Skip to content

Commit

Permalink
Merge pull request #1455 from microsoft/hdkf-update
Browse files Browse the repository at this point in the history
Use cryto/hkdf instead of crypto/internal/fips140/hkdf
  • Loading branch information
mertakman authored Dec 20, 2024
2 parents 6460860 + c9ef9a9 commit 760f97d
Showing 1 changed file with 80 additions and 5 deletions.
85 changes: 80 additions & 5 deletions patches/0002-Add-crypto-backend-foundation.patch
Original file line number Diff line number Diff line change
Expand Up @@ -64,8 +64,9 @@ Subject: [PATCH] Add crypto backend foundation
src/crypto/tls/fipsonly/fipsonly.go | 2 +-
src/crypto/tls/fipsonly/fipsonly_test.go | 2 +-
src/crypto/tls/handshake_client.go | 10 +-
src/crypto/tls/handshake_client_tls13.go | 14 +-
src/crypto/tls/handshake_server.go | 10 +-
src/crypto/tls/handshake_server_tls13.go | 10 +
src/crypto/tls/handshake_server_tls13.go | 24 +-
src/crypto/tls/internal/fips140tls/fipstls.go | 3 +-
src/crypto/tls/prf.go | 41 ++++
src/go/build/deps_test.go | 8 +-
Expand All @@ -75,7 +76,7 @@ Subject: [PATCH] Add crypto backend foundation
src/hash/notboring_test.go | 9 +
src/net/smtp/smtp_test.go | 72 ++++--
src/runtime/runtime_boring.go | 5 +
71 files changed, 1159 insertions(+), 80 deletions(-)
72 files changed, 1181 insertions(+), 86 deletions(-)
create mode 100644 src/crypto/dsa/boring.go
create mode 100644 src/crypto/dsa/notboring.go
create mode 100644 src/crypto/ed25519/boring.go
Expand Down Expand Up @@ -2103,6 +2104,48 @@ index ecc62ff2edefc0..776fec96f0f349 100644
c := hs.c

isResume, err := hs.processServerHello()
diff --git a/src/crypto/tls/handshake_client_tls13.go b/src/crypto/tls/handshake_client_tls13.go
index 38c6025db74ee8..356036321d6283 100644
--- a/src/crypto/tls/handshake_client_tls13.go
+++ b/src/crypto/tls/handshake_client_tls13.go
@@ -8,8 +8,8 @@ import (
"bytes"
"context"
"crypto"
+ "crypto/hkdf"
"crypto/hmac"
- "crypto/internal/fips140/hkdf"
"crypto/internal/fips140/mlkem"
"crypto/internal/fips140/tls13"
"crypto/rsa"
@@ -91,8 +91,12 @@ func (hs *clientHandshakeStateTLS13) handshake() error {
confTranscript.Write(hs.serverHello.original[:30])
confTranscript.Write(make([]byte, 8))
confTranscript.Write(hs.serverHello.original[38:])
+ secret, err := hkdf.Extract(hs.suite.hash.New, hs.echContext.innerHello.random, nil)
+ if err != nil {
+ return err
+ }
acceptConfirmation := tls13.ExpandLabel(hs.suite.hash.New,
- hkdf.Extract(hs.suite.hash.New, hs.echContext.innerHello.random, nil),
+ secret,
"ech accept confirmation",
confTranscript.Sum(nil),
8,
@@ -268,8 +272,12 @@ func (hs *clientHandshakeStateTLS13) processHelloRetryRequest() error {
copy(hrrHello, hs.serverHello.original)
hrrHello = bytes.Replace(hrrHello, hs.serverHello.encryptedClientHello, make([]byte, 8), 1)
confTranscript.Write(hrrHello)
+ secret, err := hkdf.Extract(hs.suite.hash.New, hs.echContext.innerHello.random, nil)
+ if err != nil {
+ return err
+ }
acceptConfirmation := tls13.ExpandLabel(hs.suite.hash.New,
- hkdf.Extract(hs.suite.hash.New, hs.echContext.innerHello.random, nil),
+ secret,
"hrr ech accept confirmation",
confTranscript.Sum(nil),
8,
diff --git a/src/crypto/tls/handshake_server.go b/src/crypto/tls/handshake_server.go
index 7c75977ad3ffb2..b9db95ca7b9d5a 100644
--- a/src/crypto/tls/handshake_server.go
Expand All @@ -2125,17 +2168,20 @@ index 7c75977ad3ffb2..b9db95ca7b9d5a 100644

if err := hs.processClientHello(); err != nil {
diff --git a/src/crypto/tls/handshake_server_tls13.go b/src/crypto/tls/handshake_server_tls13.go
index 3552d89ba3bc6f..958ec81dc64966 100644
index 3552d89ba3bc6f..b3c4c8261887d0 100644
--- a/src/crypto/tls/handshake_server_tls13.go
+++ b/src/crypto/tls/handshake_server_tls13.go
@@ -9,6 +9,7 @@ import (
@@ -8,8 +8,9 @@ import (
"bytes"
"context"
"crypto"
+ "crypto/hkdf"
"crypto/hmac"
- "crypto/internal/fips140/hkdf"
+ boring "crypto/internal/backend"
"crypto/internal/fips140/hkdf"
"crypto/internal/fips140/mlkem"
"crypto/internal/fips140/tls13"
"crypto/internal/hpke"
@@ -477,6 +478,15 @@ func cloneHash(in hash.Hash, h crypto.Hash) hash.Hash {
}
marshaler, ok := in.(binaryMarshaler)
Expand All @@ -2152,6 +2198,35 @@ index 3552d89ba3bc6f..958ec81dc64966 100644
return nil
}
state, err := marshaler.MarshalBinary()
@@ -572,8 +582,12 @@ func (hs *serverHandshakeStateTLS13) doHelloRetryRequest(selectedGroup CurveID)
if err := transcriptMsg(helloRetryRequest, confTranscript); err != nil {
return nil, err
}
+ secret, err := hkdf.Extract(hs.suite.hash.New, hs.clientHello.random, nil)
+ if err != nil {
+ return nil, err
+ }
acceptConfirmation := tls13.ExpandLabel(hs.suite.hash.New,
- hkdf.Extract(hs.suite.hash.New, hs.clientHello.random, nil),
+ secret,
"hrr ech accept confirmation",
confTranscript.Sum(nil),
8,
@@ -734,9 +748,13 @@ func (hs *serverHandshakeStateTLS13) sendServerParameters() error {
if err := transcriptMsg(hs.hello, echTranscript); err != nil {
return err
}
+ secret, err := hkdf.Extract(hs.suite.hash.New, hs.clientHello.random, nil)
+ if err != nil {
+ return err
+ }
// compute the acceptance message
acceptConfirmation := tls13.ExpandLabel(hs.suite.hash.New,
- hkdf.Extract(hs.suite.hash.New, hs.clientHello.random, nil),
+ secret,
"ech accept confirmation",
echTranscript.Sum(nil),
8,
diff --git a/src/crypto/tls/internal/fips140tls/fipstls.go b/src/crypto/tls/internal/fips140tls/fipstls.go
index 24d78d60cf5b64..a6bfd3f17c1911 100644
--- a/src/crypto/tls/internal/fips140tls/fipstls.go
Expand Down

0 comments on commit 760f97d

Please sign in to comment.