Add NewGCMTLS13, only implemented by boring backend

microsoft · Dec 22, 2023 · 1f5eb26 · 1f5eb26
1 parent 7931ec7
commit 1f5eb26
Show file tree

Hide file tree

Showing 4 changed files with 51 additions and 44 deletions.
diff --git a/patches/0002-Add-crypto-backend-foundation.patch b/patches/0002-Add-crypto-backend-foundation.patch
@@ -14,7 +14,7 @@ Subject: [PATCH] Add crypto backend foundation
  src/crypto/ecdsa/ecdsa.go                    |   4 +-
  src/crypto/ecdsa/notboring.go                |   2 +-
  src/crypto/ed25519/boring.go                 |  71 +++++++
- src/crypto/ed25519/ed25519.go                |  75 +++++++-
+ src/crypto/ed25519/ed25519.go                |  75 ++++++-
  src/crypto/ed25519/ed25519_test.go           |   2 +-
  src/crypto/ed25519/notboring.go              |  16 ++
  src/crypto/hmac/hmac.go                      |   2 +-
@@ -23,7 +23,7 @@ Subject: [PATCH] Add crypto backend foundation
  src/crypto/internal/backend/bbig/big.go      |  17 ++
  src/crypto/internal/backend/common.go        |  78 ++++++++
  src/crypto/internal/backend/isrequirefips.go |   9 +
- src/crypto/internal/backend/nobackend.go     | 192 +++++++++++++++++++
+ src/crypto/internal/backend/nobackend.go     | 193 +++++++++++++++++++
  src/crypto/internal/backend/norequirefips.go |   9 +
  src/crypto/internal/backend/stub.s           |  10 +
  src/crypto/md5/md5.go                        |   7 +
@@ -50,7 +50,7 @@ Subject: [PATCH] Add crypto backend foundation
  src/crypto/tls/prf_test.go                   |  12 +-
  src/go/build/deps_test.go                    |   2 +
  src/runtime/runtime_boring.go                |   5 +
- 46 files changed, 699 insertions(+), 66 deletions(-)
+ 46 files changed, 700 insertions(+), 66 deletions(-)
  create mode 100644 src/crypto/ed25519/boring.go
  create mode 100644 src/crypto/ed25519/notboring.go
  create mode 100644 src/crypto/internal/backend/backend_test.go
@@ -631,10 +631,10 @@ index 00000000000000..e5d7570d6d4363
 +const isRequireFIPS = true
 diff --git a/src/crypto/internal/backend/nobackend.go b/src/crypto/internal/backend/nobackend.go
 new file mode 100644
-index 00000000000000..db9ec456db705e
+index 00000000000000..08600a2c833ac7
 --- /dev/null
 +++ b/src/crypto/internal/backend/nobackend.go
-@@ -0,0 +1,192 @@
+@@ -0,0 +1,193 @@
 +// Copyright 2017 The Go Authors. All rights reserved.
 +// Use of this source code is governed by a BSD-style
 +// license that can be found in the LICENSE file.
@@ -682,6 +682,7 @@ index 00000000000000..db9ec456db705e
 +
 +func NewAESCipher(key []byte) (cipher.Block, error) { panic("cryptobackend: not available") }
 +func NewGCMTLS(c cipher.Block) (cipher.AEAD, error) { panic("cryptobackend: not available") }
++func NewGCMTLS13(c cipher.Block) (cipher.AEAD, error) { panic("cryptobackend: not available") }
 +
 +type PublicKeyECDSA struct{ _ int }
 +type PrivateKeyECDSA struct{ _ int }
@@ -926,7 +927,7 @@ index 40fce36314adfa..1d6231ae91d5ae 100644
  	"io"
  	"os"
 diff --git a/src/crypto/rc4/rc4.go b/src/crypto/rc4/rc4.go
-index f08da0e469cd07..b3e7db0413ed72 100644
+index 67452ec39f0fd4..47726d0ebe38d9 100644
 --- a/src/crypto/rc4/rc4.go
 +++ b/src/crypto/rc4/rc4.go
 @@ -11,6 +11,7 @@ package rc4
@@ -1144,7 +1145,7 @@ index 921cdbb7bbd477..2fef7ddae07480 100644
  	"encoding"
  	"encoding/hex"
 diff --git a/src/crypto/tls/cipher_suites.go b/src/crypto/tls/cipher_suites.go
-index 3f976c9c58b7f3..ed47943e9c6e8d 100644
+index 636689beb4dcef..7c732805725cd8 100644
 --- a/src/crypto/tls/cipher_suites.go
 +++ b/src/crypto/tls/cipher_suites.go
 @@ -10,7 +10,7 @@ import (
@@ -1157,10 +1158,10 @@ index 3f976c9c58b7f3..ed47943e9c6e8d 100644
  	"crypto/sha1"
  	"crypto/sha256"
 diff --git a/src/crypto/tls/handshake_client.go b/src/crypto/tls/handshake_client.go
-index 4649f36dea6773..f96b2b28862234 100644
+index 89004c28989627..eafbb221c07a33 100644
 --- a/src/crypto/tls/handshake_client.go
 +++ b/src/crypto/tls/handshake_client.go
-@@ -653,12 +653,16 @@ func (hs *clientHandshakeState) doFullHandshake() error {
+@@ -659,12 +659,16 @@ func (hs *clientHandshakeState) doFullHandshake() error {
 
  	if hs.serverHello.extendedMasterSecret {
  		c.extMasterSecret = true
@@ -1179,7 +1180,7 @@ index 4649f36dea6773..f96b2b28862234 100644
  	if err := c.config.writeKeyLog(keyLogLabelTLS12, hs.hello.random, hs.masterSecret); err != nil {
  		c.sendAlert(alertInternalError)
  		return errors.New("tls: failed to write to key log: " + err.Error())
-@@ -719,8 +723,12 @@ func (hs *clientHandshakeState) doFullHandshake() error {
+@@ -725,8 +729,12 @@ func (hs *clientHandshakeState) doFullHandshake() error {
  func (hs *clientHandshakeState) establishKeys() error {
  	c := hs.c
 
@@ -1193,7 +1194,7 @@ index 4649f36dea6773..f96b2b28862234 100644
  	var clientCipher, serverCipher any
  	var clientHash, serverHash hash.Hash
  	if hs.suite.cipher != nil {
-@@ -860,7 +868,11 @@ func (hs *clientHandshakeState) readFinished(out []byte) error {
+@@ -866,7 +874,11 @@ func (hs *clientHandshakeState) readFinished(out []byte) error {
  		return unexpectedMessageError(serverFinished, msg)
  	}
 
@@ -1206,7 +1207,7 @@ index 4649f36dea6773..f96b2b28862234 100644
  	if len(verify) != len(serverFinished.verifyData) ||
  		subtle.ConstantTimeCompare(verify, serverFinished.verifyData) != 1 {
  		c.sendAlert(alertHandshakeFailure)
-@@ -930,7 +942,10 @@ func (hs *clientHandshakeState) sendFinished(out []byte) error {
+@@ -936,7 +948,10 @@ func (hs *clientHandshakeState) sendFinished(out []byte) error {
  	}
 
  	finished := new(finishedMsg)
@@ -1219,10 +1220,10 @@ index 4649f36dea6773..f96b2b28862234 100644
  		return err
  	}
 diff --git a/src/crypto/tls/handshake_server.go b/src/crypto/tls/handshake_server.go
-index 996b23b1f52341..0c645ead0adba3 100644
+index 8129e9c6164af9..816d316a7d5329 100644
 --- a/src/crypto/tls/handshake_server.go
 +++ b/src/crypto/tls/handshake_server.go
-@@ -668,12 +668,16 @@ func (hs *serverHandshakeState) doFullHandshake() error {
+@@ -676,12 +676,16 @@ func (hs *serverHandshakeState) doFullHandshake() error {
  	}
  	if hs.hello.extendedMasterSecret {
  		c.extMasterSecret = true
@@ -1241,7 +1242,7 @@ index 996b23b1f52341..0c645ead0adba3 100644
  	if err := c.config.writeKeyLog(keyLogLabelTLS12, hs.clientHello.random, hs.masterSecret); err != nil {
  		c.sendAlert(alertInternalError)
  		return err
-@@ -737,8 +741,12 @@ func (hs *serverHandshakeState) doFullHandshake() error {
+@@ -745,8 +749,12 @@ func (hs *serverHandshakeState) doFullHandshake() error {
  func (hs *serverHandshakeState) establishKeys() error {
  	c := hs.c
 
@@ -1255,7 +1256,7 @@ index 996b23b1f52341..0c645ead0adba3 100644
 
  	var clientCipher, serverCipher any
  	var clientHash, serverHash hash.Hash
-@@ -779,7 +787,11 @@ func (hs *serverHandshakeState) readFinished(out []byte) error {
+@@ -787,7 +795,11 @@ func (hs *serverHandshakeState) readFinished(out []byte) error {
  		return unexpectedMessageError(clientFinished, msg)
  	}
 
@@ -1268,7 +1269,7 @@ index 996b23b1f52341..0c645ead0adba3 100644
  	if len(verify) != len(clientFinished.verifyData) ||
  		subtle.ConstantTimeCompare(verify, clientFinished.verifyData) != 1 {
  		c.sendAlert(alertHandshakeFailure)
-@@ -843,7 +855,10 @@ func (hs *serverHandshakeState) sendFinished(out []byte) error {
+@@ -851,7 +863,10 @@ func (hs *serverHandshakeState) sendFinished(out []byte) error {
  	}
 
  	finished := new(finishedMsg)
@@ -1317,7 +1318,7 @@ index d7f082c9ee1e04..14a85fbf1bd465 100644
  }
 
 diff --git a/src/crypto/tls/prf.go b/src/crypto/tls/prf.go
-index 20bac96e86703b..c47391f684dc6f 100644
+index a7fa3370e66c82..3470372b567eba 100644
 --- a/src/crypto/tls/prf.go
 +++ b/src/crypto/tls/prf.go
 @@ -7,6 +7,7 @@ package tls
@@ -1485,7 +1486,7 @@ index 20bac96e86703b..c47391f684dc6f 100644
  }
 
  // hashForClientCertificate returns the handshake messages so far, pre-hashed if
-@@ -286,7 +313,11 @@ func ekmFromMasterSecret(version uint16, suite *cipherSuite, masterSecret, clien
+@@ -293,7 +320,11 @@ func ekmFromMasterSecret(version uint16, suite *cipherSuite, masterSecret, clien
  		}
 
  		keyMaterial := make([]byte, length)
@@ -1527,18 +1528,18 @@ index 8233985a62bd22..f46d4636557714 100644
  		serverMACString := hex.EncodeToString(serverMAC)
  		clientKeyString := hex.EncodeToString(clientKey)
 diff --git a/src/go/build/deps_test.go b/src/go/build/deps_test.go
-index fcd5e939980f52..f10ecff5168acc 100644
+index 7ce8d346b406ae..3dd2595b34b07b 100644
 --- a/src/go/build/deps_test.go
 +++ b/src/go/build/deps_test.go
-@@ -428,6 +428,7 @@ var depsRules = `
+@@ -439,6 +439,7 @@ var depsRules = `
  	crypto/cipher,
  	crypto/internal/boring/bcache
  	< crypto/internal/boring
 +	< crypto/internal/backend
  	< crypto/boring;
 
  	crypto/internal/alias
-@@ -461,6 +462,7 @@ var depsRules = `
+@@ -472,6 +473,7 @@ var depsRules = `
  	# CRYPTO-MATH is core bignum-based crypto - no cgo, net; fmt now ok.
  	CRYPTO, FMT, math/big
  	< crypto/internal/boring/bbig

diff --git a/patches/0003-Add-BoringSSL-crypto-backend.patch b/patches/0003-Add-BoringSSL-crypto-backend.patch
@@ -5,8 +5,8 @@ Subject: [PATCH] Add BoringSSL crypto backend
 
 ---
  .../internal/backend/bbig/big_boring.go       |  12 +
- src/crypto/internal/backend/boring_linux.go   | 224 ++++++++++++++++++
- 2 files changed, 236 insertions(+)
+ src/crypto/internal/backend/boring_linux.go   | 225 ++++++++++++++++++
+ 2 files changed, 237 insertions(+)
  create mode 100644 src/crypto/internal/backend/bbig/big_boring.go
  create mode 100644 src/crypto/internal/backend/boring_linux.go
 
@@ -30,10 +30,10 @@ index 00000000000000..0b62cef68546d0
 +var Dec = bbig.Dec
 diff --git a/src/crypto/internal/backend/boring_linux.go b/src/crypto/internal/backend/boring_linux.go
 new file mode 100644
-index 00000000000000..55454cbf880fd3
+index 00000000000000..7c5fbeea717618
 --- /dev/null
 +++ b/src/crypto/internal/backend/boring_linux.go
-@@ -0,0 +1,224 @@
+@@ -0,0 +1,225 @@
 +// Copyright 2017 The Go Authors. All rights reserved.
 +// Use of this source code is governed by a BSD-style
 +// license that can be found in the LICENSE file.
@@ -84,6 +84,7 @@ index 00000000000000..55454cbf880fd3
 +
 +func NewAESCipher(key []byte) (cipher.Block, error) { return boring.NewAESCipher(key) }
 +func NewGCMTLS(c cipher.Block) (cipher.AEAD, error) { return boring.NewGCMTLS(c) }
++func NewGCMTLS13(c cipher.Block) (cipher.AEAD, error) { return boring.NewGCMTLS13(c) }
 +
 +type PublicKeyECDSA = boring.PublicKeyECDSA
 +type PrivateKeyECDSA = boring.PrivateKeyECDSA

diff --git a/patches/0004-Add-OpenSSL-crypto-backend.patch b/patches/0004-Add-OpenSSL-crypto-backend.patch
@@ -14,7 +14,7 @@ Subject: [PATCH] Add OpenSSL crypto backend
  src/crypto/ecdsa/notboring.go                 |   2 +-
  src/crypto/internal/backend/bbig/big.go       |   2 +-
  .../internal/backend/bbig/big_openssl.go      |  12 +
- src/crypto/internal/backend/openssl_linux.go  | 316 ++++++++++++++++++
+ src/crypto/internal/backend/openssl_linux.go  | 317 ++++++++++++++++++
  src/crypto/internal/boring/fipstls/stub.s     |   2 +-
  src/crypto/internal/boring/fipstls/tls.go     |   2 +-
  src/crypto/rsa/boring.go                      |   2 +-
@@ -37,7 +37,7 @@ Subject: [PATCH] Add OpenSSL crypto backend
  .../goexperiment/exp_opensslcrypto_on.go      |   9 +
  src/internal/goexperiment/flags.go            |   1 +
  src/os/exec/exec_test.go                      |   9 +
- 33 files changed, 398 insertions(+), 23 deletions(-)
+ 33 files changed, 399 insertions(+), 23 deletions(-)
  create mode 100644 src/crypto/internal/backend/bbig/big_openssl.go
  create mode 100644 src/crypto/internal/backend/openssl_linux.go
  create mode 100644 src/internal/goexperiment/exp_opensslcrypto_off.go
@@ -190,10 +190,10 @@ index 00000000000000..e6695dd66b1d02
 +var Dec = bbig.Dec
 diff --git a/src/crypto/internal/backend/openssl_linux.go b/src/crypto/internal/backend/openssl_linux.go
 new file mode 100644
-index 00000000000000..2ff516a44638ac
+index 00000000000000..0b83ca008ba23c
 --- /dev/null
 +++ b/src/crypto/internal/backend/openssl_linux.go
-@@ -0,0 +1,316 @@
+@@ -0,0 +1,317 @@
 +// Copyright 2017 The Go Authors. All rights reserved.
 +// Use of this source code is governed by a BSD-style
 +// license that can be found in the LICENSE file.
@@ -340,6 +340,7 @@ index 00000000000000..2ff516a44638ac
 +
 +func NewAESCipher(key []byte) (cipher.Block, error) { return openssl.NewAESCipher(key) }
 +func NewGCMTLS(c cipher.Block) (cipher.AEAD, error) { return openssl.NewGCMTLS(c) }
++func NewGCMTLS13(c cipher.Block) (cipher.AEAD, error) { panic("opensslcrypto: not available") } // https://github.com/microsoft/go/issues/1096
 +
 +type PublicKeyECDSA = openssl.PublicKeyECDSA
 +type PrivateKeyECDSA = openssl.PrivateKeyECDSA
@@ -590,7 +591,7 @@ index 95f4b8e98d2fb0..3bb307e7bddc48 100644
 
  	msg := []byte{0xed, 0x36, 0x90, 0x8d, 0xbe, 0xfc, 0x35, 0x40, 0x70, 0x4f, 0xf5, 0x9d, 0x6e, 0xc2, 0xeb, 0xf5, 0x27, 0xae, 0x65, 0xb0, 0x59, 0x29, 0x45, 0x25, 0x8c, 0xc1, 0x91, 0x22}
 diff --git a/src/crypto/tls/boring.go b/src/crypto/tls/boring.go
-index 1827f764589b58..70baa62d63754a 100644
+index aad96b1c747784..9ee834e5a5952b 100644
 --- a/src/crypto/tls/boring.go
 +++ b/src/crypto/tls/boring.go
 @@ -2,7 +2,7 @@
@@ -603,7 +604,7 @@ index 1827f764589b58..70baa62d63754a 100644
  package tls
 
 diff --git a/src/crypto/tls/boring_test.go b/src/crypto/tls/boring_test.go
-index 085ff5713ec52f..7b7de66cb7e8c4 100644
+index a192a657b4d79c..2b7e197946e4f8 100644
 --- a/src/crypto/tls/boring_test.go
 +++ b/src/crypto/tls/boring_test.go
 @@ -2,7 +2,7 @@
@@ -654,7 +655,7 @@ index 14a85fbf1bd465..5caa181eec51a5 100644
  	"fmt"
  	"hash"
 diff --git a/src/crypto/tls/notboring.go b/src/crypto/tls/notboring.go
-index 7d85b39c59319e..1aaabd5ef486aa 100644
+index edccb44d87a553..cae24d19c9f444 100644
 --- a/src/crypto/tls/notboring.go
 +++ b/src/crypto/tls/notboring.go
 @@ -2,7 +2,7 @@
@@ -667,7 +668,7 @@ index 7d85b39c59319e..1aaabd5ef486aa 100644
  package tls
 
 diff --git a/src/crypto/x509/boring.go b/src/crypto/x509/boring.go
-index 095b58c31590d4..9aec21dbcd3bff 100644
+index e6237e96bb3b17..e4086bd90feb83 100644
 --- a/src/crypto/x509/boring.go
 +++ b/src/crypto/x509/boring.go
 @@ -2,7 +2,7 @@

diff --git a/patches/0005-Add-CNG-crypto-backend.patch b/patches/0005-Add-CNG-crypto-backend.patch
@@ -12,7 +12,7 @@ Subject: [PATCH] Add CNG crypto backend
  src/crypto/internal/backend/backend_test.go   |   4 +-
  src/crypto/internal/backend/bbig/big.go       |   2 +-
  src/crypto/internal/backend/bbig/big_cng.go   |  12 +
- src/crypto/internal/backend/cng_windows.go    | 270 ++++++++++++++++++
+ src/crypto/internal/backend/cng_windows.go    | 274 ++++++++++++++++++
  src/crypto/internal/backend/common.go         |  33 ++-
  src/crypto/internal/boring/fipstls/stub.s     |   2 +-
  src/crypto/internal/boring/fipstls/tls.go     |   2 +-
@@ -47,7 +47,7 @@ Subject: [PATCH] Add CNG crypto backend
  .../goexperiment/exp_cngcrypto_off.go         |   9 +
  src/internal/goexperiment/exp_cngcrypto_on.go |   9 +
  src/internal/goexperiment/flags.go            |   1 +
- 43 files changed, 467 insertions(+), 40 deletions(-)
+ 43 files changed, 471 insertions(+), 40 deletions(-)
  create mode 100644 src/crypto/internal/backend/bbig/big_cng.go
  create mode 100644 src/crypto/internal/backend/cng_windows.go
  create mode 100644 src/internal/goexperiment/exp_cngcrypto_off.go
@@ -166,10 +166,10 @@ index 00000000000000..92623031fd87d0
 +var Dec = bbig.Dec
 diff --git a/src/crypto/internal/backend/cng_windows.go b/src/crypto/internal/backend/cng_windows.go
 new file mode 100644
-index 00000000000000..80ef0a4c9bfa9d
+index 00000000000000..d7849084086c94
 --- /dev/null
 +++ b/src/crypto/internal/backend/cng_windows.go
-@@ -0,0 +1,270 @@
+@@ -0,0 +1,274 @@
 +// Copyright 2017 The Go Authors. All rights reserved.
 +// Use of this source code is governed by a BSD-style
 +// license that can be found in the LICENSE file.
@@ -242,6 +242,10 @@ index 00000000000000..80ef0a4c9bfa9d
 +	return cng.NewGCMTLS(c)
 +}
 +
++func NewGCMTLS13(c cipher.Block) (cipher.AEAD, error) {
++	panic("cngcrypto: not available") // https://github.com/microsoft/go/issues/1096
++}
++
 +type PublicKeyECDSA = cng.PublicKeyECDSA
 +type PrivateKeyECDSA = cng.PrivateKeyECDSA
 +
@@ -955,7 +959,7 @@ index 2fef7ddae07480..979e4c69ab710c 100644
 
  		h := New()
 diff --git a/src/crypto/tls/boring.go b/src/crypto/tls/boring.go
-index 70baa62d63754a..ecd0f5a7b3e9ed 100644
+index 9ee834e5a5952b..5444d9b0fc0942 100644
 --- a/src/crypto/tls/boring.go
 +++ b/src/crypto/tls/boring.go
 @@ -2,7 +2,7 @@
@@ -968,7 +972,7 @@ index 70baa62d63754a..ecd0f5a7b3e9ed 100644
  package tls
 
 diff --git a/src/crypto/tls/boring_test.go b/src/crypto/tls/boring_test.go
-index 7b7de66cb7e8c4..86595e588cf604 100644
+index 2b7e197946e4f8..8d47af76d6e604 100644
 --- a/src/crypto/tls/boring_test.go
 +++ b/src/crypto/tls/boring_test.go
 @@ -2,7 +2,7 @@
@@ -1007,7 +1011,7 @@ index 9c1d3d279c472f..0ca7a863b73690 100644
  package fipsonly
 
 diff --git a/src/crypto/tls/handshake_server_tls13.go b/src/crypto/tls/handshake_server_tls13.go
-index 21d798de37db0a..6c65da0ab04f9f 100644
+index b68ff9db4c6d4a..8234985d1f627a 100644
 --- a/src/crypto/tls/handshake_server_tls13.go
 +++ b/src/crypto/tls/handshake_server_tls13.go
 @@ -13,6 +13,7 @@ import (
@@ -1018,7 +1022,7 @@ index 21d798de37db0a..6c65da0ab04f9f 100644
  	"io"
  	"time"
  )
-@@ -409,6 +410,15 @@ func cloneHash(in hash.Hash, h crypto.Hash) hash.Hash {
+@@ -408,6 +409,15 @@ func cloneHash(in hash.Hash, h crypto.Hash) hash.Hash {
  	}
  	marshaler, ok := in.(binaryMarshaler)
  	if !ok {
@@ -1035,7 +1039,7 @@ index 21d798de37db0a..6c65da0ab04f9f 100644
  	}
  	state, err := marshaler.MarshalBinary()
 diff --git a/src/crypto/tls/notboring.go b/src/crypto/tls/notboring.go
-index 1aaabd5ef486aa..5a133c9b2f94c7 100644
+index cae24d19c9f444..7625ccb867dd92 100644
 --- a/src/crypto/tls/notboring.go
 +++ b/src/crypto/tls/notboring.go
 @@ -2,7 +2,7 @@
@@ -1048,7 +1052,7 @@ index 1aaabd5ef486aa..5a133c9b2f94c7 100644
  package tls
 
 diff --git a/src/crypto/x509/boring.go b/src/crypto/x509/boring.go
-index 9aec21dbcd3bff..05324f731bedc4 100644
+index e4086bd90feb83..674990c63c0539 100644
 --- a/src/crypto/x509/boring.go
 +++ b/src/crypto/x509/boring.go
 @@ -2,7 +2,7 @@