Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Go 1.22.0 #160

Merged
merged 9 commits into from
Mar 11, 2024
Merged

Go 1.22.0 #160

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
d447093
Go 1.22rc1
derekparker Jan 10, 2024
1f22b56
fix formatting on patch
derekparker Jan 10, 2024
8de3eca
fix build
derekparker Jan 10, 2024
808d216
remove uneccesary patch in 000 initial patch
derekparker Jan 15, 2024
e868631
Support 1.22.0
derekparker Feb 16, 2024
851f452
Update openssl backend
derekparker Feb 21, 2024
76346b6
skip test due to change in openssl
derekparker Feb 22, 2024
903f903
review feedback
derekparker Mar 8, 2024
95bca1a
fix test run in ./all.bash
derekparker Mar 11, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions config/versions.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{
"github.com/golang-fips/go": "main",
"github.com/golang-fips/openssl": "41b6eb24da2819f9ebf7818b82a0da94dc3ae309",
"github.com/golang/go": "go1.21.4"
}
"github.com/golang-fips/openssl": "576fe0d377882f8d0fd6537762ef2ff7918facc8",
"github.com/golang/go": "go1.22.0"
}
88 changes: 18 additions & 70 deletions patches/000-initial-setup.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -880,25 +880,29 @@ index 3278a7ff30..b994daec19 100644
priv := new(PrivateKey)
priv.PublicKey = PublicKey{N: n, E: test.e}
diff --git a/src/crypto/tls/boring.go b/src/crypto/tls/boring.go
index 1827f76458..140b1a3dd8 100644
index aad96b1c74..bbf3d38339 100644
--- a/src/crypto/tls/boring.go
+++ b/src/crypto/tls/boring.go
@@ -8,8 +8,15 @@ package tls

import (
"crypto/internal/boring/fipstls"
@@ -6,9 +6,16 @@

package tls

-import (
- "crypto/internal/boring/fipstls"
-)
+import (
+ boring "crypto/internal/backend"
)

+ "crypto/internal/boring/fipstls"
+)
+
+func init() {
+ if boring.Enabled && !boring.ExecutingTest() {
+ fipstls.Force()
+ }
+ if boring.Enabled && !boring.ExecutingTest() {
+ fipstls.Force()
+ }
+}
+
// needFIPS returns fipstls.Required(); it avoids a new import in common.go.
func needFIPS() bool {
return fipstls.Required()
@@ -17,14 +24,18 @@ func needFIPS() bool {

// fipsMinVersion replaces c.minVersion in FIPS-only mode.
Expand Down Expand Up @@ -953,7 +957,7 @@ index ba68f355eb..7bfe3f9417 100644
test("VersionTLS12", VersionTLS12, "")
- test("VersionTLS13", VersionTLS13, "client offered only unsupported versions")
+ if boring.SupportsHKDF() {
+ test("VersionTLS13", VersionTLS13, "")
+ test("VersionTLS13/fipstls", VersionTLS13, "")
+ }
}

Expand All @@ -963,17 +967,6 @@ index ba68f355eb..7bfe3f9417 100644
}

func isBoringCipherSuite(id uint16) bool {
@@ -66,7 +74,9 @@ func isBoringCipherSuite(id uint16) bool {
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
TLS_RSA_WITH_AES_128_GCM_SHA256,
- TLS_RSA_WITH_AES_256_GCM_SHA384:
+ TLS_RSA_WITH_AES_256_GCM_SHA384,
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

From the guidelines https://www.gsa.gov/system/files?file=SSL-TLS-Implementation-%5BCIO-IT-Security-14-69-Rev-7%5D-06-12-2023.pdf and Boring implementation
For TLS 1.3 implementations, NIST SP 800-52 and SSL Labs jointly recommend the use of the
following FIPS-approved ciphers in this order of preference (from highest to lowest):

  1. TLS_AES_256_GCM_SHA384
  2. TLS_AES_128_GCM_SHA256
  3. TLS_AES_128_CCM_SHA256
  4. TLS_AES_128_CCM_8_SHA256

+ TLS_AES_128_GCM_SHA256,
+ TLS_AES_256_GCM_SHA384:
return true
}
return false
@@ -226,7 +236,14 @@ func TestBoringServerSignatureAndHash(t *testing.T) {
// 1.3, and the ECDSA ones bind to the curve used.
serverConfig.MaxVersion = VersionTLS12
Expand Down Expand Up @@ -1165,21 +1158,6 @@ index 5394d64ac6..db4e2dbf60 100644
if needFIPS() && (v < fipsMinVersion(c) || v > fipsMaxVersion(c)) {
continue
}
diff --git a/src/crypto/tls/handshake_client.go b/src/crypto/tls/handshake_client.go
index 63d86b9f3a..a8ee915041 100644
--- a/src/crypto/tls/handshake_client.go
+++ b/src/crypto/tls/handshake_client.go
@@ -127,7 +127,9 @@ func (c *Conn) makeClientHello() (*clientHelloMsg, *ecdh.PrivateKey, error) {
if len(hello.supportedVersions) == 1 {
hello.cipherSuites = nil
}
- if hasAESGCMHardwareSupport {
+ if needFIPS() {
+ hello.cipherSuites = append(hello.cipherSuites, defaultFIPSCipherSuitesTLS13...)
+ } else if hasAESGCMHardwareSupport {
hello.cipherSuites = append(hello.cipherSuites, defaultCipherSuitesTLS13...)
} else {
hello.cipherSuites = append(hello.cipherSuites, defaultCipherSuitesTLS13NoAES...)
diff --git a/src/crypto/tls/handshake_client_test.go b/src/crypto/tls/handshake_client_test.go
index 22be38faff..d460eeb880 100644
--- a/src/crypto/tls/handshake_client_test.go
Expand All @@ -1192,36 +1170,6 @@ index 22be38faff..d460eeb880 100644
c, s := localPipe(t)
done := make(chan bool)

diff --git a/src/crypto/tls/handshake_client_tls13.go b/src/crypto/tls/handshake_client_tls13.go
index 4a8661085e..87fe11de5c 100644
--- a/src/crypto/tls/handshake_client_tls13.go
+++ b/src/crypto/tls/handshake_client_tls13.go
@@ -41,10 +41,6 @@ type clientHandshakeStateTLS13 struct {
func (hs *clientHandshakeStateTLS13) handshake() error {
c := hs.c

- if needFIPS() {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ueno wanted to call your attention to this change and the one below, and ensure it makes sense for supporting TLS 1.3 or do we need to check for HKDF support as well?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's a good point; if HKDF from a FIPS certified module cannot be used, we probably shouldn't enable TLS 1.3 in FIPS mode, though this could probably be checked elsewhere at the library initialization, not at every handshake attempt.

- return errors.New("tls: internal error: TLS 1.3 reached in FIPS mode")
- }
-
// The server must not select TLS 1.3 in a renegotiation. See RFC 8446,
// sections 4.1.2 and 4.1.3.
if c.handshakes > 0 {
diff --git a/src/crypto/tls/handshake_server_tls13.go b/src/crypto/tls/handshake_server_tls13.go
index b7b568cd84..af75e7dbe0 100644
--- a/src/crypto/tls/handshake_server_tls13.go
+++ b/src/crypto/tls/handshake_server_tls13.go
@@ -44,10 +44,6 @@ type serverHandshakeStateTLS13 struct {
func (hs *serverHandshakeStateTLS13) handshake() error {
c := hs.c

- if needFIPS() {
- return errors.New("tls: internal error: TLS 1.3 reached in FIPS mode")
- }
-
// For an overview of the TLS 1.3 handshake, see RFC 8446, Section 2.
if err := hs.processClientHello(); err != nil {
return err
diff --git a/src/crypto/tls/key_schedule.go b/src/crypto/tls/key_schedule.go
index ae8f80a7cf..30a8450f40 100644
--- a/src/crypto/tls/key_schedule.go
Expand Down Expand Up @@ -1532,7 +1480,7 @@ index 780b481de8..63db9e9ed7 100644
+ map2.Offset = (addr2 - map2.Start) + map2.Offset
+ map2.Start = addr2
map2.BuildID, _ = elfBuildID(map2.File)
case "windows":
case "windows", "darwin", "ios":
addr1 = uint64(abi.FuncPCABIInternal(f1))
@@ -145,6 +150,29 @@ func testPCs(t *testing.T) (addr1, addr2 uint64, map1, map2 *profile.Mapping) {
return
Expand Down
Loading
Loading