From dd10335a9c9fa413d8d293d11d50e52aa536b86d Mon Sep 17 00:00:00 2001 From: Russ Cox Date: Wed, 27 Apr 2022 09:02:53 -0400 Subject: [PATCH] [dev.boringcrypto] crypto/x509: remove VerifyOptions.IsBoring This API was added only for BoringCrypto, never shipped in standard Go. This API is also not compatible with the expected future evolution of crypto/x509, as we move closer to host verifiers on macOS and Windows. If we want to merge BoringCrypto into the main tree, it is best not to have differing API. So instead of a hook set by crypto/tls, move the actual check directly into crypto/x509, eliminating the need for exposed API. For #51940. Change-Id: Ia2ae98c745de818d39501777014ea8166cab0b03 Reviewed-on: https://go-review.googlesource.com/c/go/+/395878 TryBot-Result: Gopher Robot Run-TryBot: Russ Cox Reviewed-by: Roland Shoemaker --- boring.go | 30 ------------------------------ boring_test.go | 16 ---------------- handshake_client.go | 4 +--- handshake_server.go | 3 --- notboring.go | 11 ++++------- 5 files changed, 5 insertions(+), 59 deletions(-) diff --git a/boring.go b/boring.go index c40d4a0..1827f76 100644 --- a/boring.go +++ b/boring.go @@ -7,11 +7,7 @@ package tls import ( - "crypto/ecdsa" - "crypto/elliptic" "crypto/internal/boring/fipstls" - "crypto/rsa" - "crypto/x509" ) // needFIPS returns fipstls.Required(); it avoids a new import in common.go. @@ -79,32 +75,6 @@ func fipsCipherSuites(c *Config) []uint16 { return list } -// isBoringCertificate reports whether a certificate may be used -// when constructing a verified chain. -// It is called for each leaf, intermediate, and root certificate. -func isBoringCertificate(c *x509.Certificate) bool { - if !needFIPS() { - // Everything is OK if we haven't forced FIPS-only mode. - return true - } - - // Otherwise the key must be RSA 2048, RSA 3072, or ECDSA P-256, P-384, or P-521. - switch k := c.PublicKey.(type) { - default: - return false - case *rsa.PublicKey: - if size := k.N.BitLen(); size != 2048 && size != 3072 { - return false - } - case *ecdsa.PublicKey: - if k.Curve != elliptic.P256() && k.Curve != elliptic.P384() && k.Curve != elliptic.P521() { - return false - } - } - - return true -} - // fipsSupportedSignatureAlgorithms currently are a subset of // defaultSupportedSignatureAlgorithms without Ed25519 and SHA-1. var fipsSupportedSignatureAlgorithms = []SignatureScheme{ diff --git a/boring_test.go b/boring_test.go index 12a7d93..f743fc8 100644 --- a/boring_test.go +++ b/boring_test.go @@ -324,12 +324,6 @@ func TestBoringCertAlgs(t *testing.T) { L1_I := boringCert(t, "L1_I", boringECDSAKey(t, elliptic.P384()), I_R1, boringCertLeaf|boringCertFIPSOK) L2_I := boringCert(t, "L2_I", boringRSAKey(t, 1024), I_R1, boringCertLeaf) - // boringCert checked that isBoringCertificate matches the caller's boringCertFIPSOK bit. - // If not, no point in building bigger end-to-end tests. - if t.Failed() { - t.Fatalf("isBoringCertificate failures; not continuing") - } - // client verifying server cert testServerCert := func(t *testing.T, desc string, pool *x509.CertPool, key interface{}, list [][]byte, ok bool) { clientConfig := testConfig.Clone() @@ -534,14 +528,11 @@ func boringCert(t *testing.T, name string, key interface{}, parent *boringCertif } var pub interface{} - var desc string switch k := key.(type) { case *rsa.PrivateKey: pub = &k.PublicKey - desc = fmt.Sprintf("RSA-%d", k.N.BitLen()) case *ecdsa.PrivateKey: pub = &k.PublicKey - desc = "ECDSA-" + k.Curve.Params().Name default: t.Fatalf("invalid key %T", key) } @@ -555,14 +546,7 @@ func boringCert(t *testing.T, name string, key interface{}, parent *boringCertif t.Fatal(err) } - // Tell isBoringCertificate to enforce FIPS restrictions for this check. - fipstls.Force() - defer fipstls.Abandon() - fipsOK := mode&boringCertFIPSOK != 0 - if isBoringCertificate(cert) != fipsOK { - t.Errorf("isBoringCertificate(cert with %s key) = %v, want %v", desc, !fipsOK, fipsOK) - } return &boringCertificate{name, org, parentOrg, der, cert, key, fipsOK} } diff --git a/handshake_client.go b/handshake_client.go index de19b7e..e61e3eb 100644 --- a/handshake_client.go +++ b/handshake_client.go @@ -866,9 +866,7 @@ func (c *Conn) verifyServerCertificate(certificates [][]byte) error { DNSName: c.config.ServerName, Intermediates: x509.NewCertPool(), } - if needFIPS() { - opts.IsBoring = isBoringCertificate - } + for _, cert := range certs[1:] { opts.Intermediates.AddCert(cert) } diff --git a/handshake_server.go b/handshake_server.go index 2d71d08..7606305 100644 --- a/handshake_server.go +++ b/handshake_server.go @@ -817,9 +817,6 @@ func (c *Conn) processCertsFromClient(certificate Certificate) error { Intermediates: x509.NewCertPool(), KeyUsages: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth}, } - if needFIPS() { - opts.IsBoring = isBoringCertificate - } for _, cert := range certs[1:] { opts.Intermediates.AddCert(cert) diff --git a/notboring.go b/notboring.go index d79ea21..7d85b39 100644 --- a/notboring.go +++ b/notboring.go @@ -6,18 +6,15 @@ package tls -import "crypto/x509" - func needFIPS() bool { return false } func supportedSignatureAlgorithms() []SignatureScheme { return defaultSupportedSignatureAlgorithms } -func fipsMinVersion(c *Config) uint16 { panic("fipsMinVersion") } -func fipsMaxVersion(c *Config) uint16 { panic("fipsMaxVersion") } -func fipsCurvePreferences(c *Config) []CurveID { panic("fipsCurvePreferences") } -func fipsCipherSuites(c *Config) []uint16 { panic("fipsCipherSuites") } -func isBoringCertificate(c *x509.Certificate) bool { panic("isBoringCertificate") } +func fipsMinVersion(c *Config) uint16 { panic("fipsMinVersion") } +func fipsMaxVersion(c *Config) uint16 { panic("fipsMaxVersion") } +func fipsCurvePreferences(c *Config) []CurveID { panic("fipsCurvePreferences") } +func fipsCipherSuites(c *Config) []uint16 { panic("fipsCipherSuites") } var fipsSupportedSignatureAlgorithms []SignatureScheme