mirrors/utls
1
0
Fork 0
mirror of https://github.com/refraction-networking/utls.git synced 2025-04-03 20:17:36 +03:00
Code Issues Projects Releases Packages Wiki Activity

crypto/ecdh: new package

Browse source 
We use crypto/internal/edwards25519/field to implement X25519 directly,
so that golang.org/x/crypto/curve25519 can be dropped from the src
module dependencies, and eventually replaced with a crypto/ecdh wrapper,
removing the need to keep golang.org/x/crypto/curve25519/internal/field
in sync with crypto/internal/edwards25519/field.

In crypto/internal/nistec, we add BytesX to serialize only the x
coordinate, which we'll need for the horrible ECDSA x-coord-to-scalar
operation, too.

In crypto/tls, we replace the ECDHE implementation with crypto/ecdh,
dropping the X25519 special cases and related scaffolding.

Finally, FINALLY, we deprecate the ~white whale~ big.Int-based APIs of
the crypto/elliptic package.   •_•)   ( •_•)>⌐■-■   (⌐■_■)

Fixes #52182
Fixes #34648
Fixes #52221

Change-Id: Iccdda210319cc892e96bb28a0e7b7123551982c7
Reviewed-on: https://go-review.googlesource.com/c/go/+/398914
Reviewed-by: Fernando Lobato Meeser <felobato@google.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
This commit is contained in:
Filippo Valsorda 2022-04-07 15:15:31 -04:00
parent 8011ffeccb
commit f80ca9c941
6 changed files with 85 additions and 121 deletions
Download patch file Download diff file Expand all files Collapse all files

7
handshake_server_test.go
View file

@ -8,7 +8,9 @@ import (
"bytes"
"context"
"crypto"
"crypto/ecdh"
"crypto/elliptic"
"crypto/rand"
"crypto/x509"
"encoding/pem"
"errors"
@ -22,8 +24,6 @@ import (
"strings"
"testing"
"time"
"golang.org/x/crypto/curve25519"
)
func testClientHello(t *testing.T, serverConfig *Config, m handshakeMessage) {
@ -1909,6 +1909,7 @@ func TestAESCipherReorderingTLS13(t *testing.T) {
for _, tc := range tests {
t.Run(tc.name, func(t *testing.T) {
hasAESGCMHardwareSupport = tc.serverHasAESGCM
pk, _ := ecdh.X25519().GenerateKey(rand.Reader)
hs := &serverHandshakeStateTLS13{
c: &Conn{
config: &Config{},
@ -1918,7 +1919,7 @@ func TestAESCipherReorderingTLS13(t *testing.T) {
cipherSuites: tc.clientCiphers,
supportedVersions: []uint16{VersionTLS13},
compressionMethods: []uint8{compressionNone},
keyShares: []keyShare{{group: X25519, data: curve25519.Basepoint}},
keyShares: []keyShare{{group: X25519, data: pk.PublicKey().Bytes()}},
},
}