mirror of
https://github.com/refraction-networking/utls.git
synced 2025-04-04 20:47:36 +03:00
Revert "crypto/internal/boring: upgrade module to fips-20220613" +1
This reverts commit 7383b2a4db5dc93c9b875b42d5add73d27cc4b9f
("crypto/internal/boring: upgrade module to fips-20220613") and commit
4106de901a8efe914cda6f6c4e8d45ff8c115da4 ("crypto/tls: align FIPS-only
mode with BoringSSL policy").
Fixes #65321
Updates #64717
Updates #62372
Change-Id: I0938b97e5b4904e6532448b8ae76e920d03d0508
Reviewed-on: https://go-review.googlesource.com/c/go/+/558796
Reviewed-by: Michael Knyszek <mknyszek@google.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
This commit is contained in:
Filippo Valsorda
Gopher Robot
parent
035b9d2bbf
commit
c3aeef03b3
8 changed files with 48 additions and 100 deletions
|
|
@ -25,31 +25,6 @@ import (
|
|||
"time"
|
||||
)
|
||||
|
||||
func allCipherSuitesIncludingTLS13() []uint16 {
|
||||
s := allCipherSuites()
|
||||
for _, suite := range cipherSuitesTLS13 {
|
||||
s = append(s, suite.id)
|
||||
}
|
||||
return s
|
||||
}
|
||||
|
||||
func isTLS13CipherSuite(id uint16) bool {
|
||||
for _, suite := range cipherSuitesTLS13 {
|
||||
if id == suite.id {
|
||||
return true
|
||||
}
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
func generateKeyShare(group CurveID) keyShare {
|
||||
key, err := generateECDHEKey(rand.Reader, group)
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
return keyShare{group: group, data: key.PublicKey().Bytes()}
|
||||
}
|
||||
|
||||
func TestBoringServerProtocolVersion(t *testing.T) {
|
||||
test := func(name string, v uint16, msg string) {
|
||||
t.Run(name, func(t *testing.T) {
|
||||
|
|
@ -58,11 +33,8 @@ func TestBoringServerProtocolVersion(t *testing.T) {
|
|||
clientHello := &clientHelloMsg{
|
||||
vers: v,
|
||||
random: make([]byte, 32),
|
||||
cipherSuites: allCipherSuitesIncludingTLS13(),
|
||||
cipherSuites: allCipherSuites(),
|
||||
compressionMethods: []uint8{compressionNone},
|
||||
supportedCurves: defaultCurvePreferences,
|
||||
keyShares: []keyShare{generateKeyShare(CurveP256)},
|
||||
supportedPoints: []uint8{pointFormatUncompressed},
|
||||
supportedVersions: []uint16{v},
|
||||
}
|
||||
testClientHelloFailure(t, serverConfig, clientHello, msg)
|
||||
|
|
@ -76,25 +48,25 @@ func TestBoringServerProtocolVersion(t *testing.T) {
|
|||
|
||||
fipstls.Force()
|
||||
defer fipstls.Abandon()
|
||||
test("VersionSSL30/fipstls", VersionSSL30, "client offered only unsupported versions")
|
||||
test("VersionTLS10/fipstls", VersionTLS10, "client offered only unsupported versions")
|
||||
test("VersionTLS11/fipstls", VersionTLS11, "client offered only unsupported versions")
|
||||
test("VersionTLS12/fipstls", VersionTLS12, "")
|
||||
test("VersionTLS13/fipstls", VersionTLS13, "")
|
||||
test("VersionSSL30", VersionSSL30, "client offered only unsupported versions")
|
||||
test("VersionTLS10", VersionTLS10, "client offered only unsupported versions")
|
||||
test("VersionTLS11", VersionTLS11, "client offered only unsupported versions")
|
||||
test("VersionTLS12", VersionTLS12, "")
|
||||
test("VersionTLS13", VersionTLS13, "client offered only unsupported versions")
|
||||
}
|
||||
|
||||
func isBoringVersion(v uint16) bool {
|
||||
return v == VersionTLS12 || v == VersionTLS13
|
||||
return v == VersionTLS12
|
||||
}
|
||||
|
||||
func isBoringCipherSuite(id uint16) bool {
|
||||
switch id {
|
||||
case TLS_AES_128_GCM_SHA256,
|
||||
TLS_AES_256_GCM_SHA384,
|
||||
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
|
||||
case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
|
||||
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
|
||||
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
|
||||
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
|
||||
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
|
||||
TLS_RSA_WITH_AES_128_GCM_SHA256,
|
||||
TLS_RSA_WITH_AES_256_GCM_SHA384:
|
||||
return true
|
||||
}
|
||||
return false
|
||||
|
|
@ -102,7 +74,7 @@ func isBoringCipherSuite(id uint16) bool {
|
|||
|
||||
func isBoringCurve(id CurveID) bool {
|
||||
switch id {
|
||||
case CurveP256, CurveP384:
|
||||
case CurveP256, CurveP384, CurveP521:
|
||||
return true
|
||||
}
|
||||
return false
|
||||
|
|
@ -114,7 +86,7 @@ func isECDSA(id uint16) bool {
|
|||
return suite.flags&suiteECSign == suiteECSign
|
||||
}
|
||||
}
|
||||
return false // TLS 1.3 cipher suites are not tied to the signature algorithm.
|
||||
panic(fmt.Sprintf("unknown cipher suite %#x", id))
|
||||
}
|
||||
|
||||
func isBoringSignatureScheme(alg SignatureScheme) bool {
|
||||
|
|
@ -126,6 +98,7 @@ func isBoringSignatureScheme(alg SignatureScheme) bool {
|
|||
PKCS1WithSHA384,
|
||||
ECDSAWithP384AndSHA384,
|
||||
PKCS1WithSHA512,
|
||||
ECDSAWithP521AndSHA512,
|
||||
PSSWithSHA256,
|
||||
PSSWithSHA384,
|
||||
PSSWithSHA512:
|
||||
|
|
@ -136,9 +109,10 @@ func isBoringSignatureScheme(alg SignatureScheme) bool {
|
|||
|
||||
func TestBoringServerCipherSuites(t *testing.T) {
|
||||
serverConfig := testConfig.Clone()
|
||||
serverConfig.CipherSuites = allCipherSuites()
|
||||
serverConfig.Certificates = make([]Certificate, 1)
|
||||
|
||||
for _, id := range allCipherSuitesIncludingTLS13() {
|
||||
for _, id := range allCipherSuites() {
|
||||
if isECDSA(id) {
|
||||
serverConfig.Certificates[0].Certificate = [][]byte{testECDSACertificate}
|
||||
serverConfig.Certificates[0].PrivateKey = testECDSAPrivateKey
|
||||
|
|
@ -147,19 +121,14 @@ func TestBoringServerCipherSuites(t *testing.T) {
|
|||
serverConfig.Certificates[0].PrivateKey = testRSAPrivateKey
|
||||
}
|
||||
serverConfig.BuildNameToCertificate()
|
||||
t.Run(fmt.Sprintf("suite=%s", CipherSuiteName(id)), func(t *testing.T) {
|
||||
t.Run(fmt.Sprintf("suite=%#x", id), func(t *testing.T) {
|
||||
clientHello := &clientHelloMsg{
|
||||
vers: VersionTLS12,
|
||||
random: make([]byte, 32),
|
||||
cipherSuites: []uint16{id},
|
||||
compressionMethods: []uint8{compressionNone},
|
||||
supportedCurves: defaultCurvePreferences,
|
||||
keyShares: []keyShare{generateKeyShare(CurveP256)},
|
||||
supportedPoints: []uint8{pointFormatUncompressed},
|
||||
supportedVersions: []uint16{VersionTLS12},
|
||||
}
|
||||
if isTLS13CipherSuite(id) {
|
||||
clientHello.supportedVersions = []uint16{VersionTLS13}
|
||||
}
|
||||
|
||||
testClientHello(t, serverConfig, clientHello)
|
||||
|
|
@ -191,9 +160,7 @@ func TestBoringServerCurves(t *testing.T) {
|
|||
cipherSuites: []uint16{TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256},
|
||||
compressionMethods: []uint8{compressionNone},
|
||||
supportedCurves: []CurveID{curveid},
|
||||
keyShares: []keyShare{generateKeyShare(curveid)},
|
||||
supportedPoints: []uint8{pointFormatUncompressed},
|
||||
supportedVersions: []uint16{VersionTLS12},
|
||||
}
|
||||
|
||||
testClientHello(t, serverConfig, clientHello)
|
||||
|
|
@ -312,7 +279,7 @@ func TestBoringClientHello(t *testing.T) {
|
|||
}
|
||||
|
||||
if !isBoringVersion(hello.vers) {
|
||||
t.Errorf("client vers=%#x", hello.vers)
|
||||
t.Errorf("client vers=%#x, want %#x (TLS 1.2)", hello.vers, VersionTLS12)
|
||||
}
|
||||
for _, v := range hello.supportedVersions {
|
||||
if !isBoringVersion(v) {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue