Revert "crypto/tls: disable RSA-PSS in TLS 1.2"

In Go 1.13 we will enable RSA-PSS in TLS 1.2 at the same time as we make TLS 1.3 enabled by default. This reverts commit 7ccd3583. Updates #30055 Change-Id: I6f2ddf7652d1172a6b29f4e335ff3a71a89974bc Reviewed-on: https://go-review.googlesource.com/c/163080 Run-TryBot: Filippo Valsorda <filippo@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Adam Langley <agl@golang.org>

Revert "crypto/tls: disable RSA-PSS in TLS 1.2"
In Go 1.13 we will enable RSA-PSS in TLS 1.2 at the same time as we make TLS 1.3 enabled by default. This reverts commit 7ccd3583. Updates #30055 Change-Id: I6f2ddf7652d1172a6b29f4e335ff3a71a89974bc Reviewed-on: https://go-review.googlesource.com/c/163080 Run-TryBot: Filippo Valsorda <filippo@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Adam Langley <agl@golang.org>
88343530 · Filippo Valsorda · f31305b7 · 88343530 · 88343530 · 88343530
Commit 88343530 authored Feb 20, 2019 by Filippo Valsorda
14 changed files
--- a/src/crypto/tls/common.go
+++ b/src/crypto/tls/common.go
@@ -178,9 +178,6 @@ var supportedSignatureAlgorithms = []SignatureScheme{
 	ECDSAWithSHA1,
 }

-// RSA-PSS is disabled in TLS 1.2 for Go 1.12. See Issue 30055.
-var supportedSignatureAlgorithmsTLS12 = supportedSignatureAlgorithms[3:]
-
 // helloRetryRequestRandom is set as the Random value of a ServerHello
 // to signal that the message is actually a HelloRetryRequest.
 var helloRetryRequestRandom = []byte{ // See RFC 8446, Section 4.1.3.

--- a/src/crypto/tls/handshake_client_test.go
+++ b/src/crypto/tls/handshake_client_test.go
@@ -855,30 +855,6 @@ func TestHandshakeClientCertRSAPKCS1v15(t *testing.T) {
 	runClientTestTLS12(t, test)
 }

-func TestHandshakeClientCertPSSDisabled(t *testing.T) {
-	config := testConfig.Clone()
-	cert, _ := X509KeyPair([]byte(clientCertificatePEM), []byte(clientKeyPEM))
-	config.Certificates = []Certificate{cert}
-
-	test := &clientTest{
-		name:   "ClientCert-RSA-PSS-Disabled",
-		args:   []string{"-cipher", "AES128", "-Verify", "1"},
-		config: config,
-	}
-
-	// Restore the default signature algorithms, disabling RSA-PSS in TLS 1.2,
-	// and check that handshakes still work.
-	testSupportedSignatureAlgorithmsTLS12 := supportedSignatureAlgorithmsTLS12
-	defer func() { supportedSignatureAlgorithmsTLS12 = testSupportedSignatureAlgorithmsTLS12 }()
-	supportedSignatureAlgorithmsTLS12 = savedSupportedSignatureAlgorithmsTLS12
-
-	// Use t.Run to ensure the defer runs after all parallel tests end.
-	t.Run("", func(t *testing.T) {
-		runClientTestTLS12(t, test)
-		runClientTestTLS13(t, test)
-	})
-}
-
 func TestClientKeyUpdate(t *testing.T) {
 	test := &clientTest{
 		name:          "KeyUpdate",

--- a/src/crypto/tls/handshake_server.go
+++ b/src/crypto/tls/handshake_server.go
@@ -463,7 +463,7 @@ func (hs *serverHandshakeState) doFullHandshake() error {
 		}
 		if c.vers >= VersionTLS12 {
 			certReq.hasSignatureAlgorithm = true
-			certReq.supportedSignatureAlgorithms = supportedSignatureAlgorithmsTLS12
+			certReq.supportedSignatureAlgorithms = supportedSignatureAlgorithms
 		}

 		// An empty list of certificateAuthorities signals to
@@ -559,7 +559,7 @@ func (hs *serverHandshakeState) doFullHandshake() error {
 		}

 		// Determine the signature type.
-		_, sigType, hashFunc, err := pickSignatureAlgorithm(pub, []SignatureScheme{certVerify.signatureAlgorithm}, supportedSignatureAlgorithmsTLS12, c.vers)
+		_, sigType, hashFunc, err := pickSignatureAlgorithm(pub, []SignatureScheme{certVerify.signatureAlgorithm}, supportedSignatureAlgorithms, c.vers)
 		if err != nil {
 			c.sendAlert(alertIllegalParameter)
 			return err

--- a/src/crypto/tls/handshake_server_test.go
+++ b/src/crypto/tls/handshake_server_test.go
@@ -1211,33 +1211,6 @@ func TestHandshakeServerRSAPSS(t *testing.T) {
 	runServerTestTLS13(t, test)
 }

-func TestHandshakeServerPSSDisabled(t *testing.T) {
-	test := &serverTest{
-		name:    "RSA-PSS-Disabled",
-		command: []string{"openssl", "s_client", "-no_ticket"},
-		wait:    true,
-	}
-
-	// Restore the default signature algorithms, disabling RSA-PSS in TLS 1.2,
-	// and check that handshakes still work.
-	testSupportedSignatureAlgorithmsTLS12 := supportedSignatureAlgorithmsTLS12
-	defer func() { supportedSignatureAlgorithmsTLS12 = testSupportedSignatureAlgorithmsTLS12 }()
-	supportedSignatureAlgorithmsTLS12 = savedSupportedSignatureAlgorithmsTLS12
-
-	runServerTestTLS12(t, test)
-	runServerTestTLS13(t, test)
-
-	test = &serverTest{
-		name:    "RSA-PSS-Disabled-Required",
-		command: []string{"openssl", "s_client", "-no_ticket", "-sigalgs", "rsa_pss_rsae_sha256"},
-		wait:    true,
-
-		expectHandshakeErrorIncluding: "peer doesn't support any common signature algorithms",
-	}
-
-	runServerTestTLS12(t, test)
-}
-
 func benchmarkHandshakeServer(b *testing.B, version uint16, cipherSuite uint16, curve CurveID, cert []byte, key crypto.PrivateKey) {
 	config := testConfig.Clone()
 	config.CipherSuites = []uint16{cipherSuite}
@@ -1417,82 +1390,49 @@ func TestClientAuth(t *testing.T) {
 		defer os.Remove(ecdsaCertPath)
 		ecdsaKeyPath = tempFile(clientECDSAKeyPEM)
 		defer os.Remove(ecdsaKeyPath)
+	} else {
+		t.Parallel()
 	}

-	t.Run("Normal", func(t *testing.T) {
-		config := testConfig.Clone()
-		config.ClientAuth = RequestClientCert
-
-		test := &serverTest{
-			name:    "ClientAuthRequestedNotGiven",
-			command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA"},
-			config:  config,
-		}
-		runServerTestTLS12(t, test)
-		runServerTestTLS13(t, test)
-
-		config.ClientAuth = RequireAnyClientCert
-
-		test = &serverTest{
-			name: "ClientAuthRequestedAndGiven",
-			command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA",
-				"-cert", certPath, "-key", keyPath, "-sigalgs", "rsa_pss_rsae_sha256"},
-			config:            config,
-			expectedPeerCerts: []string{clientCertificatePEM},
-		}
-		runServerTestTLS12(t, test)
-		runServerTestTLS13(t, test)
-
-		test = &serverTest{
-			name: "ClientAuthRequestedAndECDSAGiven",
-			command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA",
-				"-cert", ecdsaCertPath, "-key", ecdsaKeyPath},
-			config:            config,
-			expectedPeerCerts: []string{clientECDSACertificatePEM},
-		}
-		runServerTestTLS12(t, test)
-		runServerTestTLS13(t, test)
-
-		test = &serverTest{
-			name: "ClientAuthRequestedAndPKCS1v15Given",
-			command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA",
-				"-cert", certPath, "-key", keyPath, "-sigalgs", "rsa_pkcs1_sha256"},
-			config:            config,
-			expectedPeerCerts: []string{clientCertificatePEM},
-		}
-		runServerTestTLS12(t, test)
-	})
+	config := testConfig.Clone()
+	config.ClientAuth = RequestClientCert

-	// Restore the default signature algorithms, disabling RSA-PSS in TLS 1.2,
-	// and check that handshakes still work.
-	testSupportedSignatureAlgorithmsTLS12 := supportedSignatureAlgorithmsTLS12
-	defer func() { supportedSignatureAlgorithmsTLS12 = testSupportedSignatureAlgorithmsTLS12 }()
-	supportedSignatureAlgorithmsTLS12 = savedSupportedSignatureAlgorithmsTLS12
+	test := &serverTest{
+		name:    "ClientAuthRequestedNotGiven",
+		command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA"},
+		config:  config,
+	}
+	runServerTestTLS12(t, test)
+	runServerTestTLS13(t, test)

-	t.Run("PSSDisabled", func(t *testing.T) {
-		config := testConfig.Clone()
-		config.ClientAuth = RequireAnyClientCert
-
-		test := &serverTest{
-			name: "ClientAuthRequestedAndGiven-PSS-Disabled",
-			command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA",
-				"-cert", certPath, "-key", keyPath},
-			config:            config,
-			expectedPeerCerts: []string{clientCertificatePEM},
-		}
-		runServerTestTLS12(t, test)
-		runServerTestTLS13(t, test)
+	test = &serverTest{
+		name: "ClientAuthRequestedAndGiven",
+		command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA",
+			"-cert", certPath, "-key", keyPath, "-sigalgs", "rsa_pss_rsae_sha256"},
+		config:            config,
+		expectedPeerCerts: []string{clientCertificatePEM},
+	}
+	runServerTestTLS12(t, test)
+	runServerTestTLS13(t, test)

-		test = &serverTest{
-			name: "ClientAuthRequestedAndGiven-PSS-Disabled-Required",
-			command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA",
-				"-cert", certPath, "-key", keyPath, "-client_sigalgs", "rsa_pss_rsae_sha256"},
-			config: config,
+	test = &serverTest{
+		name: "ClientAuthRequestedAndECDSAGiven",
+		command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA",
+			"-cert", ecdsaCertPath, "-key", ecdsaKeyPath},
+		config:            config,
+		expectedPeerCerts: []string{clientECDSACertificatePEM},
+	}
+	runServerTestTLS12(t, test)
+	runServerTestTLS13(t, test)

-			expectHandshakeErrorIncluding: "client didn't provide a certificate",
-		}
-		runServerTestTLS12(t, test)
-	})
+	test = &serverTest{
+		name: "ClientAuthRequestedAndPKCS1v15Given",
+		command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA",
+			"-cert", certPath, "-key", keyPath, "-sigalgs", "rsa_pkcs1_sha256"},
+		config:            config,
+		expectedPeerCerts: []string{clientCertificatePEM},
+	}
+	runServerTestTLS12(t, test)
 }

 func TestSNIGivenOnFailure(t *testing.T) {
@@ -1782,7 +1722,6 @@ T+E0J8wlH24pgwQHzy7Ko2qLwn1b5PW8ecrlvP1g
 	if err != nil {
 		t.Fatal(err)
 	}
-
 	done := make(chan struct{})
 	go func() {
 		config := testConfig.Clone()
@@ -1800,15 +1739,4 @@ T+E0J8wlH24pgwQHzy7Ko2qLwn1b5PW8ecrlvP1g
 		t.Errorf(`expected "handshake failure", got %q`, err)
 	}
 	<-done
-
-	// With RSA-PSS disabled and TLS 1.2, this should work.
-
-	testSupportedSignatureAlgorithmsTLS12 := supportedSignatureAlgorithmsTLS12
-	defer func() { supportedSignatureAlgorithmsTLS12 = testSupportedSignatureAlgorithmsTLS12 }()
-	supportedSignatureAlgorithmsTLS12 = savedSupportedSignatureAlgorithmsTLS12
-
-	serverConfig := testConfig.Clone()
-	serverConfig.Certificates = []Certificate{cert}
-	serverConfig.MaxVersion = VersionTLS12
-	testHandshake(t, testConfig, serverConfig)
 }
--- a/src/crypto/tls/key_agreement.go
+++ b/src/crypto/tls/key_agreement.go
@@ -177,7 +177,7 @@ NextCandidate:
 		return nil, errors.New("tls: certificate private key does not implement crypto.Signer")
 	}

-	signatureAlgorithm, sigType, hashFunc, err := pickSignatureAlgorithm(priv.Public(), clientHello.supportedSignatureAlgorithms, supportedSignatureAlgorithmsTLS12, ka.version)
+	signatureAlgorithm, sigType, hashFunc, err := pickSignatureAlgorithm(priv.Public(), clientHello.supportedSignatureAlgorithms, supportedSignatureAlgorithms, ka.version)
 	if err != nil {
 		return nil, err
 	}

--- a/src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-PSS-Disabled
+++ b/src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-PSS-Disabled
--- a/src/crypto/tls/testdata/Client-TLSv13-ClientCert-RSA-PSS-Disabled
+++ b/src/crypto/tls/testdata/Client-TLSv13-ClientCert-RSA-PSS-Disabled
--- a/src/crypto/tls/testdata/Server-TLSv12-ClientAuthRequestedAndGiven-PSS-Disabled
+++ b/src/crypto/tls/testdata/Server-TLSv12-ClientAuthRequestedAndGiven-PSS-Disabled
->>> Flow 1 (client to server)
-00000000  16 03 01 00 97 01 00 00  93 03 03 9e b1 2a 26 04  |.............*&.|
-00000010  8d 66 df 43 cb 0a 85 80  4f f2 99 7d 80 20 64 7e  |.f.C....O..}. d~|
-00000020  30 a0 bb 60 ac 0e d4 ce  f0 ae 98 00 00 04 00 2f  |0..`.........../|
-00000030  00 ff 01 00 00 66 00 00  00 0e 00 0c 00 00 09 31  |.....f.........1|
-00000040  32 37 2e 30 2e 30 2e 31  00 0b 00 04 03 00 01 02  |27.0.0.1........|
-00000050  00 0a 00 0c 00 0a 00 1d  00 17 00 1e 00 19 00 18  |................|
-00000060  00 16 00 00 00 17 00 00  00 0d 00 30 00 2e 04 03  |...........0....|
-00000070  05 03 06 03 08 07 08 08  08 09 08 0a 08 0b 08 04  |................|
-00000080  08 05 08 06 04 01 05 01  06 01 03 03 02 03 03 01  |................|
-00000090  02 01 03 02 02 02 04 02  05 02 06 02              |............|
->>> Flow 2 (server to client)
-00000000  16 03 03 00 31 02 00 00  2d 03 03 00 00 00 00 00  |....1...-.......|
-00000010  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
-00000020  00 00 00 44 4f 57 4e 47  52 44 01 00 00 2f 00 00  |...DOWNGRD.../..|
-00000030  05 ff 01 00 01 00 16 03  03 02 59 0b 00 02 55 00  |..........Y...U.|
-00000040  02 52 00 02 4f 30 82 02  4b 30 82 01 b4 a0 03 02  |.R..O0..K0......|
-00000050  01 02 02 09 00 e8 f0 9d  3f e2 5b ea a6 30 0d 06  |........?.[..0..|
-00000060  09 2a 86 48 86 f7 0d 01  01 0b 05 00 30 1f 31 0b  |.*.H........0.1.|
-00000070  30 09 06 03 55 04 0a 13  02 47 6f 31 10 30 0e 06  |0...U....Go1.0..|
-00000080  03 55 04 03 13 07 47 6f  20 52 6f 6f 74 30 1e 17  |.U....Go Root0..|
-00000090  0d 31 36 30 31 30 31 30  30 30 30 30 30 5a 17 0d  |.160101000000Z..|
-000000a0  32 35 30 31 30 31 30 30  30 30 30 30 5a 30 1a 31  |250101000000Z0.1|
-000000b0  0b 30 09 06 03 55 04 0a  13 02 47 6f 31 0b 30 09  |.0...U....Go1.0.|
-000000c0  06 03 55 04 03 13 02 47  6f 30 81 9f 30 0d 06 09  |..U....Go0..0...|
-000000d0  2a 86 48 86 f7 0d 01 01  01 05 00 03 81 8d 00 30  |*.H............0|
-000000e0  81 89 02 81 81 00 db 46  7d 93 2e 12 27 06 48 bc  |.......F}...'.H.|
-000000f0  06 28 21 ab 7e c4 b6 a2  5d fe 1e 52 45 88 7a 36  |.(!.~...]..RE.z6|
-00000100  47 a5 08 0d 92 42 5b c2  81 c0 be 97 79 98 40 fb  |G....B[.....y.@.|
-00000110  4f 6d 14 fd 2b 13 8b c2  a5 2e 67 d8 d4 09 9e d6  |Om..+.....g.....|
-00000120  22 38 b7 4a 0b 74 73 2b  c2 34 f1 d1 93 e5 96 d9  |"8.J.ts+.4......|
-00000130  74 7b f3 58 9f 6c 61 3c  c0 b0 41 d4 d9 2b 2b 24  |t{.X.la<..A..++$|
-00000140  23 77 5b 1c 3b bd 75 5d  ce 20 54 cf a1 63 87 1d  |#w[.;.u]. T..c..|
-00000150  1e 24 c4 f3 1d 1a 50 8b  aa b6 14 43 ed 97 a7 75  |.$....P....C...u|
-00000160  62 f4 14 c8 52 d7 02 03  01 00 01 a3 81 93 30 81  |b...R.........0.|
-00000170  90 30 0e 06 03 55 1d 0f  01 01 ff 04 04 03 02 05  |.0...U..........|
-00000180  a0 30 1d 06 03 55 1d 25  04 16 30 14 06 08 2b 06  |.0...U.%..0...+.|
-00000190  01 05 05 07 03 01 06 08  2b 06 01 05 05 07 03 02  |........+.......|
-000001a0  30 0c 06 03 55 1d 13 01  01 ff 04 02 30 00 30 19  |0...U.......0.0.|
-000001b0  06 03 55 1d 0e 04 12 04  10 9f 91 16 1f 43 43 3e  |..U..........CC>|
-000001c0  49 a6 de 6d b6 80 d7 9f  60 30 1b 06 03 55 1d 23  |I..m....`0...U.#|
-000001d0  04 14 30 12 80 10 48 13  49 4d 13 7e 16 31 bb a3  |..0...H.IM.~.1..|
-000001e0  01 d5 ac ab 6e 7b 30 19  06 03 55 1d 11 04 12 30  |....n{0...U....0|
-000001f0  10 82 0e 65 78 61 6d 70  6c 65 2e 67 6f 6c 61 6e  |...example.golan|
-00000200  67 30 0d 06 09 2a 86 48  86 f7 0d 01 01 0b 05 00  |g0...*.H........|
-00000210  03 81 81 00 9d 30 cc 40  2b 5b 50 a0 61 cb ba e5  |.....0.@+[P.a...|
-00000220  53 58 e1 ed 83 28 a9 58  1a a9 38 a4 95 a1 ac 31  |SX...(.X..8....1|
-00000230  5a 1a 84 66 3d 43 d3 2d  d9 0b f2 97 df d3 20 64  |Z..f=C.-...... d|
-00000240  38 92 24 3a 00 bc cf 9c  7d b7 40 20 01 5f aa d3  |8.$:....}.@ ._..|
-00000250  16 61 09 a2 76 fd 13 c3  cc e1 0c 5c ee b1 87 82  |.a..v......\....|
-00000260  f1 6c 04 ed 73 bb b3 43  77 8d 0c 1c f1 0f a1 d8  |.l..s..Cw.......|
-00000270  40 83 61 c9 4c 72 2b 9d  ae db 46 06 06 4d f4 c1  |@.a.Lr+...F..M..|
-00000280  b3 3e c0 d1 bd 42 d4 db  fe 3d 13 60 84 5c 21 d3  |.>...B...=.`.\!.|
-00000290  3b e9 fa e7 16 03 03 00  1b 0d 00 00 17 02 01 40  |;..............@|
-000002a0  00 10 04 01 04 03 05 01  05 03 06 01 06 03 02 01  |................|
-000002b0  02 03 00 00 16 03 03 00  04 0e 00 00 00           |.............|
->>> Flow 3 (client to server)
-00000000  16 03 03 01 fd 0b 00 01  f9 00 01 f6 00 01 f3 30  |...............0|
-00000010  82 01 ef 30 82 01 58 a0  03 02 01 02 02 10 5c 19  |...0..X.......\.|
-00000020  c1 89 65 83 55 6f dc 0b  c9 b9 93 9f e9 bc 30 0d  |..e.Uo........0.|
-00000030  06 09 2a 86 48 86 f7 0d  01 01 0b 05 00 30 12 31  |..*.H........0.1|
-00000040  10 30 0e 06 03 55 04 0a  13 07 41 63 6d 65 20 43  |.0...U....Acme C|
-00000050  6f 30 1e 17 0d 31 36 30  38 31 37 32 31 35 32 33  |o0...16081721523|
-00000060  31 5a 17 0d 31 37 30 38  31 37 32 31 35 32 33 31  |1Z..170817215231|
-00000070  5a 30 12 31 10 30 0e 06  03 55 04 0a 13 07 41 63  |Z0.1.0...U....Ac|
-00000080  6d 65 20 43 6f 30 81 9f  30 0d 06 09 2a 86 48 86  |me Co0..0...*.H.|
-00000090  f7 0d 01 01 01 05 00 03  81 8d 00 30 81 89 02 81  |...........0....|
-000000a0  81 00 ba 6f aa 86 bd cf  bf 9f f2 ef 5c 94 60 78  |...o........\.`x|
-000000b0  6f e8 13 f2 d1 96 6f cd  d9 32 6e 22 37 ce 41 f9  |o.....o..2n"7.A.|
-000000c0  ca 5d 29 ac e1 27 da 61  a2 ee 81 cb 10 c7 df 34  |.])..'.a.......4|
-000000d0  58 95 86 e9 3d 19 e6 5c  27 73 60 c8 8d 78 02 f4  |X...=..\'s`..x..|
-000000e0  1d a4 98 09 a3 19 70 69  3c 25 62 66 2a ab 22 23  |......pi<%bf*."#|
-000000f0  c5 7b 85 38 4f 2e 09 73  32 a7 bd 3e 9b ad ca 84  |.{.8O..s2..>....|
-00000100  07 e6 0f 3a ff 77 c5 9d  41 85 00 8a b6 9b ee b0  |...:.w..A.......|
-00000110  a4 3f 2d 4c 4c e6 42 3e  bb 51 c8 dd 48 54 f4 0c  |.?-LL.B>.Q..HT..|
-00000120  8e 47 02 03 01 00 01 a3  46 30 44 30 0e 06 03 55  |.G......F0D0...U|
-00000130  1d 0f 01 01 ff 04 04 03  02 05 a0 30 13 06 03 55  |...........0...U|
-00000140  1d 25 04 0c 30 0a 06 08  2b 06 01 05 05 07 03 01  |.%..0...+.......|
-00000150  30 0c 06 03 55 1d 13 01  01 ff 04 02 30 00 30 0f  |0...U.......0.0.|
-00000160  06 03 55 1d 11 04 08 30  06 87 04 7f 00 00 01 30  |..U....0.......0|
-00000170  0d 06 09 2a 86 48 86 f7  0d 01 01 0b 05 00 03 81  |...*.H..........|
-00000180  81 00 46 ab 44 a2 fb 28  54 f8 5a 67 f8 62 94 f1  |..F.D..(T.Zg.b..|
-00000190  9a b2 18 9e f2 b1 de 1d  7e 6f 76 95 a9 ba e7 5d  |........~ov....]|
-000001a0  a8 16 6c 9c f7 09 d3 37  e4 4b 2b 36 7c 01 ad 41  |..l....7.K+6|..A|
-000001b0  d2 32 d8 c3 d2 93 f9 10  6b 8e 95 b9 2c 17 8a a3  |.2......k...,...|
-000001c0  44 48 bc 59 13 83 16 04  88 a4 81 5c 25 0d 98 0c  |DH.Y.......\%...|
-000001d0  ac 11 b1 28 56 be 1d cd  61 62 84 09 bf d6 80 c6  |...(V...ab......|
-000001e0  45 8d 82 2c b4 d8 83 9b  db c9 22 b7 2a 12 11 7b  |E..,......".*..{|
-000001f0  fa 02 3b c1 c9 ff ea c9  9d a8 49 d3 95 d7 d5 0e  |..;.......I.....|
-00000200  e5 35 16 03 03 00 86 10  00 00 82 00 80 3f 1b ee  |.5...........?..|
-00000210  02 ec a5 9f 6e 38 69 2c  b7 03 89 65 b4 92 79 a0  |....n8i,...e..y.|
-00000220  b2 0b ab 9b 44 9c 68 d1  8e 5c 40 9c b5 1c a5 70  |....D.h..\@....p|
-00000230  00 a2 2e fb 98 b7 45 7b  9c 63 46 68 1d 55 9e 01  |......E{.cFh.U..|
-00000240  7f 84 31 62 07 c4 2f 20  5f 1a 94 8c 1f f4 3a 6d  |..1b../ _.....:m|
-00000250  a8 2b b8 08 5b ec 27 e3  49 9e 51 b3 66 98 09 ba  |.+..[.'.I.Q.f...|
-00000260  64 65 c8 3c 11 fb 14 4a  c9 ea 3c 5e 52 10 a0 0b  |de.<...J..<^R...|
-00000270  a9 fc 10 13 c9 99 0c a0  8b b4 40 66 0e 11 5e 1d  |..........@f..^.|
-00000280  8b 45 5c 4d 0d 39 39 f6  0c 59 8f 06 99 16 03 03  |.E\M.99..Y......|
-00000290  00 88 0f 00 00 84 04 01  00 80 71 1c 9c fd b2 c9  |..........q.....|
-000002a0  b9 7f f3 51 e2 63 96 08  56 d2 bd 19 61 9f 3f be  |...Q.c..V...a.?.|
-000002b0  e5 4c 22 a8 3f 81 98 2d  67 56 4e 2d 61 6e 51 e5  |.L".?..-gVN-anQ.|
-000002c0  11 24 bd 1b 38 ba dc 8c  76 51 1d 3c 6e 81 50 9a  |.$..8...vQ.<n.P.|
-000002d0  b5 24 9c d8 af f7 80 8a  51 43 ec b3 59 18 bd ea  |.$......QC..Y...|
-000002e0  8a be af 11 c8 ac 60 88  e3 67 a2 ae c2 95 16 47  |......`..g.....G|
-000002f0  2b e2 ea 42 0a 0a 3f 2b  8b c8 ec 9d e7 b2 a6 ee  |+..B..?+........|
-00000300  f4 9b ba 28 47 e2 30 ae  05 89 09 65 3d b6 54 8a  |...(G.0....e=.T.|
-00000310  4a df d4 fa a5 4c 30 38  53 f2 14 03 03 00 01 01  |J....L08S.......|
-00000320  16 03 03 00 40 97 50 23  88 56 0d d4 1b ba 6f 3e  |....@.P#.V....o>|
-00000330  8d 82 6c f3 04 55 2c 13  d9 5b 0a 73 88 4f 8b 3c  |..l..U,..[.s.O.<|
-00000340  cd ef 1a a7 15 7c 33 bb  ff fa 01 c4 87 d7 df 47  |.....|3........G|
-00000350  37 b6 fe 1d e6 82 c2 8a  33 b1 c9 ae 85 45 c8 0d  |7.......3....E..|
-00000360  38 47 69 2d 54                                    |8Gi-T|
->>> Flow 4 (server to client)
-00000000  14 03 03 00 01 01 16 03  03 00 40 00 00 00 00 00  |..........@.....|
-00000010  00 00 00 00 00 00 00 00  00 00 00 20 98 12 44 63  |........... ..Dc|
-00000020  e7 77 e6 e8 c0 c7 d7 b6  f7 c4 4e 13 e3 79 af 33  |.w........N..y.3|
-00000030  3b 6c 86 22 c5 9e dd 25  74 e5 7b 37 fb 24 c6 48  |;l."...%t.{7.$.H|
-00000040  c9 74 a7 9b 9b 32 a7 c1  b9 bb e0 17 03 03 00 40  |.t...2.........@|
-00000050  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
-00000060  80 d7 ec 51 cf ae d4 1a  af 11 59 d1 0c 62 a6 67  |...Q......Y..b.g|
-00000070  2e 6f 18 23 29 75 92 07  b1 16 09 8f 2d f8 04 fe  |.o.#)u......-...|
-00000080  ce 71 2c b6 00 fd 7b 53  cb 6d 97 06 06 e6 af f4  |.q,...{S.m......|
-00000090  15 03 03 00 30 00 00 00  00 00 00 00 00 00 00 00  |....0...........|
-000000a0  00 00 00 00 00 73 14 3a  87 3b ca 3a 2b b2 52 30  |.....s.:.;.:+.R0|
-000000b0  98 62 88 1b a7 58 66 47  66 72 fd bb b6 b7 6b 99  |.b...XfGfr....k.|
-000000c0  20 ab e9 22 62                                    | .."b|
--- a/src/crypto/tls/testdata/Server-TLSv12-ClientAuthRequestedAndGiven-PSS-Disabled-Required
+++ b/src/crypto/tls/testdata/Server-TLSv12-ClientAuthRequestedAndGiven-PSS-Disabled-Required
->>> Flow 1 (client to server)
-00000000  16 03 01 00 97 01 00 00  93 03 03 d7 9c de f8 62  |...............b|
-00000010  7e 32 5b bc d5 12 35 89  42 37 be ca 55 74 24 61  |~2[...5.B7..Ut$a|
-00000020  c0 50 91 0f 1b 42 29 9f  c1 6a cb 00 00 04 00 2f  |.P...B)..j...../|
-00000030  00 ff 01 00 00 66 00 00  00 0e 00 0c 00 00 09 31  |.....f.........1|
-00000040  32 37 2e 30 2e 30 2e 31  00 0b 00 04 03 00 01 02  |27.0.0.1........|
-00000050  00 0a 00 0c 00 0a 00 1d  00 17 00 1e 00 19 00 18  |................|
-00000060  00 16 00 00 00 17 00 00  00 0d 00 30 00 2e 04 03  |...........0....|
-00000070  05 03 06 03 08 07 08 08  08 09 08 0a 08 0b 08 04  |................|
-00000080  08 05 08 06 04 01 05 01  06 01 03 03 02 03 03 01  |................|
-00000090  02 01 03 02 02 02 04 02  05 02 06 02              |............|
->>> Flow 2 (server to client)
-00000000  16 03 03 00 31 02 00 00  2d 03 03 00 00 00 00 00  |....1...-.......|
-00000010  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
-00000020  00 00 00 44 4f 57 4e 47  52 44 01 00 00 2f 00 00  |...DOWNGRD.../..|
-00000030  05 ff 01 00 01 00 16 03  03 02 59 0b 00 02 55 00  |..........Y...U.|
-00000040  02 52 00 02 4f 30 82 02  4b 30 82 01 b4 a0 03 02  |.R..O0..K0......|
-00000050  01 02 02 09 00 e8 f0 9d  3f e2 5b ea a6 30 0d 06  |........?.[..0..|
-00000060  09 2a 86 48 86 f7 0d 01  01 0b 05 00 30 1f 31 0b  |.*.H........0.1.|
-00000070  30 09 06 03 55 04 0a 13  02 47 6f 31 10 30 0e 06  |0...U....Go1.0..|
-00000080  03 55 04 03 13 07 47 6f  20 52 6f 6f 74 30 1e 17  |.U....Go Root0..|
-00000090  0d 31 36 30 31 30 31 30  30 30 30 30 30 5a 17 0d  |.160101000000Z..|
-000000a0  32 35 30 31 30 31 30 30  30 30 30 30 5a 30 1a 31  |250101000000Z0.1|
-000000b0  0b 30 09 06 03 55 04 0a  13 02 47 6f 31 0b 30 09  |.0...U....Go1.0.|
-000000c0  06 03 55 04 03 13 02 47  6f 30 81 9f 30 0d 06 09  |..U....Go0..0...|
-000000d0  2a 86 48 86 f7 0d 01 01  01 05 00 03 81 8d 00 30  |*.H............0|
-000000e0  81 89 02 81 81 00 db 46  7d 93 2e 12 27 06 48 bc  |.......F}...'.H.|
-000000f0  06 28 21 ab 7e c4 b6 a2  5d fe 1e 52 45 88 7a 36  |.(!.~...]..RE.z6|
-00000100  47 a5 08 0d 92 42 5b c2  81 c0 be 97 79 98 40 fb  |G....B[.....y.@.|
-00000110  4f 6d 14 fd 2b 13 8b c2  a5 2e 67 d8 d4 09 9e d6  |Om..+.....g.....|
-00000120  22 38 b7 4a 0b 74 73 2b  c2 34 f1 d1 93 e5 96 d9  |"8.J.ts+.4......|
-00000130  74 7b f3 58 9f 6c 61 3c  c0 b0 41 d4 d9 2b 2b 24  |t{.X.la<..A..++$|
-00000140  23 77 5b 1c 3b bd 75 5d  ce 20 54 cf a1 63 87 1d  |#w[.;.u]. T..c..|
-00000150  1e 24 c4 f3 1d 1a 50 8b  aa b6 14 43 ed 97 a7 75  |.$....P....C...u|
-00000160  62 f4 14 c8 52 d7 02 03  01 00 01 a3 81 93 30 81  |b...R.........0.|
-00000170  90 30 0e 06 03 55 1d 0f  01 01 ff 04 04 03 02 05  |.0...U..........|
-00000180  a0 30 1d 06 03 55 1d 25  04 16 30 14 06 08 2b 06  |.0...U.%..0...+.|
-00000190  01 05 05 07 03 01 06 08  2b 06 01 05 05 07 03 02  |........+.......|
-000001a0  30 0c 06 03 55 1d 13 01  01 ff 04 02 30 00 30 19  |0...U.......0.0.|
-000001b0  06 03 55 1d 0e 04 12 04  10 9f 91 16 1f 43 43 3e  |..U..........CC>|
-000001c0  49 a6 de 6d b6 80 d7 9f  60 30 1b 06 03 55 1d 23  |I..m....`0...U.#|
-000001d0  04 14 30 12 80 10 48 13  49 4d 13 7e 16 31 bb a3  |..0...H.IM.~.1..|
-000001e0  01 d5 ac ab 6e 7b 30 19  06 03 55 1d 11 04 12 30  |....n{0...U....0|
-000001f0  10 82 0e 65 78 61 6d 70  6c 65 2e 67 6f 6c 61 6e  |...example.golan|
-00000200  67 30 0d 06 09 2a 86 48  86 f7 0d 01 01 0b 05 00  |g0...*.H........|
-00000210  03 81 81 00 9d 30 cc 40  2b 5b 50 a0 61 cb ba e5  |.....0.@+[P.a...|
-00000220  53 58 e1 ed 83 28 a9 58  1a a9 38 a4 95 a1 ac 31  |SX...(.X..8....1|
-00000230  5a 1a 84 66 3d 43 d3 2d  d9 0b f2 97 df d3 20 64  |Z..f=C.-...... d|
-00000240  38 92 24 3a 00 bc cf 9c  7d b7 40 20 01 5f aa d3  |8.$:....}.@ ._..|
-00000250  16 61 09 a2 76 fd 13 c3  cc e1 0c 5c ee b1 87 82  |.a..v......\....|
-00000260  f1 6c 04 ed 73 bb b3 43  77 8d 0c 1c f1 0f a1 d8  |.l..s..Cw.......|
-00000270  40 83 61 c9 4c 72 2b 9d  ae db 46 06 06 4d f4 c1  |@.a.Lr+...F..M..|
-00000280  b3 3e c0 d1 bd 42 d4 db  fe 3d 13 60 84 5c 21 d3  |.>...B...=.`.\!.|
-00000290  3b e9 fa e7 16 03 03 00  1b 0d 00 00 17 02 01 40  |;..............@|
-000002a0  00 10 04 01 04 03 05 01  05 03 06 01 06 03 02 01  |................|
-000002b0  02 03 00 00 16 03 03 00  04 0e 00 00 00           |.............|
->>> Flow 3 (client to server)
-00000000  16 03 03 00 07 0b 00 00  03 00 00 00 16 03 03 00  |................|
-00000010  86 10 00 00 82 00 80 1d  c6 6c b0 b9 b3 41 06 80  |.........l...A..|
-00000020  e0 f5 df 06 ae 0f 2f 5f  72 14 44 47 16 c4 f0 a6  |....../_r.DG....|
-00000030  68 be fa ee ec 9b 38 b0  e4 bd a3 e9 ca 18 5b 25  |h.....8.......[%|
-00000040  33 31 57 86 63 59 0e ce  10 77 f8 42 a6 5c ad 3f  |31W.cY...w.B.\.?|
-00000050  80 85 a5 c1 06 4c 36 aa  f3 ee 62 39 66 69 76 51  |.....L6...b9fivQ|
-00000060  57 cc a0 b1 35 81 d5 38  01 2d 83 0e 2e 6b a9 84  |W...5..8.-...k..|
-00000070  0d 8b 29 93 90 78 2d 0d  33 5f 85 0d 00 0c e2 5f  |..)..x-.3_....._|
-00000080  83 21 28 27 83 ad 9d 19  2d 01 35 6d 85 2e 8d 6b  |.!('....-.5m...k|
-00000090  eb 7a cd 8a 3f 42 e2 14  03 03 00 01 01 16 03 03  |.z..?B..........|
-000000a0  00 40 5e 19 0f d0 4c 17  e0 25 e6 6b a1 d9 ea 59  |.@^...L..%.k...Y|
-000000b0  f4 3a 55 84 2c 50 1e 53  47 78 45 b8 97 f7 7f 3d  |.:U.,P.SGxE....=|
-000000c0  af d9 7a ad 30 30 77 1a  93 05 19 5b 9b 13 70 e0  |..z.00w....[..p.|
-000000d0  e0 f8 ba 6a bd 74 c5 71  0d 5a 2c 3f 2d 98 1a 3c  |...j.t.q.Z,?-..<|
-000000e0  5a 7d                                             |Z}|
->>> Flow 4 (server to client)
-00000000  15 03 03 00 02 02 2a                              |......*|
--- a/src/crypto/tls/testdata/Server-TLSv12-RSA-PSS-Disabled
+++ b/src/crypto/tls/testdata/Server-TLSv12-RSA-PSS-Disabled
->>> Flow 1 (client to server)
-00000000  16 03 01 00 cb 01 00 00  c7 03 03 ed 3d 3e 10 95  |............=>..|
-00000010  8b 6f 6c be 5c b7 77 c0  79 91 f8 b3 6f 52 27 18  |.ol.\.w.y...oR'.|
-00000020  0a b7 88 52 df 3c 6c 87  b4 5a 4c 00 00 38 c0 2c  |...R.<l..ZL..8.,|
-00000030  c0 30 00 9f cc a9 cc a8  cc aa c0 2b c0 2f 00 9e  |.0.........+./..|
-00000040  c0 24 c0 28 00 6b c0 23  c0 27 00 67 c0 0a c0 14  |.$.(.k.#.'.g....|
-00000050  00 39 c0 09 c0 13 00 33  00 9d 00 9c 00 3d 00 3c  |.9.....3.....=.<|
-00000060  00 35 00 2f 00 ff 01 00  00 66 00 00 00 0e 00 0c  |.5./.....f......|
-00000070  00 00 09 31 32 37 2e 30  2e 30 2e 31 00 0b 00 04  |...127.0.0.1....|
-00000080  03 00 01 02 00 0a 00 0c  00 0a 00 1d 00 17 00 1e  |................|
-00000090  00 19 00 18 00 16 00 00  00 17 00 00 00 0d 00 30  |...............0|
-000000a0  00 2e 04 03 05 03 06 03  08 07 08 08 08 09 08 0a  |................|
-000000b0  08 0b 08 04 08 05 08 06  04 01 05 01 06 01 03 03  |................|
-000000c0  02 03 03 01 02 01 03 02  02 02 04 02 05 02 06 02  |................|
->>> Flow 2 (server to client)
-00000000  16 03 03 00 31 02 00 00  2d 03 03 00 00 00 00 00  |....1...-.......|
-00000010  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
-00000020  00 00 00 44 4f 57 4e 47  52 44 01 00 c0 30 00 00  |...DOWNGRD...0..|
-00000030  05 ff 01 00 01 00 16 03  03 02 59 0b 00 02 55 00  |..........Y...U.|
-00000040  02 52 00 02 4f 30 82 02  4b 30 82 01 b4 a0 03 02  |.R..O0..K0......|
-00000050  01 02 02 09 00 e8 f0 9d  3f e2 5b ea a6 30 0d 06  |........?.[..0..|
-00000060  09 2a 86 48 86 f7 0d 01  01 0b 05 00 30 1f 31 0b  |.*.H........0.1.|
-00000070  30 09 06 03 55 04 0a 13  02 47 6f 31 10 30 0e 06  |0...U....Go1.0..|
-00000080  03 55 04 03 13 07 47 6f  20 52 6f 6f 74 30 1e 17  |.U....Go Root0..|
-00000090  0d 31 36 30 31 30 31 30  30 30 30 30 30 5a 17 0d  |.160101000000Z..|
-000000a0  32 35 30 31 30 31 30 30  30 30 30 30 5a 30 1a 31  |250101000000Z0.1|
-000000b0  0b 30 09 06 03 55 04 0a  13 02 47 6f 31 0b 30 09  |.0...U....Go1.0.|
-000000c0  06 03 55 04 03 13 02 47  6f 30 81 9f 30 0d 06 09  |..U....Go0..0...|
-000000d0  2a 86 48 86 f7 0d 01 01  01 05 00 03 81 8d 00 30  |*.H............0|
-000000e0  81 89 02 81 81 00 db 46  7d 93 2e 12 27 06 48 bc  |.......F}...'.H.|
-000000f0  06 28 21 ab 7e c4 b6 a2  5d fe 1e 52 45 88 7a 36  |.(!.~...]..RE.z6|
-00000100  47 a5 08 0d 92 42 5b c2  81 c0 be 97 79 98 40 fb  |G....B[.....y.@.|
-00000110  4f 6d 14 fd 2b 13 8b c2  a5 2e 67 d8 d4 09 9e d6  |Om..+.....g.....|
-00000120  22 38 b7 4a 0b 74 73 2b  c2 34 f1 d1 93 e5 96 d9  |"8.J.ts+.4......|
-00000130  74 7b f3 58 9f 6c 61 3c  c0 b0 41 d4 d9 2b 2b 24  |t{.X.la<..A..++$|
-00000140  23 77 5b 1c 3b bd 75 5d  ce 20 54 cf a1 63 87 1d  |#w[.;.u]. T..c..|
-00000150  1e 24 c4 f3 1d 1a 50 8b  aa b6 14 43 ed 97 a7 75  |.$....P....C...u|
-00000160  62 f4 14 c8 52 d7 02 03  01 00 01 a3 81 93 30 81  |b...R.........0.|
-00000170  90 30 0e 06 03 55 1d 0f  01 01 ff 04 04 03 02 05  |.0...U..........|
-00000180  a0 30 1d 06 03 55 1d 25  04 16 30 14 06 08 2b 06  |.0...U.%..0...+.|
-00000190  01 05 05 07 03 01 06 08  2b 06 01 05 05 07 03 02  |........+.......|
-000001a0  30 0c 06 03 55 1d 13 01  01 ff 04 02 30 00 30 19  |0...U.......0.0.|
-000001b0  06 03 55 1d 0e 04 12 04  10 9f 91 16 1f 43 43 3e  |..U..........CC>|
-000001c0  49 a6 de 6d b6 80 d7 9f  60 30 1b 06 03 55 1d 23  |I..m....`0...U.#|
-000001d0  04 14 30 12 80 10 48 13  49 4d 13 7e 16 31 bb a3  |..0...H.IM.~.1..|
-000001e0  01 d5 ac ab 6e 7b 30 19  06 03 55 1d 11 04 12 30  |....n{0...U....0|
-000001f0  10 82 0e 65 78 61 6d 70  6c 65 2e 67 6f 6c 61 6e  |...example.golan|
-00000200  67 30 0d 06 09 2a 86 48  86 f7 0d 01 01 0b 05 00  |g0...*.H........|
-00000210  03 81 81 00 9d 30 cc 40  2b 5b 50 a0 61 cb ba e5  |.....0.@+[P.a...|
-00000220  53 58 e1 ed 83 28 a9 58  1a a9 38 a4 95 a1 ac 31  |SX...(.X..8....1|
-00000230  5a 1a 84 66 3d 43 d3 2d  d9 0b f2 97 df d3 20 64  |Z..f=C.-...... d|
-00000240  38 92 24 3a 00 bc cf 9c  7d b7 40 20 01 5f aa d3  |8.$:....}.@ ._..|
-00000250  16 61 09 a2 76 fd 13 c3  cc e1 0c 5c ee b1 87 82  |.a..v......\....|
-00000260  f1 6c 04 ed 73 bb b3 43  77 8d 0c 1c f1 0f a1 d8  |.l..s..Cw.......|
-00000270  40 83 61 c9 4c 72 2b 9d  ae db 46 06 06 4d f4 c1  |@.a.Lr+...F..M..|
-00000280  b3 3e c0 d1 bd 42 d4 db  fe 3d 13 60 84 5c 21 d3  |.>...B...=.`.\!.|
-00000290  3b e9 fa e7 16 03 03 00  ac 0c 00 00 a8 03 00 1d  |;...............|
-000002a0  20 2f e5 7d a3 47 cd 62  43 15 28 da ac 5f bb 29  | /.}.G.bC.(.._.)|
-000002b0  07 30 ff f6 84 af c4 cf  c2 ed 90 99 5f 58 cb 3b  |.0.........._X.;|
-000002c0  74 04 01 00 80 a5 a9 75  be 51 ff dc b3 bb 77 79  |t......u.Q....wy|
-000002d0  ef 5b 9f d9 27 6c 76 ea  ce 5c 66 20 03 2e 94 fd  |.[..'lv..\f ....|
-000002e0  28 94 69 ff 06 ab bd 34  43 51 72 fb 15 42 e6 38  |(.i....4CQr..B.8|
-000002f0  c5 7a 5d 7f 35 a7 3c 85  ec df 95 23 0f 28 c7 dc  |.z].5.<....#.(..|
-00000300  0e a6 ec fe 5e 77 3f 95  1d a7 73 1d d8 7b 68 92  |....^w?...s..{h.|
-00000310  5b a5 b8 ba f5 7c a5 60  2e 43 d6 60 64 3e 33 c7  |[....|.`.C.`d>3.|
-00000320  8b c2 56 68 e3 28 2b 2e  8b 9a 85 29 77 73 24 3e  |..Vh.(+....)ws$>|
-00000330  2b 95 b8 40 a7 f1 60 b5  9e 85 3e 1d ae ab 7f 85  |+..@..`...>.....|
-00000340  63 63 d1 cf 62 16 03 03  00 04 0e 00 00 00        |cc..b.........|
->>> Flow 3 (client to server)
-00000000  16 03 03 00 25 10 00 00  21 20 43 dd 3e 28 34 9f  |....%...! C.>(4.|
-00000010  a9 0c 8e 14 66 01 a1 dd  15 8e 71 b4 05 83 d9 a3  |....f.....q.....|
-00000020  5f 5c a3 31 ad 5c d5 5a  ad 56 14 03 03 00 01 01  |_\.1.\.Z.V......|
-00000030  16 03 03 00 28 f3 ad d2  ec 9e 1e 85 2d 96 5f bc  |....(.......-._.|
-00000040  70 cc 0a c2 22 ef 0a fe  fb b0 77 f1 59 59 08 a6  |p...".....w.YY..|
-00000050  57 39 16 00 82 0b 60 1e  9a 74 75 3a 8a           |W9....`..tu:.|
->>> Flow 4 (server to client)
-00000000  14 03 03 00 01 01 16 03  03 00 28 00 00 00 00 00  |..........(.....|
-00000010  00 00 00 cf 63 14 29 73  c7 7b 6c 98 50 db 5f 8e  |....c.)s.{l.P._.|
-00000020  f4 de 68 bc c0 60 2c db  9e 1f d9 48 55 51 05 47  |..h..`,....HUQ.G|
-00000030  7e 43 37 17 03 03 00 25  00 00 00 00 00 00 00 01  |~C7....%........|
-00000040  67 0a e7 77 dd 1a 30 87  27 90 b0 42 31 42 09 53  |g..w..0.'..B1B.S|
-00000050  03 bf 0c 10 3a c3 a7 95  e9 6e 63 57 ad 15 03 03  |....:....ncW....|
-00000060  00 1a 00 00 00 00 00 00  00 02 d5 1a ac 66 50 93  |.............fP.|
-00000070  46 0a da 98 1f cc 30 40  c1 47 c7 88              |F.....0@.G..|
--- a/src/crypto/tls/testdata/Server-TLSv12-RSA-PSS-Disabled-Required
+++ b/src/crypto/tls/testdata/Server-TLSv12-RSA-PSS-Disabled-Required
->>> Flow 1 (client to server)
-00000000  16 03 01 00 91 01 00 00  8d 03 03 5a 8a 66 22 31  |...........Z.f"1|
-00000010  69 92 30 d5 7b 7c 17 a7  7c 14 d6 3c a9 9e ba dd  |i.0.{|..|..<....|
-00000020  7c 73 fe b4 b4 dd d8 28  39 32 0d 00 00 2a c0 30  ||s.....(92...*.0|
-00000030  00 9f cc a8 cc aa c0 2f  00 9e c0 28 00 6b c0 27  |......./...(.k.'|
-00000040  00 67 c0 14 00 39 c0 13  00 33 00 9d 00 9c 00 3d  |.g...9...3.....=|
-00000050  00 3c 00 35 00 2f 00 ff  01 00 00 3a 00 00 00 0e  |.<.5./.....:....|
-00000060  00 0c 00 00 09 31 32 37  2e 30 2e 30 2e 31 00 0b  |.....127.0.0.1..|
-00000070  00 04 03 00 01 02 00 0a  00 0c 00 0a 00 1d 00 17  |................|
-00000080  00 1e 00 19 00 18 00 16  00 00 00 17 00 00 00 0d  |................|
-00000090  00 04 00 02 08 04                                 |......|
->>> Flow 2 (server to client)
-00000000  16 03 03 00 31 02 00 00  2d 03 03 00 00 00 00 00  |....1...-.......|
-00000010  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
-00000020  00 00 00 44 4f 57 4e 47  52 44 01 00 c0 30 00 00  |...DOWNGRD...0..|
-00000030  05 ff 01 00 01 00 16 03  03 02 59 0b 00 02 55 00  |..........Y...U.|
-00000040  02 52 00 02 4f 30 82 02  4b 30 82 01 b4 a0 03 02  |.R..O0..K0......|
-00000050  01 02 02 09 00 e8 f0 9d  3f e2 5b ea a6 30 0d 06  |........?.[..0..|
-00000060  09 2a 86 48 86 f7 0d 01  01 0b 05 00 30 1f 31 0b  |.*.H........0.1.|
-00000070  30 09 06 03 55 04 0a 13  02 47 6f 31 10 30 0e 06  |0...U....Go1.0..|
-00000080  03 55 04 03 13 07 47 6f  20 52 6f 6f 74 30 1e 17  |.U....Go Root0..|
-00000090  0d 31 36 30 31 30 31 30  30 30 30 30 30 5a 17 0d  |.160101000000Z..|
-000000a0  32 35 30 31 30 31 30 30  30 30 30 30 5a 30 1a 31  |250101000000Z0.1|
-000000b0  0b 30 09 06 03 55 04 0a  13 02 47 6f 31 0b 30 09  |.0...U....Go1.0.|
-000000c0  06 03 55 04 03 13 02 47  6f 30 81 9f 30 0d 06 09  |..U....Go0..0...|
-000000d0  2a 86 48 86 f7 0d 01 01  01 05 00 03 81 8d 00 30  |*.H............0|
-000000e0  81 89 02 81 81 00 db 46  7d 93 2e 12 27 06 48 bc  |.......F}...'.H.|
-000000f0  06 28 21 ab 7e c4 b6 a2  5d fe 1e 52 45 88 7a 36  |.(!.~...]..RE.z6|
-00000100  47 a5 08 0d 92 42 5b c2  81 c0 be 97 79 98 40 fb  |G....B[.....y.@.|
-00000110  4f 6d 14 fd 2b 13 8b c2  a5 2e 67 d8 d4 09 9e d6  |Om..+.....g.....|
-00000120  22 38 b7 4a 0b 74 73 2b  c2 34 f1 d1 93 e5 96 d9  |"8.J.ts+.4......|
-00000130  74 7b f3 58 9f 6c 61 3c  c0 b0 41 d4 d9 2b 2b 24  |t{.X.la<..A..++$|
-00000140  23 77 5b 1c 3b bd 75 5d  ce 20 54 cf a1 63 87 1d  |#w[.;.u]. T..c..|
-00000150  1e 24 c4 f3 1d 1a 50 8b  aa b6 14 43 ed 97 a7 75  |.$....P....C...u|
-00000160  62 f4 14 c8 52 d7 02 03  01 00 01 a3 81 93 30 81  |b...R.........0.|
-00000170  90 30 0e 06 03 55 1d 0f  01 01 ff 04 04 03 02 05  |.0...U..........|
-00000180  a0 30 1d 06 03 55 1d 25  04 16 30 14 06 08 2b 06  |.0...U.%..0...+.|
-00000190  01 05 05 07 03 01 06 08  2b 06 01 05 05 07 03 02  |........+.......|
-000001a0  30 0c 06 03 55 1d 13 01  01 ff 04 02 30 00 30 19  |0...U.......0.0.|
-000001b0  06 03 55 1d 0e 04 12 04  10 9f 91 16 1f 43 43 3e  |..U..........CC>|
-000001c0  49 a6 de 6d b6 80 d7 9f  60 30 1b 06 03 55 1d 23  |I..m....`0...U.#|
-000001d0  04 14 30 12 80 10 48 13  49 4d 13 7e 16 31 bb a3  |..0...H.IM.~.1..|
-000001e0  01 d5 ac ab 6e 7b 30 19  06 03 55 1d 11 04 12 30  |....n{0...U....0|
-000001f0  10 82 0e 65 78 61 6d 70  6c 65 2e 67 6f 6c 61 6e  |...example.golan|
-00000200  67 30 0d 06 09 2a 86 48  86 f7 0d 01 01 0b 05 00  |g0...*.H........|
-00000210  03 81 81 00 9d 30 cc 40  2b 5b 50 a0 61 cb ba e5  |.....0.@+[P.a...|
-00000220  53 58 e1 ed 83 28 a9 58  1a a9 38 a4 95 a1 ac 31  |SX...(.X..8....1|
-00000230  5a 1a 84 66 3d 43 d3 2d  d9 0b f2 97 df d3 20 64  |Z..f=C.-...... d|
-00000240  38 92 24 3a 00 bc cf 9c  7d b7 40 20 01 5f aa d3  |8.$:....}.@ ._..|
-00000250  16 61 09 a2 76 fd 13 c3  cc e1 0c 5c ee b1 87 82  |.a..v......\....|
-00000260  f1 6c 04 ed 73 bb b3 43  77 8d 0c 1c f1 0f a1 d8  |.l..s..Cw.......|
-00000270  40 83 61 c9 4c 72 2b 9d  ae db 46 06 06 4d f4 c1  |@.a.Lr+...F..M..|
-00000280  b3 3e c0 d1 bd 42 d4 db  fe 3d 13 60 84 5c 21 d3  |.>...B...=.`.\!.|
-00000290  3b e9 fa e7 15 03 03 00  02 02 28                 |;.........(|
--- a/src/crypto/tls/testdata/Server-TLSv13-ClientAuthRequestedAndGiven-PSS-Disabled
+++ b/src/crypto/tls/testdata/Server-TLSv13-ClientAuthRequestedAndGiven-PSS-Disabled
--- a/src/crypto/tls/testdata/Server-TLSv13-RSA-PSS-Disabled
+++ b/src/crypto/tls/testdata/Server-TLSv13-RSA-PSS-Disabled
->>> Flow 1 (client to server)
-00000000  16 03 01 00 e0 01 00 00  dc 03 03 1e 9f 50 05 56  |.............P.V|
-00000010  a7 21 c8 df 56 a8 f3 bb  e4 15 3b b0 04 e5 f5 10  |.!..V.....;.....|
-00000020  d8 5b 0e 68 d3 b4 39 64  b5 89 9c 20 5a 6b 29 6d  |.[.h..9d... Zk)m|
-00000030  22 a0 e0 fb 7f 2d 87 48  e7 b4 c9 b3 5a d0 2b c7  |"....-.H....Z.+.|
-00000040  ad d8 e4 ad d5 eb 81 b3  1f 61 0e 65 00 08 13 02  |.........a.e....|
-00000050  13 03 13 01 00 ff 01 00  00 8b 00 00 00 0e 00 0c  |................|
-00000060  00 00 09 31 32 37 2e 30  2e 30 2e 31 00 0b 00 04  |...127.0.0.1....|
-00000070  03 00 01 02 00 0a 00 0c  00 0a 00 1d 00 17 00 1e  |................|
-00000080  00 19 00 18 00 16 00 00  00 17 00 00 00 0d 00 1e  |................|
-00000090  00 1c 04 03 05 03 06 03  08 07 08 08 08 09 08 0a  |................|
-000000a0  08 0b 08 04 08 05 08 06  04 01 05 01 06 01 00 2b  |...............+|
-000000b0  00 03 02 03 04 00 2d 00  02 01 01 00 33 00 26 00  |......-.....3.&.|
-000000c0  24 00 1d 00 20 ba 67 99  b3 60 71 ed 6c bb 8d 7e  |$... .g..`q.l..~|
-000000d0  4c c3 ea 37 6d 90 b6 f8  91 67 71 2c 84 a7 32 3a  |L..7m....gq,..2:|
-000000e0  23 2a 90 13 35                                    |#*..5|
->>> Flow 2 (server to client)
-00000000  16 03 03 00 7a 02 00 00  76 03 03 00 00 00 00 00  |....z...v.......|
-00000010  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
-00000020  00 00 00 00 00 00 00 00  00 00 00 20 5a 6b 29 6d  |........... Zk)m|
-00000030  22 a0 e0 fb 7f 2d 87 48  e7 b4 c9 b3 5a d0 2b c7  |"....-.H....Z.+.|
-00000040  ad d8 e4 ad d5 eb 81 b3  1f 61 0e 65 13 02 00 00  |.........a.e....|
-00000050  2e 00 2b 00 02 03 04 00  33 00 24 00 1d 00 20 2f  |..+.....3.$... /|
-00000060  e5 7d a3 47 cd 62 43 15  28 da ac 5f bb 29 07 30  |.}.G.bC.(.._.).0|
-00000070  ff f6 84 af c4 cf c2 ed  90 99 5f 58 cb 3b 74 14  |.........._X.;t.|
-00000080  03 03 00 01 01 17 03 03  00 17 d9 74 68 ee e6 54  |...........th..T|
-00000090  e3 7a 0e ee 86 c7 a8 bb  c7 65 fc e4 c4 6c 58 7a  |.z.......e...lXz|
-000000a0  1e 17 03 03 02 6d 98 c3  0c cc 80 fe ea 70 13 4e  |.....m.......p.N|
-000000b0  2f f6 49 99 5f 27 0a f9  4d cf e5 1a 9a 37 fb e7  |/.I._'..M....7..|
-000000c0  3b a4 60 82 43 df fb fa  47 15 6f d8 db d2 3e c3  |;.`.C...G.o...>.|
-000000d0  dd a0 37 ca b2 b4 c9 1b  5c 86 4a e0 7e 06 1e 27  |..7.....\.J.~..'|
-000000e0  73 c6 cd 54 37 df 95 b1  c6 d5 44 85 2c 67 7d a7  |s..T7.....D.,g}.|
-000000f0  2a 7d 87 86 5e f3 e5 60  f8 7c de bf 78 89 35 9b  |*}..^..`.|..x.5.|
-00000100  d1 0b 8a dd 6f 40 d8 5a  55 10 e2 71 b0 7a 5e 4b  |....o@.ZU..q.z^K|
-00000110  86 18 be 18 a7 f8 8e c6  ae 8c 1e df bf 84 77 c5  |..............w.|
-00000120  dc b1 17 26 72 ea bb 9b  28 6c bf 19 8d 1a 22 90  |...&r...(l....".|
-00000130  0f 19 92 5b ff db 07 84  48 61 68 f0 50 20 76 a3  |...[....Hah.P v.|
-00000140  d3 f2 4a 3b 60 f5 73 cb  61 f7 11 63 f2 a7 0e 18  |..J;`.s.a..c....|
-00000150  30 96 d0 17 f1 2f 58 09  49 33 15 3e 31 e4 17 e8  |0..../X.I3.>1...|
-00000160  07 48 b5 43 06 40 60 4f  a0 78 0d 51 0c 3f 0f 1a  |.H.C.@`O.x.Q.?..|
-00000170  8c 95 7a 3e 36 66 36 22  dc 58 4e b7 3e 19 ad de  |..z>6f6".XN.>...|
-00000180  c9 f9 b0 76 e4 e2 8c 04  27 6f 67 8f fe 86 b9 41  |...v....'og....A|
-00000190  53 7d 9f d1 e0 a6 0b ec  fc c0 82 bf 00 36 28 4d  |S}...........6(M|
-000001a0  20 3a e3 42 67 87 16 64  6c 4f e2 54 23 d1 0f 32  | :.Bg..dlO.T#..2|
-000001b0  e9 16 9a da 46 a6 39 18  d5 6e a6 93 25 de a1 77  |....F.9..n..%..w|
-000001c0  d9 26 b5 7c b4 85 8a 69  48 90 11 a9 8c 42 ca b8  |.&.|...iH....B..|
-000001d0  88 63 df ec 6c e3 9f 2c  29 75 9b 57 79 8b 69 66  |.c..l..,)u.Wy.if|
-000001e0  16 9e 93 48 04 8a 41 e0  8b 0e fb a5 9c fd 68 f6  |...H..A.......h.|
-000001f0  5f ab 89 11 e4 aa 4c 6c  92 df b3 a3 39 f0 38 d9  |_.....Ll....9.8.|
-00000200  7d 1b 42 13 ee d1 83 e2  20 3f 60 81 96 d9 63 2c  |}.B..... ?`...c,|
-00000210  e8 54 a5 08 41 9b 1d 02  41 37 a2 ce 0c 9b 34 bf  |.T..A...A7....4.|
-00000220  43 c5 ac 90 67 cd 6b b6  55 31 36 b1 2b 0e ed 8c  |C...g.k.U16.+...|
-00000230  23 ae 71 b2 ab f3 94 68  f2 f6 87 d3 87 61 ca aa  |#.q....h.....a..|
-00000240  0b 65 63 a1 11 dc 6d 74  33 c8 24 a6 ae 40 27 c7  |.ec...mt3.$..@'.|
-00000250  d4 06 51 89 15 35 66 21  b0 82 15 87 70 c5 b8 8d  |..Q..5f!....p...|
-00000260  34 48 ff 41 e0 1a b0 46  f7 38 47 53 64 f7 a3 a2  |4H.A...F.8GSd...|
-00000270  61 96 72 ea 90 de 86 18  64 49 91 ed 97 05 e3 27  |a.r.....dI.....'|
-00000280  47 df ea 06 c6 28 f9 79  51 5e 64 b6 de 52 75 8a  |G....(.yQ^d..Ru.|
-00000290  79 8d 8e a6 d5 b0 f1 a6  ab 76 44 25 4b 80 5e e4  |y........vD%K.^.|
-000002a0  d4 aa c6 2d 77 1a 49 52  16 d6 73 6b 18 2d d1 a6  |...-w.IR..sk.-..|
-000002b0  4c e1 be 4d f8 79 34 a1  4c 81 88 9c 4b 85 f3 28  |L..M.y4.L...K..(|
-000002c0  97 fc 3a 7e cf d4 81 2c  d3 57 df 09 f5 49 f5 cf  |..:~...,.W...I..|
-000002d0  c7 7c 22 b3 8e 95 0f 97  6d d1 56 e3 43 7e 52 0f  |.|".....m.V.C~R.|
-000002e0  d4 da 3f e0 4e 06 b9 84  18 7d 7c 56 49 e0 d7 4a  |..?.N....}|VI..J|
-000002f0  d6 df c4 70 0c 74 5b 1f  4d 76 28 cd 3b b0 9e 27  |...p.t[.Mv(.;..'|
-00000300  cc 6b 1a 13 41 1a 6b bf  0d 2d 93 b2 d5 7e 7e 25  |.k..A.k..-...~~%|
-00000310  0e 8a 9c 17 03 03 00 99  df 4b 8e 3e d0 14 be 76  |.........K.>...v|
-00000320  f1 d3 ca b1 39 c0 7e 6c  4f 8c d9 0d b8 83 07 39  |....9.~lO......9|
-00000330  08 55 13 1e 3d 68 0f 99  9f 9a 68 1f 57 6a aa 41  |.U..=h....h.Wj.A|
-00000340  a4 40 2b 12 f2 4b 6c db  3c 59 fa 99 5c e2 c7 2d  |.@+..Kl.<Y..\..-|
-00000350  4b 55 4c 27 b1 6c bf 99  c3 36 1d 73 7a 8b fd bc  |KUL'.l...6.sz...|
-00000360  93 77 27 f5 9e cd 10 61  bc 8d b5 bf 7b bb 69 00  |.w'....a....{.i.|
-00000370  f9 f0 d3 22 dd 4e 7d 12  5a 61 49 1d d4 29 14 43  |...".N}.ZaI..).C|
-00000380  e5 62 ab d8 c6 78 75 80  4b 7a 6b 3f af 4b 92 2a  |.b...xu.Kzk?.K.*|
-00000390  23 29 da 85 c0 d7 35 03  9d ed 9c f7 83 39 cf cb  |#)....5......9..|
-000003a0  0f 85 5e 9f 29 61 d8 a2  d0 cb 14 2d 71 50 6f d5  |..^.)a.....-qPo.|
-000003b0  c2 17 03 03 00 45 be 9b  ee 5d e1 08 8a c2 d6 67  |.....E...].....g|
-000003c0  df 3b 84 50 28 30 69 bd  11 89 6a ab 02 ad d7 79  |.;.P(0i...j....y|
-000003d0  8b 2c 0a a9 9c ce e5 30  49 2d 59 82 e8 ee d3 03  |.,.....0I-Y.....|
-000003e0  77 d3 fc 22 dd 81 be e6  f4 22 36 8d 8e b1 7c 4a  |w.."....."6...|J|
-000003f0  b9 9c 6a ea 3f f0 aa ac  ec b6 c7 17 03 03 00 a3  |..j.?...........|
-00000400  69 e0 19 38 57 54 62 6c  28 d9 54 94 79 6e 7b 48  |i..8WTbl(.T.yn{H|
-00000410  25 55 7f 5f bb cc 91 07  30 47 55 9b f3 6e b9 ba  |%U._....0GU..n..|
-00000420  50 65 9b e9 81 5d 53 20  cd 27 5d ee 92 93 01 8f  |Pe...]S .'].....|
-00000430  5a d6 02 b9 26 1b 45 c3  40 26 6b 81 c3 ba 1e 3c  |Z...&.E.@&k....<|
-00000440  e6 03 93 b0 18 fe 2d be  07 97 b1 a1 a7 55 8f d8  |......-......U..|
-00000450  96 7a 58 ad 7d c1 72 71  d9 25 07 56 22 9a 7a f9  |.zX.}.rq.%.V".z.|
-00000460  4a 1b 82 30 e9 fb b0 26  81 45 d2 45 5b 1c 7d 97  |J..0...&.E.E[.}.|
-00000470  89 6d 17 69 81 27 a6 4c  be d0 78 1d b5 6c 3f 94  |.m.i.'.L..x..l?.|
-00000480  ef e4 6b ec 02 63 8b bf  f9 00 8a 8a 46 43 5d e0  |..k..c......FC].|
-00000490  52 38 8c d5 76 d7 79 42  a3 6b 35 e2 45 f3 0f b5  |R8..v.yB.k5.E...|
-000004a0  9f 22 f9                                          |.".|
->>> Flow 3 (client to server)
-00000000  14 03 03 00 01 01 17 03  03 00 45 4b 7c c5 9e c6  |..........EK|...|
-00000010  47 4a 90 d8 c2 c0 49 f7  3b c4 26 eb 15 18 9c bc  |GJ....I.;.&.....|
-00000020  c8 44 f0 53 94 2f 0f c8  d7 c1 86 42 ed b7 8f 63  |.D.S./.....B...c|
-00000030  a0 97 5d 5b 15 01 3a 3d  ca a6 d0 1a a4 77 cc 7e  |..][..:=.....w.~|
-00000040  88 fd 0b c9 a0 46 b7 40  25 8a 03 6e 99 66 bb 84  |.....F.@%..n.f..|
->>> Flow 4 (server to client)
-00000000  17 03 03 00 1e 6a 41 80  ca 72 5f c3 ee e1 88 49  |.....jA..r_....I|
-00000010  6d be a4 d9 26 07 5c 2b  2c a7 83 b5 c4 eb 4e 4b  |m...&.\+,.....NK|
-00000020  a1 29 98 17 03 03 00 13  2a f9 33 6c 46 f7 9a 51  |.)......*.3lF..Q|
-00000030  1b 36 cd bc d8 5d 94 0d  9e 4b 72                 |.6...]...Kr|
--- a/src/crypto/tls/tls_test.go
+++ b/src/crypto/tls/tls_test.go
@@ -23,15 +23,11 @@ import (
 	"time"
 )

-var savedSupportedSignatureAlgorithmsTLS12 = supportedSignatureAlgorithmsTLS12
-
 func init() {
-	// TLS 1.3 is opt-in for Go 1.12, and RSA-PSS is disabled in TLS 1.2, but we
-	// want to run most tests with both enabled. TestTLS13Switch below and the
-	// "PSS-Disabled" recordings test the disabled behavior. See Issue 30055.
+	// TLS 1.3 is opt-in for Go 1.12, but we want to run most tests with it enabled.
+	// TestTLS13Switch below tests the disabled behavior. See Issue 30055.
 	tls13Support.Do(func() {}) // defuse the sync.Once
 	tls13Support.cached = true
-	supportedSignatureAlgorithmsTLS12 = supportedSignatureAlgorithms
 }

 var rsaCertPEM = `-----BEGIN CERTIFICATE-----