 84 8c cf 0d 90 da c7 88 |..R.6.x ........|
+00000390 c4 2f bc b4 b6 03 1b 34 9b c8 12 db bc 87 95 d3 |./.....4........|
+000003a0 84 4e 41 c1 de 2f 4c 66 d9 13 fc 78 31 05 6c 67 |.NA../Lf...x1.lg|
+000003b0 e3 3d 28 36 0f fe 5f 45 29 d2 1b 4d a5 60 dc f7 |.=(6.._E)..M.`..|
+000003c0 20 74 cf f5 7b 3f f7 58 53 0c 64 7d 3f c6 f1 ac | t..{?.XS.d}?...|
+000003d0 a9 1b 60 d8 ea a5 32 11 23 6d 66 19 70 2b fa ce |..`...2.#mf.p+..|
+000003e0 c8 f6 9d cc 12 83 a1 e1 4b be 98 d3 c2 56 65 34 |........K....Ve4|
+000003f0 73 3a b3 6e d8 2c db 3b 17 03 03 00 35 e6 ce 17 |s:.n.,.;....5...|
+00000400 e5 92 38 9e 00 2d 66 bf a9 e2 13 66 01 af 64 15 |..8..-f....f..d.|
+00000410 8d da 6b f3 a7 f6 5c 76 e1 f4 c4 2f dc 93 c4 3c |..k...\v.../...<|
+00000420 69 5a 30 e5 db 5a b5 0b 98 4e 43 a3 51 ba 41 9d |iZ0..Z...NC.Q.A.|
+00000430 18 c0 |..|
+>>> Flow 3 (client to server)
+00000000 14 03 03 00 01 01 17 03 03 02 11 24 0f 0c cc 6a |...........$...j|
+00000010 8e 07 9c d7 f9 84 55 cc 79 a7 c1 c5 fb 6e 29 5e |......U.y....n)^|
+00000020 31 e1 b1 00 c0 c9 a8 94 59 75 f4 b5 86 7c a4 8c |1.......Yu...|..|
+00000030 8d 79 dd 42 45 67 69 f5 fb f0 02 54 f5 8f 1a 86 |.y.BEgi....T....|
+00000040 2f a0 4e 9b 68 e2 69 36 48 cb 8e cc 26 fa 1b 60 |/.N.h.i6H...&..`|
+00000050 c8 f3 b7 7c 36 dd 59 71 a3 f8 9a 7a bc 8a e1 10 |...|6.Yq...z....|
+00000060 8f 6d 69 60 07 b6 62 6d d3 2b fa a4 81 eb ae 3f |.mi`..bm.+.....?|
+00000070 9d 7e 1d d7 d1 89 24 4e 7e 65 4b d2 37 58 b2 56 |.~....$N~eK.7X.V|
+00000080 a1 8e 10 73 44 9c f1 c7 60 97 49 99 e2 82 74 58 |...sD...`.I...tX|
+00000090 e3 1f 41 ec 1d 13 85 f1 95 98 39 cb d1 51 f7 0e |..A.......9..Q..|
+000000a0 fe e4 fa 04 20 1a f2 c5 ae 64 9d eb f8 ff 03 ce |.... ....d......|
+000000b0 ca 12 7c dd a6 b4 2c a3 eb 8e 83 2c cf 77 6b 82 |..|...,....,.wk.|
+000000c0 68 77 58 5d 3e ef 01 0b 78 e9 37 b0 36 9c 62 44 |hwX]>...x.7.6.bD|
+000000d0 88 ae f1 5a d7 93 81 0a 84 cf 4f 3b db 05 41 92 |...Z......O;..A.|
+000000e0 4d 31 3d 06 9e 73 11 43 de 3e ec b8 b0 48 99 84 |M1=..s.C.>...H..|
+000000f0 bc 0c 7c 86 93 03 d5 5f c5 21 34 a5 cc c7 d5 42 |..|...._.!4....B|
+00000100 1d 69 94 53 39 d9 56 07 40 46 44 89 e6 95 8d e9 |.i.S9.V.@FD.....|
+00000110 ca 6d f0 e0 2a 22 70 bc e7 7f 8e 15 0c 56 51 e3 |.m..*"p......VQ.|
+00000120 46 5c b9 66 c5 8b 07 d3 f0 bb 84 fe 71 d6 a2 90 |F\.f........q...|
+00000130 d9 ec 46 00 82 10 38 9c 8f 35 e5 48 d8 82 7f 65 |..F...8..5.H...e|
+00000140 68 f5 42 48 74 6b 29 79 f3 32 b6 a1 aa 42 73 e3 |h.BHtk)y.2...Bs.|
+00000150 c3 f6 fc 76 9e 32 59 26 a6 75 4a dc 65 23 73 10 |...v.2Y&.uJ.e#s.|
+00000160 35 79 a5 41 7b 72 d5 cd 33 1f 7d 98 b3 39 4b f6 |5y.A{r..3.}..9K.|
+00000170 e8 09 ed d6 62 a0 48 b5 76 47 2e 7e 1a 5d 75 6d |....b.H.vG.~.]um|
+00000180 c2 98 22 17 b1 8f 2e a5 a2 b3 b3 5e d9 89 c5 a0 |.."........^....|
+00000190 46 2a ac af 20 66 e9 f3 02 84 26 51 c0 0a 2e 0c |F*.. f....&Q....|
+000001a0 d3 90 3c 9f 19 3f 25 3e 7d 3a 38 6f f3 ce 2f c4 |..<..?%>}:8o../.|
+000001b0 7b 84 e4 d5 c2 c8 90 54 6d 2c 59 70 34 44 53 25 |{......Tm,Yp4DS%|
+000001c0 ee ee d6 7e 13 30 1e 09 ff f2 79 bd 7c a1 af a9 |...~.0....y.|...|
+000001d0 a9 7b 51 6a d8 17 41 22 f5 d0 5d 84 00 a7 5f 1a |.{Qj..A"..]..._.|
+000001e0 b6 15 98 de f4 bd cd fe 70 38 5c 0f 44 60 5a 7d |........p8\.D`Z}|
+000001f0 be df 6e 56 bb 83 0b 10 fa 5d 3a 2c 9e 4a 00 7f |..nV.....]:,.J..|
+00000200 ec f4 42 52 52 95 5e e1 bd cc cf a0 45 c2 79 2c |..BRR.^.....E.y,|
+00000210 10 4d 14 35 ad bd 18 d4 b1 aa 09 65 17 03 03 00 |.M.5.......e....|
+00000220 99 a4 2c 7a c2 25 ba 3b a2 84 1f e8 a0 d1 5c c4 |..,z.%.;......\.|
+00000230 bb c6 f8 fc eb 19 3e f5 e6 53 9f c3 35 d3 7a 00 |......>..S..5.z.|
+00000240 68 e1 e0 2f 73 75 d7 2d df 44 aa 34 43 bf 66 c1 |h../su.-.D.4C.f.|
+00000250 31 0d e6 86 f8 71 6b 71 ac 89 c5 26 cf d9 1e 43 |1....qkq...&...C|
+00000260 33 c3 48 68 e0 4d f5 d5 69 ff fc 02 47 cc 91 41 |3.Hh.M..i...G..A|
+00000270 83 41 58 04 2a 02 53 3c 3b 0a 4c 18 16 00 fd e8 |.AX.*.S<;.L.....|
+00000280 64 54 0d 34 a1 3d a5 4b bd c2 54 17 c3 5a 82 7a |dT.4.=.K..T..Z.z|
+00000290 55 5d a9 57 63 62 ef 8b 3a 75 f2 cd 34 ef d6 30 |U].Wcb..:u..4..0|
+000002a0 08 7f 03 0b c3 eb 29 94 88 11 38 42 40 6f bf cc |......)...8B@o..|
+000002b0 d4 01 3f 8a 90 11 f9 da fd 9e 17 03 03 00 35 7d |..?...........5}|
+000002c0 2d 12 d7 58 d0 76 43 25 d1 8d 5c 5c b1 7f fa 48 |-..X.vC%..\\...H|
+000002d0 a9 21 48 02 64 76 91 6c 79 7e b9 22 33 f7 32 cb |.!H.dv.ly~."3.2.|
+000002e0 50 22 78 02 96 4e 2d f6 09 68 06 8e 44 e6 fd 7f |P"x..N-..h..D...|
+000002f0 cf 0a 7e a3 17 03 03 00 17 84 cd d8 f2 e2 38 2e |..~...........8.|
+00000300 57 e5 47 76 48 50 34 9e 65 d4 c6 1d 7d b3 4e 91 |W.GvHP4.e...}.N.|
+00000310 17 03 03 00 13 e5 05 98 5b 87 5d db ae 89 38 2c |........[.]...8,|
+00000320 35 89 31 14 73 cd 16 54 |5.1.s..T|
diff --git a/src/crypto/tls/testdata/Server-TLSv12-ClientAuthRequestedAndGiven-PSS-Disabled b/src/crypto/tls/testdata/Server-TLSv12-ClientAuthRequestedAndGiven-PSS-Disabled
new file mode 100644
index 0000000000..cb626a1104
--- /dev/null
+++ b/src/crypto/tls/testdata/Server-TLSv12-ClientAuthRequestedAndGiven-PSS-Disabled
@@ -0,0 +1,126 @@
+>>> Flow 1 (client to server)
+00000000 16 03 01 00 97 01 00 00 93 03 03 9e b1 2a 26 04 |.............*&.|
+00000010 8d 66 df 43 cb 0a 85 80 4f f2 99 7d 80 20 64 7e |.f.C....O..}. d~|
+00000020 30 a0 bb 60 ac 0e d4 ce f0 ae 98 00 00 04 00 2f |0..`.........../|
+00000030 00 ff 01 00 00 66 00 00 00 0e 00 0c 00 00 09 31 |.....f.........1|
+00000040 32 37 2e 30 2e 30 2e 31 00 0b 00 04 03 00 01 02 |27.0.0.1........|
+00000050 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 00 18 |................|
+00000060 00 16 00 00 00 17 00 00 00 0d 00 30 00 2e 04 03 |...........0....|
+00000070 05 03 06 03 08 07 08 08 08 09 08 0a 08 0b 08 04 |................|
+00000080 08 05 08 06 04 01 05 01 06 01 03 03 02 03 03 01 |................|
+00000090 02 01 03 02 02 02 04 02 05 02 06 02 |............|
+>>> Flow 2 (server to client)
+00000000 16 03 03 00 31 02 00 00 2d 03 03 00 00 00 00 00 |....1...-.......|
+00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
+00000020 00 00 00 44 4f 57 4e 47 52 44 01 00 00 2f 00 00 |...DOWNGRD.../..|
+00000030 05 ff 01 00 01 00 16 03 03 02 59 0b 00 02 55 00 |..........Y...U.|
+00000040 02 52 00 02 4f 30 82 02 4b 30 82 01 b4 a0 03 02 |.R..O0..K0......|
+00000050 01 02 02 09 00 e8 f0 9d 3f e2 5b ea a6 30 0d 06 |........?.[..0..|
+00000060 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 1f 31 0b |.*.H........0.1.|
+00000070 30 09 06 03 55 04 0a 13 02 47 6f 31 10 30 0e 06 |0...U....Go1.0..|
+00000080 03 55 04 03 13 07 47 6f 20 52 6f 6f 74 30 1e 17 |.U....Go Root0..|
+00000090 0d 31 36 30 31 30 31 30 30 30 30 30 30 5a 17 0d |.160101000000Z..|
+000000a0 32 35 30 31 30 31 30 30 30 30 30 30 5a 30 1a 31 |250101000000Z0.1|
+000000b0 0b 30 09 06 03 55 04 0a 13 02 47 6f 31 0b 30 09 |.0...U....Go1.0.|
+000000c0 06 03 55 04 03 13 02 47 6f 30 81 9f 30 0d 06 09 |..U....Go0..0...|
+000000d0 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 |*.H............0|
+000000e0 81 89 02 81 81 00 db 46 7d 93 2e 12 27 06 48 bc |.......F}...'.H.|
+000000f0 06 28 21 ab 7e c4 b6 a2 5d fe 1e 52 45 88 7a 36 |.(!.~...]..RE.z6|
+00000100 47 a5 08 0d 92 42 5b c2 81 c0 be 97 79 98 40 fb |G....B[.....y.@.|
+00000110 4f 6d 14 fd 2b 13 8b c2 a5 2e 67 d8 d4 09 9e d6 |Om..+.....g.....|
+00000120 22 38 b7 4a 0b 74 73 2b c2 34 f1 d1 93 e5 96 d9 |"8.J.ts+.4......|
+00000130 74 7b f3 58 9f 6c 61 3c c0 b0 41 d4 d9 2b 2b 24 |t{.X.la<..A..++$|
+00000140 23 77 5b 1c 3b bd 75 5d ce 20 54 cf a1 63 87 1d |#w[.;.u]. T..c..|
+00000150 1e 24 c4 f3 1d 1a 50 8b aa b6 14 43 ed 97 a7 75 |.$....P....C...u|
+00000160 62 f4 14 c8 52 d7 02 03 01 00 01 a3 81 93 30 81 |b...R.........0.|
+00000170 90 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 05 |.0...U..........|
+00000180 a0 30 1d 06 03 55 1d 25 04 16 30 14 06 08 2b 06 |.0...U.%..0...+.|
+00000190 01 05 05 07 03 01 06 08 2b 06 01 05 05 07 03 02 |........+.......|
+000001a0 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 19 |0...U.......0.0.|
+000001b0 06 03 55 1d 0e 04 12 04 10 9f 91 16 1f 43 43 3e |..U..........CC>|
+000001c0 49 a6 de 6d b6 80 d7 9f 60 30 1b 06 03 55 1d 23 |I..m....`0...U.#|
+000001d0 04 14 30 12 80 10 48 13 49 4d 13 7e 16 31 bb a3 |..0...H.IM.~.1..|
+000001e0 01 d5 ac ab 6e 7b 30 19 06 03 55 1d 11 04 12 30 |....n{0...U....0|
+000001f0 10 82 0e 65 78 61 6d 70 6c 65 2e 67 6f 6c 61 6e |...example.golan|
+00000200 67 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 |g0...*.H........|
+00000210 03 81 81 00 9d 30 cc 40 2b 5b 50 a0 61 cb ba e5 |.....0.@+[P.a...|
+00000220 53 58 e1 ed 83 28 a9 58 1a a9 38 a4 95 a1 ac 31 |SX...(.X..8....1|
+00000230 5a 1a 84 66 3d 43 d3 2d d9 0b f2 97 df d3 20 64 |Z..f=C.-...... d|
+00000240 38 92 24 3a 00 bc cf 9c 7d b7 40 20 01 5f aa d3 |8.$:....}.@ ._..|
+00000250 16 61 09 a2 76 fd 13 c3 cc e1 0c 5c ee b1 87 82 |.a..v......\....|
+00000260 f1 6c 04 ed 73 bb b3 43 77 8d 0c 1c f1 0f a1 d8 |.l..s..Cw.......|
+00000270 40 83 61 c9 4c 72 2b 9d ae db 46 06 06 4d f4 c1 |@.a.Lr+...F..M..|
+00000280 b3 3e c0 d1 bd 42 d4 db fe 3d 13 60 84 5c 21 d3 |.>...B...=.`.\!.|
+00000290 3b e9 fa e7 16 03 03 00 1b 0d 00 00 17 02 01 40 |;..............@|
+000002a0 00 10 04 01 04 03 05 01 05 03 06 01 06 03 02 01 |................|
+000002b0 02 03 00 00 16 03 03 00 04 0e 00 00 00 |.............|
+>>> Flow 3 (client to server)
+00000000 16 03 03 01 fd 0b 00 01 f9 00 01 f6 00 01 f3 30 |...............0|
+00000010 82 01 ef 30 82 01 58 a0 03 02 01 02 02 10 5c 19 |...0..X.......\.|
+00000020 c1 89 65 83 55 6f dc 0b c9 b9 93 9f e9 bc 30 0d |..e.Uo........0.|
+00000030 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 12 31 |..*.H........0.1|
+00000040 10 30 0e 06 03 55 04 0a 13 07 41 63 6d 65 20 43 |.0...U....Acme C|
+00000050 6f 30 1e 17 0d 31 36 30 38 31 37 32 31 35 32 33 |o0...16081721523|
+00000060 31 5a 17 0d 31 37 30 38 31 37 32 31 35 32 33 31 |1Z..170817215231|
+00000070 5a 30 12 31 10 30 0e 06 03 55 04 0a 13 07 41 63 |Z0.1.0...U....Ac|
+00000080 6d 65 20 43 6f 30 81 9f 30 0d 06 09 2a 86 48 86 |me Co0..0...*.H.|
+00000090 f7 0d 01 01 01 05 00 03 81 8d 00 30 81 89 02 81 |...........0....|
+000000a0 81 00 ba 6f aa 86 bd cf bf 9f f2 ef 5c 94 60 78 |...o........\.`x|
+000000b0 6f e8 13 f2 d1 96 6f cd d9 32 6e 22 37 ce 41 f9 |o.....o..2n"7.A.|
+000000c0 ca 5d 29 ac e1 27 da 61 a2 ee 81 cb 10 c7 df 34 |.])..'.a.......4|
+000000d0 58 95 86 e9 3d 19 e6 5c 27 73 60 c8 8d 78 02 f4 |X...=..\'s`..x..|
+000000e0 1d a4 98 09 a3 19 70 69 3c 25 62 66 2a ab 22 23 |......pi<%bf*."#|
+000000f0 c5 7b 85 38 4f 2e 09 73 32 a7 bd 3e 9b ad ca 84 |.{.8O..s2..>....|
+00000100 07 e6 0f 3a ff 77 c5 9d 41 85 00 8a b6 9b ee b0 |...:.w..A.......|
+00000110 a4 3f 2d 4c 4c e6 42 3e bb 51 c8 dd 48 54 f4 0c |.?-LL.B>.Q..HT..|
+00000120 8e 47 02 03 01 00 01 a3 46 30 44 30 0e 06 03 55 |.G......F0D0...U|
+00000130 1d 0f 01 01 ff 04 04 03 02 05 a0 30 13 06 03 55 |...........0...U|
+00000140 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 07 03 01 |.%..0...+.......|
+00000150 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 0f |0...U.......0.0.|
+00000160 06 03 55 1d 11 04 08 30 06 87 04 7f 00 00 01 30 |..U....0.......0|
+00000170 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 81 |...*.H..........|
+00000180 81 00 46 ab 44 a2 fb 28 54 f8 5a 67 f8 62 94 f1 |..F.D..(T.Zg.b..|
+00000190 9a b2 18 9e f2 b1 de 1d 7e 6f 76 95 a9 ba e7 5d |........~ov....]|
+000001a0 a8 16 6c 9c f7 09 d3 37 e4 4b 2b 36 7c 01 ad 41 |..l....7.K+6|..A|
+000001b0 d2 32 d8 c3 d2 93 f9 10 6b 8e 95 b9 2c 17 8a a3 |.2......k...,...|
+000001c0 44 48 bc 59 13 83 16 04 88 a4 81 5c 25 0d 98 0c |DH.Y.......\%...|
+000001d0 ac 11 b1 28 56 be 1d cd 61 62 84 09 bf d6 80 c6 |...(V...ab......|
+000001e0 45 8d 82 2c b4 d8 83 9b db c9 22 b7 2a 12 11 7b |E..,......".*..{|
+000001f0 fa 02 3b c1 c9 ff ea c9 9d a8 49 d3 95 d7 d5 0e |..;.......I.....|
+00000200 e5 35 16 03 03 00 86 10 00 00 82 00 80 3f 1b ee |.5...........?..|
+00000210 02 ec a5 9f 6e 38 69 2c b7 03 89 65 b4 92 79 a0 |....n8i,...e..y.|
+00000220 b2 0b ab 9b 44 9c 68 d1 8e 5c 40 9c b5 1c a5 70 |....D.h..\@....p|
+00000230 00 a2 2e fb 98 b7 45 7b 9c 63 46 68 1d 55 9e 01 |......E{.cFh.U..|
+00000240 7f 84 31 62 07 c4 2f 20 5f 1a 94 8c 1f f4 3a 6d |..1b../ _.....:m|
+00000250 a8 2b b8 08 5b ec 27 e3 49 9e 51 b3 66 98 09 ba |.+..[.'.I.Q.f...|
+00000260 64 65 c8 3c 11 fb 14 4a c9 ea 3c 5e 52 10 a0 0b |de.<...J..<^R...|
+00000270 a9 fc 10 13 c9 99 0c a0 8b b4 40 66 0e 11 5e 1d |..........@f..^.|
+00000280 8b 45 5c 4d 0d 39 39 f6 0c 59 8f 06 99 16 03 03 |.E\M.99..Y......|
+00000290 00 88 0f 00 00 84 04 01 00 80 71 1c 9c fd b2 c9 |..........q.....|
+000002a0 b9 7f f3 51 e2 63 96 08 56 d2 bd 19 61 9f 3f be |...Q.c..V...a.?.|
+000002b0 e5 4c 22 a8 3f 81 98 2d 67 56 4e 2d 61 6e 51 e5 |.L".?..-gVN-anQ.|
+000002c0 11 24 bd 1b 38 ba dc 8c 76 51 1d 3c 6e 81 50 9a |.$..8...vQ.<n.P.|
+000002d0 b5 24 9c d8 af f7 80 8a 51 43 ec b3 59 18 bd ea |.$......QC..Y...|
+000002e0 8a be af 11 c8 ac 60 88 e3 67 a2 ae c2 95 16 47 |......`..g.....G|
+000002f0 2b e2 ea 42 0a 0a 3f 2b 8b c8 ec 9d e7 b2 a6 ee |+..B..?+........|
+00000300 f4 9b ba 28 47 e2 30 ae 05 89 09 65 3d b6 54 8a |...(G.0....e=.T.|
+00000310 4a df d4 fa a5 4c 30 38 53 f2 14 03 03 00 01 01 |J....L08S.......|
+00000320 16 03 03 00 40 97 50 23 88 56 0d d4 1b ba 6f 3e |....@.P#.V....o>|
+00000330 8d 82 6c f3 04 55 2c 13 d9 5b 0a 73 88 4f 8b 3c |..l..U,..[.s.O.<|
+00000340 cd ef 1a a7 15 7c 33 bb ff fa 01 c4 87 d7 df 47 |.....|3........G|
+00000350 37 b6 fe 1d e6 82 c2 8a 33 b1 c9 ae 85 45 c8 0d |7.......3....E..|
+00000360 38 47 69 2d 54 |8Gi-T|
+>>> Flow 4 (server to client)
+00000000 14 03 03 00 01 01 16 03 03 00 40 00 00 00 00 00 |..........@.....|
+00000010 00 00 00 00 00 00 00 00 00 00 00 20 98 12 44 63 |........... ..Dc|
+00000020 e7 77 e6 e8 c0 c7 d7 b6 f7 c4 4e 13 e3 79 af 33 |.w........N..y.3|
+00000030 3b 6c 86 22 c5 9e dd 25 74 e5 7b 37 fb 24 c6 48 |;l."...%t.{7.$.H|
+00000040 c9 74 a7 9b 9b 32 a7 c1 b9 bb e0 17 03 03 00 40 |.t...2.........@|
+00000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
+00000060 80 d7 ec 51 cf ae d4 1a af 11 59 d1 0c 62 a6 67 |...Q......Y..b.g|
+00000070 2e 6f 18 23 29 75 92 07 b1 16 09 8f 2d f8 04 fe |.o.#)u......-...|
+00000080 ce 71 2c b6 00 fd 7b 53 cb 6d 97 06 06 e6 af f4 |.q,...{S.m......|
+00000090 15 03 03 00 30 00 00 00 00 00 00 00 00 00 00 00 |....0...........|
+000000a0 00 00 00 00 00 73 14 3a 87 3b ca 3a 2b b2 52 30 |.....s.:.;.:+.R0|
+000000b0 98 62 88 1b a7 58 66 47 66 72 fd bb b6 b7 6b 99 |.b...XfGfr....k.|
+000000c0 20 ab e9 22 62 | .."b|
diff --git a/src/crypto/tls/testdata/Server-TLSv12-ClientAuthRequestedAndGiven-PSS-Disabled-Required b/src/crypto/tls/testdata/Server-TLSv12-ClientAuthRequestedAndGiven-PSS-Disabled-Required
new file mode 100644
index 0000000000..86d5415cc8
--- /dev/null
+++ b/src/crypto/tls/testdata/Server-TLSv12-ClientAuthRequestedAndGiven-PSS-Disabled-Required
@@ -0,0 +1,74 @@
+>>> Flow 1 (client to server)
+00000000 16 03 01 00 97 01 00 00 93 03 03 d7 9c de f8 62 |...............b|
+00000010 7e 32 5b bc d5 12 35 89 42 37 be ca 55 74 24 61 |~2[...5.B7..Ut$a|
+00000020 c0 50 91 0f 1b 42 29 9f c1 6a cb 00 00 04 00 2f |.P...B)..j...../|
+00000030 00 ff 01 00 00 66 00 00 00 0e 00 0c 00 00 09 31 |.....f.........1|
+00000040 32 37 2e 30 2e 30 2e 31 00 0b 00 04 03 00 01 02 |27.0.0.1........|
+00000050 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 00 18 |................|
+00000060 00 16 00 00 00 17 00 00 00 0d 00 30 00 2e 04 03 |...........0....|
+00000070 05 03 06 03 08 07 08 08 08 09 08 0a 08 0b 08 04 |................|
+00000080 08 05 08 06 04 01 05 01 06 01 03 03 02 03 03 01 |................|
+00000090 02 01 03 02 02 02 04 02 05 02 06 02 |............|
+>>> Flow 2 (server to client)
+00000000 16 03 03 00 31 02 00 00 2d 03 03 00 00 00 00 00 |....1...-.......|
+00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
+00000020 00 00 00 44 4f 57 4e 47 52 44 01 00 00 2f 00 00 |...DOWNGRD.../..|
+00000030 05 ff 01 00 01 00 16 03 03 02 59 0b 00 02 55 00 |..........Y...U.|
+00000040 02 52 00 02 4f 30 82 02 4b 30 82 01 b4 a0 03 02 |.R..O0..K0......|
+00000050 01 02 02 09 00 e8 f0 9d 3f e2 5b ea a6 30 0d 06 |........?.[..0..|
+00000060 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 1f 31 0b |.*.H........0.1.|
+00000070 30 09 06 03 55 04 0a 13 02 47 6f 31 10 30 0e 06 |0...U....Go1.0..|
+00000080 03 55 04 03 13 07 47 6f 20 52 6f 6f 74 30 1e 17 |.U....Go Root0..|
+00000090 0d 31 36 30 31 30 31 30 30 30 30 30 30 5a 17 0d |.160101000000Z..|
+000000a0 32 35 30 31 30 31 30 30 30 30 30 30 5a 30 1a 31 |250101000000Z0.1|
+000000b0 0b 30 09 06 03 55 04 0a 13 02 47 6f 31 0b 30 09 |.0...U....Go1.0.|
+000000c0 06 03 55 04 03 13 02 47 6f 30 81 9f 30 0d 06 09 |..U....Go0..0...|
+000000d0 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 |*.H............0|
+000000e0 81 89 02 81 81 00 db 46 7d 93 2e 12 27 06 48 bc |.......F}...'.H.|
+000000f0 06 28 21 ab 7e c4 b6 a2 5d fe 1e 52 45 88 7a 36 |.(!.~...]..RE.z6|
+00000100 47 a5 08 0d 92 42 5b c2 81 c0 be 97 79 98 40 fb |G....B[.....y.@.|
+00000110 4f 6d 14 fd 2b 13 8b c2 a5 2e 67 d8 d4 09 9e d6 |Om..+.....g.....|
+00000120 22 38 b7 4a 0b 74 73 2b c2 34 f1 d1 93 e5 96 d9 |"8.J.ts+.4......|
+00000130 74 7b f3 58 9f 6c 61 3c c0 b0 41 d4 d9 2b 2b 24 |t{.X.la<..A..++$|
+00000140 23 77 5b 1c 3b bd 75 5d ce 20 54 cf a1 63 87 1d |#w[.;.u]. T..c..|
+00000150 1e 24 c4 f3 1d 1a 50 8b aa b6 14 43 ed 97 a7 75 |.$....P....C...u|
+00000160 62 f4 14 c8 52 d7 02 03 01 00 01 a3 81 93 30 81 |b...R.........0.|
+00000170 90 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 05 |.0...U..........|
+00000180 a0 30 1d 06 03 55 1d 25 04 16 30 14 06 08 2b 06 |.0...U.%..0...+.|
+00000190 01 05 05 07 03 01 06 08 2b 06 01 05 05 07 03 02 |........+.......|
+000001a0 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 19 |0...U.......0.0.|
+000001b0 06 03 55 1d 0e 04 12 04 10 9f 91 16 1f 43 43 3e |..U..........CC>|
+000001c0 49 a6 de 6d b6 80 d7 9f 60 30 1b 06 03 55 1d 23 |I..m....`0...U.#|
+000001d0 04 14 30 12 80 10 48 13 49 4d 13 7e 16 31 bb a3 |..0...H.IM.~.1..|
+000001e0 01 d5 ac ab 6e 7b 30 19 06 03 55 1d 11 04 12 30 |....n{0...U....0|
+000001f0 10 82 0e 65 78 61 6d 70 6c 65 2e 67 6f 6c 61 6e |...example.golan|
+00000200 67 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 |g0...*.H........|
+00000210 03 81 81 00 9d 30 cc 40 2b 5b 50 a0 61 cb ba e5 |.....0.@+[P.a...|
+00000220 53 58 e1 ed 83 28 a9 58 1a a9 38 a4 95 a1 ac 31 |SX...(.X..8....1|
+00000230 5a 1a 84 66 3d 43 d3 2d d9 0b f2 97 df d3 20 64 |Z..f=C.-...... d|
+00000240 38 92 24 3a 00 bc cf 9c 7d b7 40 20 01 5f aa d3 |8.$:....}.@ ._..|
+00000250 16 61 09 a2 76 fd 13 c3 cc e1 0c 5c ee b1 87 82 |.a..v......\....|
+00000260 f1 6c 04 ed 73 bb b3 43 77 8d 0c 1c f1 0f a1 d8 |.l..s..Cw.......|
+00000270 40 83 61 c9 4c 72 2b 9d ae db 46 06 06 4d f4 c1 |@.a.Lr+...F..M..|
+00000280 b3 3e c0 d1 bd 42 d4 db fe 3d 13 60 84 5c 21 d3 |.>...B...=.`.\!.|
+00000290 3b e9 fa e7 16 03 03 00 1b 0d 00 00 17 02 01 40 |;..............@|
+000002a0 00 10 04 01 04 03 05 01 05 03 06 01 06 03 02 01 |................|
+000002b0 02 03 00 00 16 03 03 00 04 0e 00 00 00 |.............|
+>>> Flow 3 (client to server)
+00000000 16 03 03 00 07 0b 00 00 03 00 00 00 16 03 03 00 |................|
+00000010 86 10 00 00 82 00 80 1d c6 6c b0 b9 b3 41 06 80 |.........l...A..|
+00000020 e0 f5 df 06 ae 0f 2f 5f 72 14 44 47 16 c4 f0 a6 |....../_r.DG....|
+00000030 68 be fa ee ec 9b 38 b0 e4 bd a3 e9 ca 18 5b 25 |h.....8.......[%|
+00000040 33 31 57 86 63 59 0e ce 10 77 f8 42 a6 5c ad 3f |31W.cY...w.B.\.?|
+00000050 80 85 a5 c1 06 4c 36 aa f3 ee 62 39 66 69 76 51 |.....L6...b9fivQ|
+00000060 57 cc a0 b1 35 81 d5 38 01 2d 83 0e 2e 6b a9 84 |W...5..8.-...k..|
+00000070 0d 8b 29 93 90 78 2d 0d 33 5f 85 0d 00 0c e2 5f |..)..x-.3_....._|
+00000080 83 21 28 27 83 ad 9d 19 2d 01 35 6d 85 2e 8d 6b |.!('....-.5m...k|
+00000090 eb 7a cd 8a 3f 42 e2 14 03 03 00 01 01 16 03 03 |.z..?B..........|
+000000a0 00 40 5e 19 0f d0 4c 17 e0 25 e6 6b a1 d9 ea 59 |.@^...L..%.k...Y|
+000000b0 f4 3a 55 84 2c 50 1e 53 47 78 45 b8 97 f7 7f 3d |.:U.,P.SGxE....=|
+000000c0 af d9 7a ad 30 30 77 1a 93 05 19 5b 9b 13 70 e0 |..z.00w....[..p.|
+000000d0 e0 f8 ba 6a bd 74 c5 71 0d 5a 2c 3f 2d 98 1a 3c |...j.t.q.Z,?-..<|
+000000e0 5a 7d |Z}|
+>>> Flow 4 (server to client)
+00000000 15 03 03 00 02 02 2a |......*|
diff --git a/src/crypto/tls/testdata/Server-TLSv12-RSA-PSS-Disabled b/src/crypto/tls/testdata/Server-TLSv12-RSA-PSS-Disabled
new file mode 100644
index 0000000000..302e64e60f
--- /dev/null
+++ b/src/crypto/tls/testdata/Server-TLSv12-RSA-PSS-Disabled
@@ -0,0 +1,84 @@
+>>> Flow 1 (client to server)
+00000000 16 03 01 00 cb 01 00 00 c7 03 03 ed 3d 3e 10 95 |............=>..|
+00000010 8b 6f 6c be 5c b7 77 c0 79 91 f8 b3 6f 52 27 18 |.ol.\.w.y...oR'.|
+00000020 0a b7 88 52 df 3c 6c 87 b4 5a 4c 00 00 38 c0 2c |...R.<l..ZL..8.,|
+00000030 c0 30 00 9f cc a9 cc a8 cc aa c0 2b c0 2f 00 9e |.0.........+./..|
+00000040 c0 24 c0 28 00 6b c0 23 c0 27 00 67 c0 0a c0 14 |.$.(.k.#.'.g....|
+00000050 00 39 c0 09 c0 13 00 33 00 9d 00 9c 00 3d 00 3c |.9.....3.....=.<|
+00000060 00 35 00 2f 00 ff 01 00 00 66 00 00 00 0e 00 0c |.5./.....f......|
+00000070 00 00 09 31 32 37 2e 30 2e 30 2e 31 00 0b 00 04 |...127.0.0.1....|
+00000080 03 00 01 02 00 0a 00 0c 00 0a 00 1d 00 17 00 1e |................|
+00000090 00 19 00 18 00 16 00 00 00 17 00 00 00 0d 00 30 |...............0|
+000000a0 00 2e 04 03 05 03 06 03 08 07 08 08 08 09 08 0a |................|
+000000b0 08 0b 08 04 08 05 08 06 04 01 05 01 06 01 03 03 |................|
+000000c0 02 03 03 01 02 01 03 02 02 02 04 02 05 02 06 02 |................|
+>>> Flow 2 (server to client)
+00000000 16 03 03 00 31 02 00 00 2d 03 03 00 00 00 00 00 |....1...-.......|
+00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
+00000020 00 00 00 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 |...DOWNGRD...0..|
+00000030 05 ff 01 00 01 00 16 03 03 02 59 0b 00 02 55 00 |..........Y...U.|
+00000040 02 52 00 02 4f 30 82 02 4b 30 82 01 b4 a0 03 02 |.R..O0..K0......|
+00000050 01 02 02 09 00 e8 f0 9d 3f e2 5b ea a6 30 0d 06 |........?.[..0..|
+00000060 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 1f 31 0b |.*.H........0.1.|
+00000070 30 09 06 03 55 04 0a 13 02 47 6f 31 10 30 0e 06 |0...U....Go1.0..|
+00000080 03 55 04 03 13 07 47 6f 20 52 6f 6f 74 30 1e 17 |.U....Go Root0..|
+00000090 0d 31 36 30 31 30 31 30 30 30 30 30 30 5a 17 0d |.160101000000Z..|
+000000a0 32 35 30 31 30 31 30 30 30 30 30 30 5a 30 1a 31 |250101000000Z0.1|
+000000b0 0b 30 09 06 03 55 04 0a 13 02 47 6f 31 0b 30 09 |.0...U....Go1.0.|
+000000c0 06 03 55 04 03 13 02 47 6f 30 81 9f 30 0d 06 09 |..U....Go0..0...|
+000000d0 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 |*.H............0|
+000000e0 81 89 02 81 81 00 db 46 7d 93 2e 12 27 06 48 bc |.......F}...'.H.|
+000000f0 06 28 21 ab 7e c4 b6 a2 5d fe 1e 52 45 88 7a 36 |.(!.~...]..RE.z6|
+00000100 47 a5 08 0d 92 42 5b c2 81 c0 be 97 79 98 40 fb |G....B[.....y.@.|
+00000110 4f 6d 14 fd 2b 13 8b c2 a5 2e 67 d8 d4 09 9e d6 |Om..+.....g.....|
+00000120 22 38 b7 4a 0b 74 73 2b c2 34 f1 d1 93 e5 96 d9 |"8.J.ts+.4......|
+00000130 74 7b f3 58 9f 6c 61 3c c0 b0 41 d4 d9 2b 2b 24 |t{.X.la<..A..++$|
+00000140 23 77 5b 1c 3b bd 75 5d ce 20 54 cf a1 63 87 1d |#w[.;.u]. T..c..|
+00000150 1e 24 c4 f3 1d 1a 50 8b aa b6 14 43 ed 97 a7 75 |.$....P....C...u|
+00000160 62 f4 14 c8 52 d7 02 03 01 00 01 a3 81 93 30 81 |b...R.........0.|
+00000170 90 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 05 |.0...U..........|
+00000180 a0 30 1d 06 03 55 1d 25 04 16 30 14 06 08 2b 06 |.0...U.%..0...+.|
+00000190 01 05 05 07 03 01 06 08 2b 06 01 05 05 07 03 02 |........+.......|
+000001a0 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 19 |0...U.......0.0.|
+000001b0 06 03 55 1d 0e 04 12 04 10 9f 91 16 1f 43 43 3e |..U..........CC>|
+000001c0 49 a6 de 6d b6 80 d7 9f 60 30 1b 06 03 55 1d 23 |I..m....`0...U.#|
+000001d0 04 14 30 12 80 10 48 13 49 4d 13 7e 16 31 bb a3 |..0...H.IM.~.1..|
+000001e0 01 d5 ac ab 6e 7b 30 19 06 03 55 1d 11 04 12 30 |....n{0...U....0|
+000001f0 10 82 0e 65 78 61 6d 70 6c 65 2e 67 6f 6c 61 6e |...example.golan|
+00000200 67 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 |g0...*.H........|
+00000210 03 81 81 00 9d 30 cc 40 2b 5b 50 a0 61 cb ba e5 |.....0.@+[P.a...|
+00000220 53 58 e1 ed 83 28 a9 58 1a a9 38 a4 95 a1 ac 31 |SX...(.X..8....1|
+00000230 5a 1a 84 66 3d 43 d3 2d d9 0b f2 97 df d3 20 64 |Z..f=C.-...... d|
+00000240 38 92 24 3a 00 bc cf 9c 7d b7 40 20 01 5f aa d3 |8.$:....}.@ ._..|
+00000250 16 61 09 a2 76 fd 13 c3 cc e1 0c 5c ee b1 87 82 |.a..v......\....|
+00000260 f1 6c 04 ed 73 bb b3 43 77 8d 0c 1c f1 0f a1 d8 |.l..s..Cw.......|
+00000270 40 83 61 c9 4c 72 2b 9d ae db 46 06 06 4d f4 c1 |@.a.Lr+...F..M..|
+00000280 b3 3e c0 d1 bd 42 d4 db fe 3d 13 60 84 5c 21 d3 |.>...B...=.`.\!.|
+00000290 3b e9 fa e7 16 03 03 00 ac 0c 00 00 a8 03 00 1d |;...............|
+000002a0 20 2f e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 | /.}.G.bC.(.._.)|
+000002b0 07 30 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b |.0.........._X.;|
+000002c0 74 04 01 00 80 a5 a9 75 be 51 ff dc b3 bb 77 79 |t......u.Q....wy|
+000002d0 ef 5b 9f d9 27 6c 76 ea ce 5c 66 20 03 2e 94 fd |.[..'lv..\f ....|
+000002e0 28 94 69 ff 06 ab bd 34 43 51 72 fb 15 42 e6 38 |(.i....4CQr..B.8|
+000002f0 c5 7a 5d 7f 35 a7 3c 85 ec df 95 23 0f 28 c7 dc |.z].5.<....#.(..|
+00000300 0e a6 ec fe 5e 77 3f 95 1d a7 73 1d d8 7b 68 92 |....^w?...s..{h.|
+00000310 5b a5 b8 ba f5 7c a5 60 2e 43 d6 60 64 3e 33 c7 |[....|.`.C.`d>3.|
+00000320 8b c2 56 68 e3 28 2b 2e 8b 9a 85 29 77 73 24 3e |..Vh.(+....)ws$>|
+00000330 2b 95 b8 40 a7 f1 60 b5 9e 85 3e 1d ae ab 7f 85 |+..@..`...>.....|
+00000340 63 63 d1 cf 62 16 03 03 00 04 0e 00 00 00 |cc..b.........|
+>>> Flow 3 (client to server)
+00000000 16 03 03 00 25 10 00 00 21 20 43 dd 3e 28 34 9f |....%...! C.>(4.|
+00000010 a9 0c 8e 14 66 01 a1 dd 15 8e 71 b4 05 83 d9 a3 |....f.....q.....|
+00000020 5f 5c a3 31 ad 5c d5 5a ad 56 14 03 03 00 01 01 |_\.1.\.Z.V......|
+00000030 16 03 03 00 28 f3 ad d2 ec 9e 1e 85 2d 96 5f bc |....(.......-._.|
+00000040 70 cc 0a c2 22 ef 0a fe fb b0 77 f1 59 59 08 a6 |p...".....w.YY..|
+00000050 57 39 16 00 82 0b 60 1e 9a 74 75 3a 8a |W9....`..tu:.|
+>>> Flow 4 (server to client)
+00000000 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 |..........(.....|
+00000010 00 00 00 cf 63 14 29 73 c7 7b 6c 98 50 db 5f 8e |....c.)s.{l.P._.|
+00000020 f4 de 68 bc c0 60 2c db 9e 1f d9 48 55 51 05 47 |..h..`,....HUQ.G|
+00000030 7e 43 37 17 03 03 00 25 00 00 00 00 00 00 00 01 |~C7....%........|
+00000040 67 0a e7 77 dd 1a 30 87 27 90 b0 42 31 42 09 53 |g..w..0.'..B1B.S|
+00000050 03 bf 0c 10 3a c3 a7 95 e9 6e 63 57 ad 15 03 03 |....:....ncW....|
+00000060 00 1a 00 00 00 00 00 00 00 02 d5 1a ac 66 50 93 |.............fP.|
+00000070 46 0a da 98 1f cc 30 40 c1 47 c7 88 |F.....0@.G..|
diff --git a/src/crypto/tls/testdata/Server-TLSv12-RSA-PSS-Disabled-Required b/src/crypto/tls/testdata/Server-TLSv12-RSA-PSS-Disabled-Required
new file mode 100644
index 0000000000..9e9570fed0
--- /dev/null
+++ b/src/crypto/tls/testdata/Server-TLSv12-RSA-PSS-Disabled-Required
@@ -0,0 +1,54 @@
+>>> Flow 1 (client to server)
+00000000 16 03 01 00 91 01 00 00 8d 03 03 5a 8a 66 22 31 |...........Z.f"1|
+00000010 69 92 30 d5 7b 7c 17 a7 7c 14 d6 3c a9 9e ba dd |i.0.{|..|..<....|
+00000020 7c 73 fe b4 b4 dd d8 28 39 32 0d 00 00 2a c0 30 ||s.....(92...*.0|
+00000030 00 9f cc a8 cc aa c0 2f 00 9e c0 28 00 6b c0 27 |......./...(.k.'|
+00000040 00 67 c0 14 00 39 c0 13 00 33 00 9d 00 9c 00 3d |.g...9...3.....=|
+00000050 00 3c 00 35 00 2f 00 ff 01 00 00 3a 00 00 00 0e |.<.5./.....:....|
+00000060 00 0c 00 00 09 31 32 37 2e 30 2e 30 2e 31 00 0b |.....127.0.0.1..|
+00000070 00 04 03 00 01 02 00 0a 00 0c 00 0a 00 1d 00 17 |................|
+00000080 00 1e 00 19 00 18 00 16 00 00 00 17 00 00 00 0d |................|
+00000090 00 04 00 02 08 04 |......|
+>>> Flow 2 (server to client)
+00000000 16 03 03 00 31 02 00 00 2d 03 03 00 00 00 00 00 |....1...-.......|
+00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
+00000020 00 00 00 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 |...DOWNGRD...0..|
+00000030 05 ff 01 00 01 00 16 03 03 02 59 0b 00 02 55 00 |..........Y...U.|
+00000040 02 52 00 02 4f 30 82 02 4b 30 82 01 b4 a0 03 02 |.R..O0..K0......|
+00000050 01 02 02 09 00 e8 f0 9d 3f e2 5b ea a6 30 0d 06 |........?.[..0..|
+00000060 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 1f 31 0b |.*.H........0.1.|
+00000070 30 09 06 03 55 04 0a 13 02 47 6f 31 10 30 0e 06 |0...U....Go1.0..|
+00000080 03 55 04 03 13 07 47 6f 20 52 6f 6f 74 30 1e 17 |.U....Go Root0..|
+00000090 0d 31 36 30 31 30 31 30 30 30 30 30 30 5a 17 0d |.160101000000Z..|
+000000a0 32 35 30 31 30 31 30 30 30 30 30 30 5a 30 1a 31 |250101000000Z0.1|
+000000b0 0b 30 09 06 03 55 04 0a 13 02 47 6f 31 0b 30 09 |.0...U....Go1.0.|
+000000c0 06 03 55 04 03 13 02 47 6f 30 81 9f 30 0d 06 09 |..U....Go0..0...|
+000000d0 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 |*.H............0|
+000000e0 81 89 02 81 81 00 db 46 7d 93 2e 12 27 06 48 bc |.......F}...'.H.|
+000000f0 06 28 21 ab 7e c4 b6 a2 5d fe 1e 52 45 88 7a 36 |.(!.~...]..RE.z6|
+00000100 47 a5 08 0d 92 42 5b c2 81 c0 be 97 79 98 40 fb |G....B[.....y.@.|
+00000110 4f 6d 14 fd 2b 13 8b c2 a5 2e 67 d8 d4 09 9e d6 |Om..+.....g.....|
+00000120 22 38 b7 4a 0b 74 73 2b c2 34 f1 d1 93 e5 96 d9 |"8.J.ts+.4......|
+00000130 74 7b f3 58 9f 6c 61 3c c0 b0 41 d4 d9 2b 2b 24 |t{.X.la<..A..++$|
+00000140 23 77 5b 1c 3b bd 75 5d ce 20 54 cf a1 63 87 1d |#w[.;.u]. T..c..|
+00000150 1e 24 c4 f3 1d 1a 50 8b aa b6 14 43 ed 97 a7 75 |.$....P....C...u|
+00000160 62 f4 14 c8 52 d7 02 03 01 00 01 a3 81 93 30 81 |b...R.........0.|
+00000170 90 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 05 |.0...U..........|
+00000180 a0 30 1d 06 03 55 1d 25 04 16 30 14 06 08 2b 06 |.0...U.%..0...+.|
+00000190 01 05 05 07 03 01 06 08 2b 06 01 05 05 07 03 02 |........+.......|
+000001a0 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 19 |0...U.......0.0.|
+000001b0 06 03 55 1d 0e 04 12 04 10 9f 91 16 1f 43 43 3e |..U..........CC>|
+000001c0 49 a6 de 6d b6 80 d7 9f 60 30 1b 06 03 55 1d 23 |I..m....`0...U.#|
+000001d0 04 14 30 12 80 10 48 13 49 4d 13 7e 16 31 bb a3 |..0...H.IM.~.1..|
+000001e0 01 d5 ac ab 6e 7b 30 19 06 03 55 1d 11 04 12 30 |....n{0...U....0|
+000001f0 10 82 0e 65 78 61 6d 70 6c 65 2e 67 6f 6c 61 6e |...example.golan|
+00000200 67 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 |g0...*.H........|
+00000210 03 81 81 00 9d 30 cc 40 2b 5b 50 a0 61 cb ba e5 |.....0.@+[P.a...|
+00000220 53 58 e1 ed 83 28 a9 58 1a a9 38 a4 95 a1 ac 31 |SX...(.X..8....1|
+00000230 5a 1a 84 66 3d 43 d3 2d d9 0b f2 97 df d3 20 64 |Z..f=C.-...... d|
+00000240 38 92 24 3a 00 bc cf 9c 7d b7 40 20 01 5f aa d3 |8.$:....}.@ ._..|
+00000250 16 61 09 a2 76 fd 13 c3 cc e1 0c 5c ee b1 87 82 |.a..v......\....|
+00000260 f1 6c 04 ed 73 bb b3 43 77 8d 0c 1c f1 0f a1 d8 |.l..s..Cw.......|
+00000270 40 83 61 c9 4c 72 2b 9d ae db 46 06 06 4d f4 c1 |@.a.Lr+...F..M..|
+00000280 b3 3e c0 d1 bd 42 d4 db fe 3d 13 60 84 5c 21 d3 |.>...B...=.`.\!.|
+00000290 3b e9 fa e7 15 03 03 00 02 02 28 |;.........(|
diff --git a/src/crypto/tls/testdata/Server-TLSv13-ClientAuthRequestedAndGiven-PSS-Disabled b/src/crypto/tls/testdata/Server-TLSv13-ClientAuthRequestedAndGiven-PSS-Disabled
new file mode 100644
index 0000000000..89361f1557
--- /dev/null
+++ b/src/crypto/tls/testdata/Server-TLSv13-ClientAuthRequestedAndGiven-PSS-Disabled
@@ -0,0 +1,182 @@
+>>> Flow 1 (client to server)
+00000000 16 03 01 00 e0 01 00 00 dc 03 03 32 03 2a b3 ed |...........2.*..|
+00000010 c2 1a 71 f2 ff ea 0b 1c fa f9 c6 88 03 7c 84 89 |..q..........|..|
+00000020 4e 45 60 81 d9 58 dc 9f 0a 60 d1 20 ce 4d 59 a5 |NE`..X...`. .MY.|
+00000030 10 b1 76 53 f5 77 26 fd 17 08 f9 e5 14 03 c4 0a |..vS.w&.........|
+00000040 65 fd 83 bb a9 3b 24 05 24 1b ef 00 00 08 13 02 |e....;$.$.......|
+00000050 13 03 13 01 00 ff 01 00 00 8b 00 00 00 0e 00 0c |................|
+00000060 00 00 09 31 32 37 2e 30 2e 30 2e 31 00 0b 00 04 |...127.0.0.1....|
+00000070 03 00 01 02 00 0a 00 0c 00 0a 00 1d 00 17 00 1e |................|
+00000080 00 19 00 18 00 16 00 00 00 17 00 00 00 0d 00 1e |................|
+00000090 00 1c 04 03 05 03 06 03 08 07 08 08 08 09 08 0a |................|
+000000a0 08 0b 08 04 08 05 08 06 04 01 05 01 06 01 00 2b |...............+|
+000000b0 00 03 02 03 04 00 2d 00 02 01 01 00 33 00 26 00 |......-.....3.&.|
+000000c0 24 00 1d 00 20 06 b0 03 80 81 d6 e7 f4 31 85 4c |$... ........1.L|
+000000d0 e3 50 35 c1 df 6e 28 9f 38 ce c0 7b fc 71 00 8c |.P5..n(.8..{.q..|
+000000e0 9a 25 07 95 57 |.%..W|
+>>> Flow 2 (server to client)
+00000000 16 03 03 00 7a 02 00 00 76 03 03 00 00 00 00 00 |....z...v.......|
+00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
+00000020 00 00 00 00 00 00 00 00 00 00 00 20 ce 4d 59 a5 |........... .MY.|
+00000030 10 b1 76 53 f5 77 26 fd 17 08 f9 e5 14 03 c4 0a |..vS.w&.........|
+00000040 65 fd 83 bb a9 3b 24 05 24 1b ef 00 13 02 00 00 |e....;$.$.......|
+00000050 2e 00 2b 00 02 03 04 00 33 00 24 00 1d 00 20 2f |..+.....3.$... /|
+00000060 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0|
+00000070 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 14 |.........._X.;t.|
+00000080 03 03 00 01 01 17 03 03 00 17 ad ce ff 21 b8 39 |.............!.9|
+00000090 16 f6 10 6e 8d 6c 0f 46 2f 58 55 b3 e4 4f 2d 5c |...n.l.F/XU..O-\|
+000000a0 26 17 03 03 00 3c fd 24 07 75 28 2b f2 ec d9 74 |&....<.$.u(+...t|
+000000b0 f0 76 e4 02 e6 02 bd 47 58 0f 68 60 ac 6c 59 a8 |.v.....GX.h`.lY.|
+000000c0 87 94 b9 cb c3 fa 41 15 4c 95 b8 58 da 8c d9 ea |......A.L..X....|
+000000d0 3a ab 0c 06 83 a5 2b d1 39 6f 32 92 bf e1 c0 f4 |:.....+.9o2.....|
+000000e0 49 51 17 03 03 02 6d 22 dc 8c fc ae 21 96 41 17 |IQ....m"....!.A.|
+000000f0 45 93 6e 08 61 6b 46 b9 9a cf 2e 79 a8 1a 46 30 |E.n.akF....y..F0|
+00000100 a4 de 3d 53 87 bf 57 3a 44 4f 5b 3f c9 b2 f0 0e |..=S..W:DO[?....|
+00000110 56 5f 5a ee 5a 1f df cc fe f3 54 ab 87 d7 bb 00 |V_Z.Z.....T.....|
+00000120 2c 61 de ad 31 9c d4 cf 43 bf e7 84 d1 1d 3c cb |,a..1...C.....<.|
+00000130 82 d1 81 9d 13 90 6b c8 fd 01 53 4f 13 a5 91 a4 |......k...SO....|
+00000140 fe 20 ce 2c 34 96 62 b7 6f f0 f0 65 f0 01 18 99 |. .,4.b.o..e....|
+00000150 31 3d cb c6 72 6f 54 d6 ec fa a3 dd 94 67 6b b9 |1=..roT......gk.|
+00000160 ff 2c 41 ba 00 d5 25 ba b1 7a e5 d2 1c 0b 37 ad |.,A...%..z....7.|
+00000170 df 0b 62 be b3 69 5b 84 39 2d 72 c2 b9 ec 68 87 |..b..i[.9-r...h.|
+00000180 32 23 92 4b a8 f0 17 25 0f d7 86 97 45 65 73 e1 |2#.K...%....Ees.|
+00000190 49 c4 3c 8d 26 43 34 06 4c be 50 76 ae 63 6f 1d |I.<.&C4.L.Pv.co.|
+000001a0 ed 57 93 5a 7f 98 e2 1e 5f 94 74 a2 54 59 63 12 |.W.Z...._.t.TYc.|
+000001b0 bb 8b df 77 20 3a 9c ea c7 40 b0 cf 8e 7f f8 98 |...w :...@......|
+000001c0 06 92 38 be 77 11 17 03 c2 ac af fc 8d 7d d5 6b |..8.w........}.k|
+000001d0 f7 2b 7a f3 b8 dc b0 cf 3e f7 c5 f4 b3 34 4b 06 |.+z.....>....4K.|
+000001e0 c6 ed b5 dc 0c 2d 4e bc 03 94 cc 03 f2 9f 5d c6 |.....-N.......].|
+000001f0 57 36 5a 01 81 65 27 75 1d 4f 22 9f b5 da 7f e2 |W6Z..e'u.O".....|
+00000200 7d 36 f3 4b 05 3f 40 47 c6 1b af e6 99 c0 ca 35 |}6.K.?@G.......5|
+00000210 98 c8 30 60 7b 42 4e e7 5c 90 28 d7 4e db f3 78 |..0`{BN.\.(.N..x|
+00000220 22 e2 a3 86 0c 9e 19 43 0e 89 d4 f6 78 38 21 16 |"......C....x8!.|
+00000230 84 38 36 6a 2d a5 94 2c 52 2b 00 de 67 16 e8 89 |.86j-..,R+..g...|
+00000240 32 21 0e fd b0 23 91 06 8b fa 82 70 21 bc 1f 29 |2!...#.....p!..)|
+00000250 32 af f4 b9 15 7f aa 22 c1 e8 e3 2c 92 b4 d8 2a |2......"...,...*|
+00000260 64 58 f4 f1 85 85 14 92 f3 16 8e 2d 5b a6 7e ef |dX.........-[.~.|
+00000270 22 5a 58 bb 4c f1 36 70 2f ca 03 df fb 0a d0 03 |"ZX.L.6p/.......|
+00000280 55 5d d9 6b 63 48 d2 75 82 d4 56 af 17 5a 60 4f |U].kcH.u..V..Z`O|
+00000290 af 8b 17 d6 fd 96 be 3d 82 25 0e 73 2e 58 0e 0a |.......=.%.s.X..|
+000002a0 5c 2d c8 f5 17 b0 ae 7d 39 90 cb 75 bb 4b 33 22 |\-.....}9..u.K3"|
+000002b0 bd a2 02 00 70 43 a8 54 ee 7c 25 d5 d7 88 08 f6 |....pC.T.|%.....|
+000002c0 3f 34 61 55 f5 d3 53 0c 8c b1 9b fd 4e d9 65 7a |?4aU..S.....N.ez|
+000002d0 2b 6e b4 d5 37 34 18 f3 14 00 9f 56 40 d9 15 ea |+n..74.....V@...|
+000002e0 59 5a 4b 4a bb f7 19 72 60 4a 08 8f 75 d6 7b a4 |YZKJ...r`J..u.{.|
+000002f0 de 79 c5 21 1a cb 82 97 b3 88 d8 ae 65 30 cc 56 |.y.!........e0.V|
+00000300 da a3 04 5c 63 f4 44 a5 eb 05 55 ad 78 46 44 ac |...\c.D...U.xFD.|
+00000310 56 2e f6 f7 eb 47 f6 f1 62 8d df 27 7d 86 5e 58 |V....G..b..'}.^X|
+00000320 5f 4c 34 6e f6 c0 fd 56 7d 46 82 5d 53 db 2a 84 |_L4n...V}F.]S.*.|
+00000330 45 db e7 9c b9 23 32 59 cf 85 f7 12 c5 e8 9e 3c |E....#2Y.......<|
+00000340 2d 3f 81 a5 24 cf 36 ad d6 65 02 35 84 de 43 f8 |-?..$.6..e.5..C.|
+00000350 04 e2 8b ae 17 03 03 00 99 ce e8 48 a3 34 5e fb |...........H.4^.|
+00000360 76 f1 e4 3b da 94 0a 25 ee 78 f6 31 24 10 05 25 |v..;...%.x.1$..%|
+00000370 9c e5 ca fc ef c5 66 86 08 15 d8 69 75 d8 49 e9 |......f....iu.I.|
+00000380 9b 86 71 3f 1f 41 ee f0 bc 8d 4e aa bc 30 f0 8f |..q?.A....N..0..|
+00000390 7b b1 94 7e aa 74 3f eb 23 c5 c9 aa 9a c3 f7 12 |{..~.t?.#.......|
+000003a0 23 30 95 2e e1 1b 9c fe 8b 50 b1 d9 17 cf af a1 |#0.......P......|
+000003b0 ff ce 8d fa 7e bd 23 59 d0 7a fb 30 12 f4 8d 86 |....~.#Y.z.0....|
+000003c0 0c 3c fd 03 50 d4 7f bb f6 fa ba 1d fc 32 cc 7e |.<..P........2.~|
+000003d0 12 3a 33 90 c6 82 5d 6a 90 23 6d b8 e6 60 7d d3 |.:3...]j.#m..`}.|
+000003e0 a8 f0 0c 75 bc b5 67 68 ed 58 ef 4d ac 91 47 c9 |...u..gh.X.M..G.|
+000003f0 c4 bc 17 03 03 00 45 ae 0d 8d 76 8d 28 34 1b 09 |......E...v.(4..|
+00000400 4d d5 df 2e aa f8 ff 71 b2 0e 60 a1 ce 8a 58 9c |M......q..`...X.|
+00000410 45 64 31 6c 9b 46 66 64 27 98 e6 f3 93 e8 92 81 |Ed1l.Ffd'.......|
+00000420 3d 4f db da 98 72 0d b7 71 27 ac 2b 61 81 97 0b |=O...r..q'.+a...|
+00000430 e7 ae 32 d7 e2 66 4d 5d f7 01 d0 77 |..2..fM]...w|
+>>> Flow 3 (client to server)
+00000000 14 03 03 00 01 01 17 03 03 02 11 f6 03 90 9e bc |................|
+00000010 dc 00 9b f9 dd 7b 65 dd b0 69 b4 b5 42 fc 25 f2 |.....{e..i..B.%.|
+00000020 2b 7e be 52 1a 4b f1 e4 21 94 0d 88 4a 58 07 37 |+~.R.K..!...JX.7|
+00000030 67 c7 e3 c4 62 eb 17 57 5d 52 d4 a9 03 39 0e 7d |g...b..W]R...9.}|
+00000040 d0 c3 1a 8d ef ec b7 a8 9b 93 50 0d 7f fd a1 10 |..........P.....|
+00000050 b6 82 99 21 3f e3 3d 3d 47 04 c3 cd a7 b3 ab e0 |...!?.==G.......|
+00000060 f6 33 47 0e 1c 30 36 45 21 32 34 c2 2c 72 20 72 |.3G..06E!24.,r r|
+00000070 b6 c7 5b 95 8a 97 84 54 2e d0 5f d5 80 e7 8f 7a |..[....T.._....z|
+00000080 6f 50 96 8a 33 13 c6 97 85 25 47 6b 8a b2 a0 29 |oP..3....%Gk...)|
+00000090 cd 7f 0e 38 94 53 08 8b c3 2f 89 a2 10 c2 22 5a |...8.S.../...."Z|
+000000a0 95 42 a3 45 73 a8 d0 ac 6d ba 95 a4 51 63 b9 b4 |.B.Es...m...Qc..|
+000000b0 79 61 be dd c6 ab 97 72 38 30 63 55 a7 7d 9a eb |ya.....r80cU.}..|
+000000c0 bb 5a f6 d0 3d 05 81 5d 0e e5 7a 8b ae fe d2 3b |.Z..=..]..z....;|
+000000d0 db 85 3a 13 81 ee 36 b3 ff 41 47 d1 67 bf 17 5e |..:...6..AG.g..^|
+000000e0 9d a3 4c 92 51 a9 1b 4b ca 13 f6 ee 8a e5 b3 01 |..L.Q..K........|
+000000f0 e7 87 ee 1e 2a 9e 56 3d 01 7e 0f cb e5 d6 ea 13 |....*.V=.~......|
+00000100 05 3e 8c 5a 24 d0 36 6b 54 9f 8e 3f 07 73 a0 bf |.>.Z$.6kT..?.s..|
+00000110 84 c2 90 72 ce 48 50 49 47 27 b3 14 56 5c c7 63 |...r.HPIG'..V\.c|
+00000120 7e 7e b5 8f 9d 6d 70 32 6f 3f 4d 53 80 ae f6 2b |~~...mp2o?MS...+|
+00000130 fb c9 7a de 76 aa 68 a3 9b a9 a7 47 55 d0 cb f8 |..z.v.h....GU...|
+00000140 e8 c4 1c f5 0f 54 82 5b c5 45 18 41 05 da 72 ce |.....T.[.E.A..r.|
+00000150 84 d1 8b 00 40 e9 f9 cf b5 d5 3e 71 ee 25 dc 7d |....@.....>q.%.}|
+00000160 3b 00 67 68 9d 78 d2 c0 7b cb 5d 9e 79 2c b5 f4 |;.gh.x..{.].y,..|
+00000170 1b ea b8 d8 de bd 36 71 2a 26 49 44 1b 5b 92 ad |......6q*&ID.[..|
+00000180 1c 2d 2f ab 8e 15 d7 b3 96 89 da 58 77 75 42 32 |.-/........XwuB2|
+00000190 c3 6b f1 5e 0b da 91 71 1e d5 f1 dd 32 d8 b6 a5 |.k.^...q....2...|
+000001a0 21 a1 1d 5e b1 df 01 37 33 ac 93 11 94 6d b8 e6 |!..^...73....m..|
+000001b0 3b be 86 31 da cf b6 ab cd f5 12 4f 85 45 24 06 |;..1.......O.E$.|
+000001c0 34 40 7b c5 f8 5f c3 f9 3b cf 9d 2a b3 2e 65 e4 |4@{.._..;..*..e.|
+000001d0 0e ed fc 7c b4 2b 32 bf 0e 8f b3 85 93 74 8b e8 |...|.+2......t..|
+000001e0 25 e0 47 c0 d8 52 8e c9 ed 7f 16 41 3f b3 79 d8 |%.G..R.....A?.y.|
+000001f0 d1 47 19 ae fb ab 97 a5 b2 42 7c a0 73 ad 4f 62 |.G.......B|.s.Ob|
+00000200 cf 35 52 7c d6 47 b8 1f e9 65 b0 99 f7 67 e7 64 |.5R|.G...e...g.d|
+00000210 14 83 46 c7 90 6e 4d 01 3a c2 e6 19 17 03 03 00 |..F..nM.:.......|
+00000220 99 a5 e0 38 3a 91 4a 1d 87 9a eb a6 95 87 35 fc |...8:.J.......5.|
+00000230 ae 42 8d 3a fe f6 39 f3 c2 c2 f0 9a f5 8f b5 75 |.B.:..9........u|
+00000240 18 6b 84 c0 5b 96 6a 9c 0c aa 81 fc 9a 2e 01 f7 |.k..[.j.........|
+00000250 d8 b1 5d 4a 54 cf 79 90 fb 79 57 ff d9 d1 46 59 |..]JT.y..yW...FY|
+00000260 02 84 3d ee cc 68 ea 05 1d a2 79 fb 1d 1e d6 ad |..=..h....y.....|
+00000270 5b 95 3b 6b 9a c9 07 e5 e4 20 07 6a a0 74 c8 1a |[.;k..... .j.t..|
+00000280 31 53 a4 e6 bb bb 28 61 47 41 d5 f3 45 38 71 86 |1S....(aGA..E8q.|
+00000290 35 12 f4 8a f2 e4 e9 ae 96 a9 14 ce 8a 1c 5d 59 |5.............]Y|
+000002a0 3c d7 3a e7 93 35 c2 53 9f d8 4d cb 98 bd e1 72 |<.:..5.S..M....r|
+000002b0 a8 80 55 a6 cd 9c 50 41 ec 50 17 03 03 00 45 2d |..U...PA.P....E-|
+000002c0 90 3b 73 cc 24 52 ad 22 90 0e 7d bf 2a a2 44 09 |.;s.$R."..}.*.D.|
+000002d0 e2 43 61 f2 48 9b 73 85 00 05 8b 0a 51 ad a0 c0 |.Ca.H.s.....Q...|
+000002e0 64 ef 5e 11 86 37 b0 32 af 11 f7 98 7b 74 39 90 |d.^..7.2....{t9.|
+000002f0 fa d0 32 f3 fe 4d 01 6b 78 75 31 7e 67 4f 61 0f |..2..M.kxu1~gOa.|
+00000300 bb c6 3e c0 |..>.|
+>>> Flow 4 (server to client)
+00000000 17 03 03 02 9b f5 b2 d6 62 fe e0 c8 8d cc 7a cd |........b.....z.|
+00000010 29 51 b2 77 0d 9a 54 fb 43 6d f6 9c e1 ff 28 be |)Q.w..T.Cm....(.|
+00000020 fc 50 68 80 2f 1c 4f 50 44 95 64 49 0a 66 fe 79 |.Ph./.OPD.dI.f.y|
+00000030 46 ba 88 e9 03 be 5c 91 60 84 78 03 a8 c6 21 90 |F.....\.`.x...!.|
+00000040 cd 79 de 2d 2f 81 dd 08 1f 52 1a 0e d8 69 16 22 |.y.-/....R...i."|
+00000050 a6 59 5b 2b 85 08 00 16 e7 85 bd 43 9a cc ce e6 |.Y[+.......C....|
+00000060 3a ee 70 25 0b 95 90 4b c0 42 4a 48 25 d3 50 92 |:.p%...K.BJH%.P.|
+00000070 19 e1 3e b8 72 c5 a1 e8 dd 9f a4 57 2d b0 a6 24 |..>.r......W-..$|
+00000080 8b 8c 55 41 f3 26 45 dd dd 2b d3 15 8d d9 ca e4 |..UA.&E..+......|
+00000090 15 6e b5 6d 99 79 ba 46 00 e6 5e 75 52 fd f9 26 |.n.m.y.F..^uR..&|
+000000a0 cf cd 69 cf be 29 a7 b9 7d 1b 1d 6b ab 17 ee 4e |..i..)..}..k...N|
+000000b0 f5 24 b0 89 0f b5 c7 41 4e ea cd 32 98 47 23 bc |.$.....AN..2.G#.|
+000000c0 91 03 b1 23 e0 5c 5e 37 40 95 da 90 ef eb 95 81 |...#.\^7@.......|
+000000d0 7b 2d c7 15 8f f8 2d ba 69 41 0e a9 eb 19 6c 6c |{-....-.iA....ll|
+000000e0 73 b0 05 fc b9 f4 76 91 2b 6a 72 fa d6 e5 87 a9 |s.....v.+jr.....|
+000000f0 90 49 81 8c d5 fa 78 a2 a1 8f 77 c7 35 78 1b ba |.I....x...w.5x..|
+00000100 ac 3c 41 51 ce 4e 99 c9 74 a0 bc 51 12 b5 15 2c |.<AQ.N..t..Q...,|
+00000110 8e 36 6e e1 c9 bb 0f d2 fd 00 97 56 de 66 a9 19 |.6n........V.f..|
+00000120 c7 2f 18 e5 67 b4 34 73 9e b2 6f 68 26 8d 2f da |./..g.4s..oh&./.|
+00000130 92 bd 52 13 32 3c 49 80 8c c7 3c 11 9d 9f 05 c0 |..R.2<I...<.....|
+00000140 aa 5d 63 33 8e 07 60 20 6a 01 1f 5a 16 45 4d ba |.]c3..` j..Z.EM.|
+00000150 b0 2a 5c 26 b1 ea 26 72 59 c5 b0 59 8a 1a cb 9a |.*\&..&rY..Y....|
+00000160 6a 54 55 06 75 37 a0 c9 04 4e 2f 61 de ef b5 df |jTU.u7...N/a....|
+00000170 68 ae 42 03 29 91 e3 1d a0 6b 18 4d 17 23 3d 61 |h.B.)....k.M.#=a|
+00000180 87 72 06 9f 45 98 0d 1e f7 f1 f5 f3 f7 04 a5 98 |.r..E...........|
+00000190 29 c2 2e 77 d9 2c 95 df 5d 3d 20 41 36 26 1b 46 |)..w.,..]= A6&.F|
+000001a0 ea 54 9e a3 96 05 ba f7 33 01 85 b0 d1 9f 78 3c |.T......3.....x<|
+000001b0 0f 73 0d 04 52 7f 02 f4 cb 79 f1 e2 d1 63 60 d6 |.s..R....y...c`.|
+000001c0 e1 34 05 23 79 c3 37 eb d0 5b ea bc f4 f9 bb 7a |.4.#y.7..[.....z|
+000001d0 85 9e 42 50 3c c8 f8 e6 f4 93 71 c2 6a 46 b9 26 |..BP<.....q.jF.&|
+000001e0 8c 17 b4 c9 65 00 fb 9a d6 54 ab e6 71 c1 1b 5a |....e....T..q..Z|
+000001f0 51 a2 6f df 0b 52 29 8c c3 ec 8e bf 31 36 93 7e |Q.o..R).....16.~|
+00000200 59 cc ca 49 71 dc ce 84 40 7d 43 81 5c 96 ed ca |Y..Iq...@}C.\...|
+00000210 d1 e6 15 40 cf 19 f4 ed 61 28 9a e3 6b e7 1c 9b |...@....a(..k...|
+00000220 c1 71 d0 46 ef 79 3b d8 35 e3 7b 47 3f a2 78 76 |.q.F.y;.5.{G?.xv|
+00000230 17 58 13 67 5f 4e f0 ed 2e e9 84 e1 92 0c a6 36 |.X.g_N.........6|
+00000240 5c 5b de 8e 5c 04 ed d4 a4 75 10 fd 85 9c e5 8e |\[..\....u......|
+00000250 ca 02 14 fb 91 8b 85 14 79 e5 97 1f 63 46 48 90 |........y...cFH.|
+00000260 26 c7 2f a2 c0 18 71 d9 2e e3 81 78 7b 74 67 e0 |&./...q....x{tg.|
+00000270 e1 ef 48 af 41 96 9f 1a 44 d8 6c 94 49 3e 9b 47 |..H.A...D.l.I>.G|
+00000280 71 63 2f 0c 94 c9 42 ac bc 4c 0a 16 fe 9a 90 eb |qc/...B..L......|
+00000290 02 75 16 1a 10 23 b2 75 67 c7 c5 17 55 9b cf 69 |.u...#.ug...U..i|
+000002a0 17 03 03 00 1e 45 8c ed 99 0f 8a 83 d8 89 70 49 |.....E........pI|
+000002b0 17 a8 fd 2b 6e ef ff 53 fa 99 52 89 ee 8b 19 f1 |...+n..S..R.....|
+000002c0 41 09 30 17 03 03 00 13 14 f0 f6 ef c5 f9 52 15 |A.0...........R.|
+000002d0 77 de 5e 46 63 8d 3b 2f 07 84 aa |w.^Fc.;/...|
diff --git a/src/crypto/tls/testdata/Server-TLSv13-RSA-PSS-Disabled b/src/crypto/tls/testdata/Server-TLSv13-RSA-PSS-Disabled
new file mode 100644
index 0000000000..c13db8d68a
--- /dev/null
+++ b/src/crypto/tls/testdata/Server-TLSv13-RSA-PSS-Disabled
@@ -0,0 +1,103 @@
+>>> Flow 1 (client to server)
+00000000 16 03 01 00 e0 01 00 00 dc 03 03 1e 9f 50 05 56 |.............P.V|
+00000010 a7 21 c8 df 56 a8 f3 bb e4 15 3b b0 04 e5 f5 10 |.!..V.....;.....|
+00000020 d8 5b 0e 68 d3 b4 39 64 b5 89 9c 20 5a 6b 29 6d |.[.h..9d... Zk)m|
+00000030 22 a0 e0 fb 7f 2d 87 48 e7 b4 c9 b3 5a d0 2b c7 |"....-.H....Z.+.|
+00000040 ad d8 e4 ad d5 eb 81 b3 1f 61 0e 65 00 08 13 02 |.........a.e....|
+00000050 13 03 13 01 00 ff 01 00 00 8b 00 00 00 0e 00 0c |................|
+00000060 00 00 09 31 32 37 2e 30 2e 30 2e 31 00 0b 00 04 |...127.0.0.1....|
+00000070 03 00 01 02 00 0a 00 0c 00 0a 00 1d 00 17 00 1e |................|
+00000080 00 19 00 18 00 16 00 00 00 17 00 00 00 0d 00 1e |................|
+00000090 00 1c 04 03 05 03 06 03 08 07 08 08 08 09 08 0a |................|
+000000a0 08 0b 08 04 08 05 08 06 04 01 05 01 06 01 00 2b |...............+|
+000000b0 00 03 02 03 04 00 2d 00 02 01 01 00 33 00 26 00 |......-.....3.&.|
+000000c0 24 00 1d 00 20 ba 67 99 b3 60 71 ed 6c bb 8d 7e |$... .g..`q.l..~|
+000000d0 4c c3 ea 37 6d 90 b6 f8 91 67 71 2c 84 a7 32 3a |L..7m....gq,..2:|
+000000e0 23 2a 90 13 35 |#*..5|
+>>> Flow 2 (server to client)
+00000000 16 03 03 00 7a 02 00 00 76 03 03 00 00 00 00 00 |....z...v.......|
+00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
+00000020 00 00 00 00 00 00 00 00 00 00 00 20 5a 6b 29 6d |........... Zk)m|
+00000030 22 a0 e0 fb 7f 2d 87 48 e7 b4 c9 b3 5a d0 2b c7 |"....-.H....Z.+.|
+00000040 ad d8 e4 ad d5 eb 81 b3 1f 61 0e 65 13 02 00 00 |.........a.e....|
+00000050 2e 00 2b 00 02 03 04 00 33 00 24 00 1d 00 20 2f |..+.....3.$... /|
+00000060 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0|
+00000070 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 14 |.........._X.;t.|
+00000080 03 03 00 01 01 17 03 03 00 17 d9 74 68 ee e6 54 |...........th..T|
+00000090 e3 7a 0e ee 86 c7 a8 bb c7 65 fc e4 c4 6c 58 7a |.z.......e...lXz|
+000000a0 1e 17 03 03 02 6d 98 c3 0c cc 80 fe ea 70 13 4e |.....m.......p.N|
+000000b0 2f f6 49 99 5f 27 0a f9 4d cf e5 1a 9a 37 fb e7 |/.I._'..M....7..|
+000000c0 3b a4 60 82 43 df fb fa 47 15 6f d8 db d2 3e c3 |;.`.C...G.o...>.|
+000000d0 dd a0 37 ca b2 b4 c9 1b 5c 86 4a e0 7e 06 1e 27 |..7.....\.J.~..'|
+000000e0 73 c6 cd 54 37 df 95 b1 c6 d5 44 85 2c 67 7d a7 |s..T7.....D.,g}.|
+000000f0 2a 7d 87 86 5e f3 e5 60 f8 7c de bf 78 89 35 9b |*}..^..`.|..x.5.|
+00000100 d1 0b 8a dd 6f 40 d8 5a 55 10 e2 71 b0 7a 5e 4b |....o@.ZU..q.z^K|
+00000110 86 18 be 18 a7 f8 8e c6 ae 8c 1e df bf 84 77 c5 |..............w.|
+00000120 dc b1 17 26 72 ea bb 9b 28 6c bf 19 8d 1a 22 90 |...&r...(l....".|
+00000130 0f 19 92 5b ff db 07 84 48 61 68 f0 50 20 76 a3 |...[....Hah.P v.|
+00000140 d3 f2 4a 3b 60 f5 73 cb 61 f7 11 63 f2 a7 0e 18 |..J;`.s.a..c....|
+00000150 30 96 d0 17 f1 2f 58 09 49 33 15 3e 31 e4 17 e8 |0..../X.I3.>1...|
+00000160 07 48 b5 43 06 40 60 4f a0 78 0d 51 0c 3f 0f 1a |.H.C.@`O.x.Q.?..|
+00000170 8c 95 7a 3e 36 66 36 22 dc 58 4e b7 3e 19 ad de |..z>6f6".XN.>...|
+00000180 c9 f9 b0 76 e4 e2 8c 04 27 6f 67 8f fe 86 b9 41 |...v....'og....A|
+00000190 53 7d 9f d1 e0 a6 0b ec fc c0 82 bf 00 36 28 4d |S}...........6(M|
+000001a0 20 3a e3 42 67 87 16 64 6c 4f e2 54 23 d1 0f 32 | :.Bg..dlO.T#..2|
+000001b0 e9 16 9a da 46 a6 39 18 d5 6e a6 93 25 de a1 77 |....F.9..n..%..w|
+000001c0 d9 26 b5 7c b4 85 8a 69 48 90 11 a9 8c 42 ca b8 |.&.|...iH....B..|
+000001d0 88 63 df ec 6c e3 9f 2c 29 75 9b 57 79 8b 69 66 |.c..l..,)u.Wy.if|
+000001e0 16 9e 93 48 04 8a 41 e0 8b 0e fb a5 9c fd 68 f6 |...H..A.......h.|
+000001f0 5f ab 89 11 e4 aa 4c 6c 92 df b3 a3 39 f0 38 d9 |_.....Ll....9.8.|
+00000200 7d 1b 42 13 ee d1 83 e2 20 3f 60 81 96 d9 63 2c |}.B..... ?`...c,|
+00000210 e8 54 a5 08 41 9b 1d 02 41 37 a2 ce 0c 9b 34 bf |.T..A...A7....4.|
+00000220 43 c5 ac 90 67 cd 6b b6 55 31 36 b1 2b 0e ed 8c |C...g.k.U16.+...|
+00000230 23 ae 71 b2 ab f3 94 68 f2 f6 87 d3 87 61 ca aa |#.q....h.....a..|
+00000240 0b 65 63 a1 11 dc 6d 74 33 c8 24 a6 ae 40 27 c7 |.ec...mt3.$..@'.|
+00000250 d4 06 51 89 15 35 66 21 b0 82 15 87 70 c5 b8 8d |..Q..5f!....p...|
+00000260 34 48 ff 41 e0 1a b0 46 f7 38 47 53 64 f7 a3 a2 |4H.A...F.8GSd...|
+00000270 61 96 72 ea 90 de 86 18 64 49 91 ed 97 05 e3 27 |a.r.....dI.....'|
+00000280 47 df ea 06 c6 28 f9 79 51 5e 64 b6 de 52 75 8a |G....(.yQ^d..Ru.|
+00000290 79 8d 8e a6 d5 b0 f1 a6 ab 76 44 25 4b 80 5e e4 |y........vD%K.^.|
+000002a0 d4 aa c6 2d 77 1a 49 52 16 d6 73 6b 18 2d d1 a6 |...-w.IR..sk.-..|
+000002b0 4c e1 be 4d f8 79 34 a1 4c 81 88 9c 4b 85 f3 28 |L..M.y4.L...K..(|
+000002c0 97 fc 3a 7e cf d4 81 2c d3 57 df 09 f5 49 f5 cf |..:~...,.W...I..|
+000002d0 c7 7c 22 b3 8e 95 0f 97 6d d1 56 e3 43 7e 52 0f |.|".....m.V.C~R.|
+000002e0 d4 da 3f e0 4e 06 b9 84 18 7d 7c 56 49 e0 d7 4a |..?.N....}|VI..J|
+000002f0 d6 df c4 70 0c 74 5b 1f 4d 76 28 cd 3b b0 9e 27 |...p.t[.Mv(.;..'|
+00000300 cc 6b 1a 13 41 1a 6b bf 0d 2d 93 b2 d5 7e 7e 25 |.k..A.k..-...~~%|
+00000310 0e 8a 9c 17 03 03 00 99 df 4b 8e 3e d0 14 be 76 |.........K.>...v|
+00000320 f1 d3 ca b1 39 c0 7e 6c 4f 8c d9 0d b8 83 07 39 |....9.~lO......9|
+00000330 08 55 13 1e 3d 68 0f 99 9f 9a 68 1f 57 6a aa 41 |.U..=h....h.Wj.A|
+00000340 a4 40 2b 12 f2 4b 6c db 3c 59 fa 99 5c e2 c7 2d |.@+..Kl.<Y..\..-|
+00000350 4b 55 4c 27 b1 6c bf 99 c3 36 1d 73 7a 8b fd bc |KUL'.l...6.sz...|
+00000360 93 77 27 f5 9e cd 10 61 bc 8d b5 bf 7b bb 69 00 |.w'....a....{.i.|
+00000370 f9 f0 d3 22 dd 4e 7d 12 5a 61 49 1d d4 29 14 43 |...".N}.ZaI..).C|
+00000380 e5 62 ab d8 c6 78 75 80 4b 7a 6b 3f af 4b 92 2a |.b...xu.Kzk?.K.*|
+00000390 23 29 da 85 c0 d7 35 03 9d ed 9c f7 83 39 cf cb |#)....5......9..|
+000003a0 0f 85 5e 9f 29 61 d8 a2 d0 cb 14 2d 71 50 6f d5 |..^.)a.....-qPo.|
+000003b0 c2 17 03 03 00 45 be 9b ee 5d e1 08 8a c2 d6 67 |.....E...].....g|
+000003c0 df 3b 84 50 28 30 69 bd 11 89 6a ab 02 ad d7 79 |.;.P(0i...j....y|
+000003d0 8b 2c 0a a9 9c ce e5 30 49 2d 59 82 e8 ee d3 03 |.,.....0I-Y.....|
+000003e0 77 d3 fc 22 dd 81 be e6 f4 22 36 8d 8e b1 7c 4a |w.."....."6...|J|
+000003f0 b9 9c 6a ea 3f f0 aa ac ec b6 c7 17 03 03 00 a3 |..j.?...........|
+00000400 69 e0 19 38 57 54 62 6c 28 d9 54 94 79 6e 7b 48 |i..8WTbl(.T.yn{H|
+00000410 25 55 7f 5f bb cc 91 07 30 47 55 9b f3 6e b9 ba |%U._....0GU..n..|
+00000420 50 65 9b e9 81 5d 53 20 cd 27 5d ee 92 93 01 8f |Pe...]S .'].....|
+00000430 5a d6 02 b9 26 1b 45 c3 40 26 6b 81 c3 ba 1e 3c |Z...&.E.@&k....<|
+00000440 e6 03 93 b0 18 fe 2d be 07 97 b1 a1 a7 55 8f d8 |......-......U..|
+00000450 96 7a 58 ad 7d c1 72 71 d9 25 07 56 22 9a 7a f9 |.zX.}.rq.%.V".z.|
+00000460 4a 1b 82 30 e9 fb b0 26 81 45 d2 45 5b 1c 7d 97 |J..0...&.E.E[.}.|
+00000470 89 6d 17 69 81 27 a6 4c be d0 78 1d b5 6c 3f 94 |.m.i.'.L..x..l?.|
+00000480 ef e4 6b ec 02 63 8b bf f9 00 8a 8a 46 43 5d e0 |..k..c......FC].|
+00000490 52 38 8c d5 76 d7 79 42 a3 6b 35 e2 45 f3 0f b5 |R8..v.yB.k5.E...|
+000004a0 9f 22 f9 |.".|
+>>> Flow 3 (client to server)
+00000000 14 03 03 00 01 01 17 03 03 00 45 4b 7c c5 9e c6 |..........EK|...|
+00000010 47 4a 90 d8 c2 c0 49 f7 3b c4 26 eb 15 18 9c bc |GJ....I.;.&.....|
+00000020 c8 44 f0 53 94 2f 0f c8 d7 c1 86 42 ed b7 8f 63 |.D.S./.....B...c|
+00000030 a0 97 5d 5b 15 01 3a 3d ca a6 d0 1a a4 77 cc 7e |..][..:=.....w.~|
+00000040 88 fd 0b c9 a0 46 b7 40 25 8a 03 6e 99 66 bb 84 |.....F.@%..n.f..|
+>>> Flow 4 (server to client)
+00000000 17 03 03 00 1e 6a 41 80 ca 72 5f c3 ee e1 88 49 |.....jA..r_....I|
+00000010 6d be a4 d9 26 07 5c 2b 2c a7 83 b5 c4 eb 4e 4b |m...&.\+,.....NK|
+00000020 a1 29 98 17 03 03 00 13 2a f9 33 6c 46 f7 9a 51 |.)......*.3lF..Q|
+00000030 1b 36 cd bc d8 5d 94 0d 9e 4b 72 |.6...]...Kr|
diff --git a/src/crypto/tls/tls_test.go b/src/crypto/tls/tls_test.go
index 9c26769b09..208c13c195 100644
--- a/src/crypto/tls/tls_test.go
+++ b/src/crypto/tls/tls_test.go
@@ -23,11 +23,15 @@ import (
"time"
)
+var savedSupportedSignatureAlgorithmsTLS12 = supportedSignatureAlgorithmsTLS12
+
func init() {
- // TLS 1.3 is opt-in for Go 1.12, but we want to run most tests with it enabled.
- // TestTLS13Switch below tests the disabled behavior. See Issue 30055.
+ // TLS 1.3 is opt-in for Go 1.12, and RSA-PSS is disabled in TLS 1.2, but we
+ // want to run most tests with both enabled. TestTLS13Switch below and the
+ // "PSS-Disabled" recordings test the disabled behavior. See Issue 30055.
tls13Support.Do(func() {}) // defuse the sync.Once
tls13Support.cached = true
+ supportedSignatureAlgorithmsTLS12 = supportedSignatureAlgorithms
}
var rsaCertPEM = `-----BEGIN CERTIFICATE-----
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion