crypto/tls: implement X25519Kyber768Draft00

Forced the testConfig CurvePreferences to exclude X25519Kyber768Draft00
to avoid bloating the transcripts, but I manually tested it and the
tests all update and pass successfully, causing 7436 insertions(+), 3251
deletions(-).

Fixes #67061

Change-Id: If6f13bca561835777ab0889a490487b7c2366c3c
Reviewed-on: https://go-review.googlesource.com/c/go/+/586656
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
This commit is contained in:
Filippo Valsorda 2024-05-18 20:15:38 +02:00 committed by Gopher Robot
parent 7e8209f81c
commit a81de4f2e0
16 changed files with 493 additions and 102 deletions

View file

@ -18,6 +18,7 @@ import (
"net"
"os"
"reflect"
"slices"
"sort"
"strings"
"testing"
@ -1805,3 +1806,135 @@ func testVerifyCertificates(t *testing.T, version uint16) {
})
}
}
func TestHandshakeKyber(t *testing.T) {
if x25519Kyber768Draft00.String() != "X25519Kyber768Draft00" {
t.Fatalf("unexpected CurveID string: %v", x25519Kyber768Draft00.String())
}
var tests = []struct {
name string
clientConfig func(*Config)
serverConfig func(*Config)
preparation func(*testing.T)
expectClientSupport bool
expectKyber bool
expectHRR bool
}{
{
name: "Default",
expectClientSupport: true,
expectKyber: true,
expectHRR: false,
},
{
name: "ClientCurvePreferences",
clientConfig: func(config *Config) {
config.CurvePreferences = []CurveID{X25519}
},
expectClientSupport: false,
},
{
name: "ServerCurvePreferencesX25519",
serverConfig: func(config *Config) {
config.CurvePreferences = []CurveID{X25519}
},
expectClientSupport: true,
expectKyber: false,
expectHRR: false,
},
{
name: "ServerCurvePreferencesHRR",
serverConfig: func(config *Config) {
config.CurvePreferences = []CurveID{CurveP256}
},
expectClientSupport: true,
expectKyber: false,
expectHRR: true,
},
{
name: "ClientTLSv12",
clientConfig: func(config *Config) {
config.MaxVersion = VersionTLS12
},
expectClientSupport: false,
},
{
name: "ServerTLSv12",
serverConfig: func(config *Config) {
config.MaxVersion = VersionTLS12
},
expectClientSupport: true,
expectKyber: false,
},
{
name: "GODEBUG",
preparation: func(t *testing.T) {
t.Setenv("GODEBUG", "tlskyber=0")
},
expectClientSupport: false,
},
}
baseConfig := testConfig.Clone()
baseConfig.CurvePreferences = nil
for _, test := range tests {
t.Run(test.name, func(t *testing.T) {
if test.preparation != nil {
test.preparation(t)
} else {
t.Parallel()
}
serverConfig := baseConfig.Clone()
if test.serverConfig != nil {
test.serverConfig(serverConfig)
}
serverConfig.GetConfigForClient = func(hello *ClientHelloInfo) (*Config, error) {
if !test.expectClientSupport && slices.Contains(hello.SupportedCurves, x25519Kyber768Draft00) {
return nil, errors.New("client supports Kyber768Draft00")
} else if test.expectClientSupport && !slices.Contains(hello.SupportedCurves, x25519Kyber768Draft00) {
return nil, errors.New("client does not support Kyber768Draft00")
}
return nil, nil
}
clientConfig := baseConfig.Clone()
if test.clientConfig != nil {
test.clientConfig(clientConfig)
}
ss, cs, err := testHandshake(t, clientConfig, serverConfig)
if err != nil {
t.Fatal(err)
}
if test.expectKyber {
if ss.testingOnlyCurveID != x25519Kyber768Draft00 {
t.Errorf("got CurveID %v (server), expected %v", ss.testingOnlyCurveID, x25519Kyber768Draft00)
}
if cs.testingOnlyCurveID != x25519Kyber768Draft00 {
t.Errorf("got CurveID %v (client), expected %v", cs.testingOnlyCurveID, x25519Kyber768Draft00)
}
} else {
if ss.testingOnlyCurveID == x25519Kyber768Draft00 {
t.Errorf("got CurveID %v (server), expected not Kyber", ss.testingOnlyCurveID)
}
if cs.testingOnlyCurveID == x25519Kyber768Draft00 {
t.Errorf("got CurveID %v (client), expected not Kyber", cs.testingOnlyCurveID)
}
}
if test.expectHRR {
if !ss.testingOnlyDidHRR {
t.Error("server did not use HRR")
}
if !cs.testingOnlyDidHRR {
t.Error("client did not use HRR")
}
} else {
if ss.testingOnlyDidHRR {
t.Error("server used HRR")
}
if cs.testingOnlyDidHRR {
t.Error("client used HRR")
}
}
})
}
}