Merge ~xnox/go-snap:go1.18-fips into go-snap:go1.18-fips
- Git
- lp:~xnox/go-snap
- go1.18-fips
- Merge into go1.18-fips
Status: | Needs review |
---|---|
Proposed branch: | ~xnox/go-snap:go1.18-fips |
Merge into: | go-snap:go1.18-fips |
Diff against target: |
2657 lines (+2352/-287) 3 files modified
dev/null (+0/-287) patches/0202-Upgrade-go-crypto-openssl-to-sha3-capable.patch (+2211/-0) patches/0203-Add-crypto-sha3-package.patch (+141/-0) |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Maintainers of the Go Snap | Pending | ||
Review via email: mp+445900@code.launchpad.net |
Commit message
This upgrade go-crypto-openssl to latest upstream + my patches that add sha3
the patches that add sha3 will not be merged to go-crypto-openssl or microsoft/go as the target branches are closed for development.
my sha3 feature has been merged into golang-fips/openssl however, thus will appear in microsoft/go in the future.
If you merge this, please do a snap build with the following changes:
1) on https:/
2) on https:/
I have a matching change to snapd to support this.
Description of the change
Dimitri John Ledkov (xnox) wrote : | # |
> Hi, the code looks good.
>
> But I don't understand the intention. There's no crypto/sha3 package in
> standard library in non-fips Go. It seems users need to import
> golang.
> path with github.
> standard library in fips Go.
However it does! it is the same problem as `crypto/
See working example on how to use it at https:/
I will separately, file merge request to purge golang-
Dimitri John Ledkov (xnox) wrote : | # |
Request to drop xcrypto/sha3 at https:/
Dimitri John Ledkov (xnox) wrote : | # |
Ping, any update on this?
because snapd builds are blocked on this now, and we have everything else in place.
Shengjing Zhu (zhsj) wrote : | # |
Hi, sorry for delay. Busy with the Go1.21 transition before feature freeze. I'll test this week and get it merged.
Besides, if I merge this on 1.18 branch, I think I need further work to port it to 1.19+. As from the toolchain pov, it doesn't make sense to only land new feature in old versions. But this could do in future.
Shengjing Zhu (zhsj) wrote : | # |
So for now, I pushed the changes to https:/
Unmerged commits
- a4ed6a8... by Dimitri John Ledkov
-
Upgrade to sha3
Signed-off-by: Dimitri John Ledkov <email address hidden>
Preview Diff
1 | diff --git a/patches/0001-HMAC-using-EVP_MAC_CTX.patch b/patches/0001-HMAC-using-EVP_MAC_CTX.patch |
2 | deleted file mode 100644 |
3 | index 501e7a0..0000000 |
4 | --- a/patches/0001-HMAC-using-EVP_MAC_CTX.patch |
5 | +++ /dev/null |
6 | @@ -1,287 +0,0 @@ |
7 | -From 3c1ad961284bce01962a50ce496ec4233d2ff1ec Mon Sep 17 00:00:00 2001 |
8 | -From: Quim Muntal <qmuntaldiaz@microsoft.com> |
9 | -Date: Mon, 3 Oct 2022 10:07:36 +0000 |
10 | -Subject: [PATCH 1/4] implement HMAC using EVP_MAC_CTX on OpenSSL 3 |
11 | - |
12 | ---- |
13 | - openssl/hmac.go | 143 +++++++++++++++++++++++++++++++++------- |
14 | - openssl/openssl_funcs.h | 25 ++++++- |
15 | - 2 files changed, 144 insertions(+), 24 deletions(-) |
16 | - |
17 | ---- a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hmac.go |
18 | -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hmac.go |
19 | -@@ -14,6 +14,11 @@ |
20 | - "unsafe" |
21 | - ) |
22 | - |
23 | -+var ( |
24 | -+ paramAlgHMAC = C.CString("HMAC") |
25 | -+ paramDigest = C.CString("digest") |
26 | -+) |
27 | -+ |
28 | - // NewHMAC returns a new HMAC using OpenSSL. |
29 | - // The function h must return a hash implemented by |
30 | - // OpenSSL (for example, h could be openssl.NewSHA256). |
31 | -@@ -38,19 +43,19 @@ |
32 | - // we pass an "empty" key. |
33 | - hkey = make([]byte, C.GO_EVP_MAX_MD_SIZE) |
34 | - } |
35 | -- hmac := &opensslHMAC{ |
36 | -- md: md, |
37 | -- size: ch.Size(), |
38 | -- blockSize: ch.BlockSize(), |
39 | -- key: hkey, |
40 | -- ctx: hmacCtxNew(), |
41 | -+ switch vMajor { |
42 | -+ case 1: |
43 | -+ return newHMAC1(hkey, ch, md) |
44 | -+ case 3: |
45 | -+ return newHMAC3(hkey, ch, md) |
46 | -+ default: |
47 | -+ panic(errUnsuportedVersion()) |
48 | - } |
49 | -- runtime.SetFinalizer(hmac, (*opensslHMAC).finalize) |
50 | -- hmac.Reset() |
51 | -- return hmac |
52 | - } |
53 | - |
54 | --type opensslHMAC struct { |
55 | -+// hmac1 implements hash.Hash |
56 | -+// using functions available in OpenSSL 1. |
57 | -+type hmac1 struct { |
58 | - md C.GO_EVP_MD_PTR |
59 | - ctx C.GO_HMAC_CTX_PTR |
60 | - size int |
61 | -@@ -59,8 +64,21 @@ |
62 | - sum []byte |
63 | - } |
64 | - |
65 | --func (h *opensslHMAC) Reset() { |
66 | -- hmacCtxReset(h.ctx) |
67 | -+func newHMAC1(key []byte, h hash.Hash, md C.GO_EVP_MD_PTR) *hmac1 { |
68 | -+ hmac := &hmac1{ |
69 | -+ md: md, |
70 | -+ size: h.Size(), |
71 | -+ blockSize: h.BlockSize(), |
72 | -+ key: key, |
73 | -+ ctx: hmac1CtxNew(), |
74 | -+ } |
75 | -+ runtime.SetFinalizer(hmac, (*hmac1).finalize) |
76 | -+ hmac.Reset() |
77 | -+ return hmac |
78 | -+} |
79 | -+ |
80 | -+func (h *hmac1) Reset() { |
81 | -+ hmac1CtxReset(h.ctx) |
82 | - |
83 | - if C.go_openssl_HMAC_Init_ex(h.ctx, unsafe.Pointer(&h.key[0]), C.int(len(h.key)), h.md, nil) == 0 { |
84 | - panic("openssl: HMAC_Init failed") |
85 | -@@ -73,11 +91,11 @@ |
86 | - h.sum = nil |
87 | - } |
88 | - |
89 | --func (h *opensslHMAC) finalize() { |
90 | -- hmacCtxFree(h.ctx) |
91 | -+func (h *hmac1) finalize() { |
92 | -+ hmac1CtxFree(h.ctx) |
93 | - } |
94 | - |
95 | --func (h *opensslHMAC) Write(p []byte) (int, error) { |
96 | -+func (h *hmac1) Write(p []byte) (int, error) { |
97 | - if len(p) > 0 { |
98 | - C.go_openssl_HMAC_Update(h.ctx, base(p), C.size_t(len(p))) |
99 | - } |
100 | -@@ -85,15 +103,15 @@ |
101 | - return len(p), nil |
102 | - } |
103 | - |
104 | --func (h *opensslHMAC) Size() int { |
105 | -+func (h *hmac1) Size() int { |
106 | - return h.size |
107 | - } |
108 | - |
109 | --func (h *opensslHMAC) BlockSize() int { |
110 | -+func (h *hmac1) BlockSize() int { |
111 | - return h.blockSize |
112 | - } |
113 | - |
114 | --func (h *opensslHMAC) Sum(in []byte) []byte { |
115 | -+func (h *hmac1) Sum(in []byte) []byte { |
116 | - if h.sum == nil { |
117 | - size := h.Size() |
118 | - h.sum = make([]byte, size) |
119 | -@@ -102,8 +120,8 @@ |
120 | - // that Sum has no effect on the underlying stream. |
121 | - // In particular it is OK to Sum, then Write more, then Sum again, |
122 | - // and the second Sum acts as if the first didn't happen. |
123 | -- ctx2 := hmacCtxNew() |
124 | -- defer hmacCtxFree(ctx2) |
125 | -+ ctx2 := hmac1CtxNew() |
126 | -+ defer hmac1CtxFree(ctx2) |
127 | - if C.go_openssl_HMAC_CTX_copy(ctx2, h.ctx) == 0 { |
128 | - panic("openssl: HMAC_CTX_copy failed") |
129 | - } |
130 | -@@ -111,7 +129,7 @@ |
131 | - return append(in, h.sum...) |
132 | - } |
133 | - |
134 | --func hmacCtxNew() C.GO_HMAC_CTX_PTR { |
135 | -+func hmac1CtxNew() C.GO_HMAC_CTX_PTR { |
136 | - if vMajor == 1 && vMinor == 0 { |
137 | - // 0x120 is the sizeof value when building against OpenSSL 1.0.2 on Ubuntu 16.04. |
138 | - ctx := (C.GO_HMAC_CTX_PTR)(C.malloc(0x120)) |
139 | -@@ -123,7 +141,7 @@ |
140 | - return C.go_openssl_HMAC_CTX_new() |
141 | - } |
142 | - |
143 | --func hmacCtxReset(ctx C.GO_HMAC_CTX_PTR) { |
144 | -+func hmac1CtxReset(ctx C.GO_HMAC_CTX_PTR) { |
145 | - if ctx == nil { |
146 | - return |
147 | - } |
148 | -@@ -135,7 +153,7 @@ |
149 | - C.go_openssl_HMAC_CTX_reset(ctx) |
150 | - } |
151 | - |
152 | --func hmacCtxFree(ctx C.GO_HMAC_CTX_PTR) { |
153 | -+func hmac1CtxFree(ctx C.GO_HMAC_CTX_PTR) { |
154 | - if ctx == nil { |
155 | - return |
156 | - } |
157 | -@@ -146,3 +164,88 @@ |
158 | - } |
159 | - C.go_openssl_HMAC_CTX_free(ctx) |
160 | - } |
161 | -+ |
162 | -+// hmac3 implements hash.Hash |
163 | -+// using functions available in OpenSSL 3. |
164 | -+type hmac3 struct { |
165 | -+ md C.GO_EVP_MAC_PTR |
166 | -+ ctx C.GO_EVP_MAC_CTX_PTR |
167 | -+ params [2]C.OSSL_PARAM |
168 | -+ size int |
169 | -+ blockSize int |
170 | -+ key []byte |
171 | -+ sum []byte |
172 | -+} |
173 | -+ |
174 | -+func newHMAC3(key []byte, h hash.Hash, md C.GO_EVP_MD_PTR) *hmac3 { |
175 | -+ mac := C.go_openssl_EVP_MAC_fetch(nil, paramAlgHMAC, nil) |
176 | -+ ctx := C.go_openssl_EVP_MAC_CTX_new(mac) |
177 | -+ if ctx == nil { |
178 | -+ panic("openssl: EVP_MAC_CTX_new failed") |
179 | -+ } |
180 | -+ digest := C.go_openssl_EVP_MD_get0_name(md) |
181 | -+ params := [2]C.OSSL_PARAM{ |
182 | -+ C.go_openssl_OSSL_PARAM_construct_utf8_string(paramDigest, digest, 0), |
183 | -+ C.go_openssl_OSSL_PARAM_construct_end(), |
184 | -+ } |
185 | -+ hmac := &hmac3{ |
186 | -+ md: mac, |
187 | -+ ctx: ctx, |
188 | -+ params: params, |
189 | -+ size: h.Size(), |
190 | -+ blockSize: h.BlockSize(), |
191 | -+ key: key, |
192 | -+ } |
193 | -+ runtime.SetFinalizer(hmac, (*hmac3).finalize) |
194 | -+ hmac.Reset() |
195 | -+ return hmac |
196 | -+} |
197 | -+ |
198 | -+func (h *hmac3) Reset() { |
199 | -+ if C.go_openssl_EVP_MAC_init(h.ctx, base(h.key), C.size_t(len(h.key)), &h.params[0]) == 0 { |
200 | -+ panic(newOpenSSLError("EVP_MAC_init failed")) |
201 | -+ } |
202 | -+ runtime.KeepAlive(h) // Next line will keep h alive too; just making doubly sure. |
203 | -+ h.sum = nil |
204 | -+} |
205 | -+ |
206 | -+func (h *hmac3) finalize() { |
207 | -+ if h.ctx == nil { |
208 | -+ return |
209 | -+ } |
210 | -+ C.go_openssl_EVP_MAC_CTX_free(h.ctx) |
211 | -+} |
212 | -+ |
213 | -+func (h *hmac3) Write(p []byte) (int, error) { |
214 | -+ if len(p) > 0 { |
215 | -+ C.go_openssl_EVP_MAC_update(h.ctx, base(p), C.size_t(len(p))) |
216 | -+ } |
217 | -+ runtime.KeepAlive(h) |
218 | -+ return len(p), nil |
219 | -+} |
220 | -+ |
221 | -+func (h *hmac3) Size() int { |
222 | -+ return h.size |
223 | -+} |
224 | -+ |
225 | -+func (h *hmac3) BlockSize() int { |
226 | -+ return h.blockSize |
227 | -+} |
228 | -+ |
229 | -+func (h *hmac3) Sum(in []byte) []byte { |
230 | -+ if h.sum == nil { |
231 | -+ size := h.Size() |
232 | -+ h.sum = make([]byte, size) |
233 | -+ } |
234 | -+ // Make copy of context because Go hash.Hash mandates |
235 | -+ // that Sum has no effect on the underlying stream. |
236 | -+ // In particular it is OK to Sum, then Write more, then Sum again, |
237 | -+ // and the second Sum acts as if the first didn't happen. |
238 | -+ ctx2 := C.go_openssl_EVP_MAC_CTX_dup(h.ctx) |
239 | -+ if ctx2 == nil { |
240 | -+ panic("openssl: EVP_MAC_CTX_dup failed") |
241 | -+ } |
242 | -+ defer C.go_openssl_EVP_MAC_CTX_free(ctx2) |
243 | -+ C.go_openssl_EVP_MAC_final(ctx2, base(h.sum), nil, C.size_t(len(h.sum))) |
244 | -+ return append(in, h.sum...) |
245 | -+} |
246 | ---- a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/openssl_funcs.h |
247 | -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/openssl_funcs.h |
248 | -@@ -79,6 +79,21 @@ |
249 | - typedef void* GO_EC_POINT_PTR; |
250 | - typedef void* GO_EC_GROUP_PTR; |
251 | - typedef void* GO_RSA_PTR; |
252 | -+typedef void* GO_EVP_MAC_PTR; |
253 | -+typedef void* GO_EVP_MAC_CTX_PTR; |
254 | -+ |
255 | -+// OSSL_PARAM does not follow the GO_FOO_PTR pattern |
256 | -+// because it is not passed around as a pointer but on the stack. |
257 | -+// We can't abstract it away by using a void*. |
258 | -+// Copied from |
259 | -+// https://github.com/openssl/openssl/blob/fcae2ae4f675def607d338b7945b9af1dd9bb746/include/openssl/core.h#L82-L88. |
260 | -+typedef struct { |
261 | -+ const char *key; |
262 | -+ unsigned int data_type; |
263 | -+ void *data; |
264 | -+ size_t data_size; |
265 | -+ size_t return_size; |
266 | -+} OSSL_PARAM; |
267 | - |
268 | - // List of all functions from the libcrypto that are used in this package. |
269 | - // Forgetting to add a function here results in build failure with message reporting the function |
270 | -@@ -151,6 +166,7 @@ |
271 | - DEFINEFUNC_RENAMED_1_1(void, EVP_MD_CTX_free, EVP_MD_CTX_destroy, (GO_EVP_MD_CTX_PTR ctx), (ctx)) \ |
272 | - DEFINEFUNC(int, EVP_MD_CTX_copy_ex, (GO_EVP_MD_CTX_PTR out, const GO_EVP_MD_CTX_PTR in), (out, in)) \ |
273 | - DEFINEFUNC_RENAMED_1_1(int, EVP_MD_CTX_reset, EVP_MD_CTX_cleanup, (GO_EVP_MD_CTX_PTR ctx), (ctx)) \ |
274 | -+DEFINEFUNC_3_0(const char *, EVP_MD_get0_name, (const GO_EVP_MD_PTR md), (md)) \ |
275 | - DEFINEFUNC(const GO_EVP_MD_PTR, EVP_md5, (void), ()) \ |
276 | - DEFINEFUNC(const GO_EVP_MD_PTR, EVP_sha1, (void), ()) \ |
277 | - DEFINEFUNC(const GO_EVP_MD_PTR, EVP_sha224, (void), ()) \ |
278 | -@@ -239,4 +255,14 @@ |
279 | - DEFINEFUNC(int, EVP_PKEY_encrypt_init, (GO_EVP_PKEY_CTX_PTR arg0), (arg0)) \ |
280 | - DEFINEFUNC(int, EVP_PKEY_sign_init, (GO_EVP_PKEY_CTX_PTR arg0), (arg0)) \ |
281 | - DEFINEFUNC(int, EVP_PKEY_verify_init, (GO_EVP_PKEY_CTX_PTR arg0), (arg0)) \ |
282 | --DEFINEFUNC(int, EVP_PKEY_sign, (GO_EVP_PKEY_CTX_PTR arg0, unsigned char *arg1, size_t *arg2, const unsigned char *arg3, size_t arg4), (arg0, arg1, arg2, arg3, arg4)) |
283 | -+DEFINEFUNC(int, EVP_PKEY_sign, (GO_EVP_PKEY_CTX_PTR arg0, unsigned char *arg1, size_t *arg2, const unsigned char *arg3, size_t arg4), (arg0, arg1, arg2, arg3, arg4)) \ |
284 | -+DEFINEFUNC_3_0(GO_EVP_MAC_PTR, EVP_MAC_fetch, (GO_OSSL_LIB_CTX_PTR ctx, const char *algorithm, const char *properties), (ctx, algorithm, properties)) \ |
285 | -+DEFINEFUNC_3_0(GO_EVP_MAC_CTX_PTR, EVP_MAC_CTX_new, (GO_EVP_MAC_PTR arg0), (arg0)) \ |
286 | -+DEFINEFUNC_3_0(void, EVP_MAC_CTX_free, (GO_EVP_MAC_CTX_PTR arg0), (arg0)) \ |
287 | -+DEFINEFUNC_3_0(GO_EVP_MAC_CTX_PTR, EVP_MAC_CTX_dup, (const GO_EVP_MAC_CTX_PTR arg0), (arg0)) \ |
288 | -+DEFINEFUNC_3_0(int, EVP_MAC_init, (GO_EVP_MAC_CTX_PTR ctx, const unsigned char *key, size_t keylen, const OSSL_PARAM params[]), (ctx, key, keylen, params)) \ |
289 | -+DEFINEFUNC_3_0(int, EVP_MAC_update, (GO_EVP_MAC_CTX_PTR ctx, const unsigned char *data, size_t datalen), (ctx, data, datalen)) \ |
290 | -+DEFINEFUNC_3_0(int, EVP_MAC_final, (GO_EVP_MAC_CTX_PTR ctx, unsigned char *out, size_t *outl, size_t outsize), (ctx, out, outl, outsize)) \ |
291 | -+DEFINEFUNC_3_0(OSSL_PARAM, OSSL_PARAM_construct_utf8_string, (const char *key, char *buf, size_t bsize), (key, buf, bsize)) \ |
292 | -+DEFINEFUNC_3_0(OSSL_PARAM, OSSL_PARAM_construct_end, (void), ()) \ |
293 | -+ |
294 | diff --git a/patches/0202-Upgrade-go-crypto-openssl-to-sha3-capable.patch b/patches/0202-Upgrade-go-crypto-openssl-to-sha3-capable.patch |
295 | new file mode 100644 |
296 | index 0000000..5fb370b |
297 | --- /dev/null |
298 | +++ b/patches/0202-Upgrade-go-crypto-openssl-to-sha3-capable.patch |
299 | @@ -0,0 +1,2211 @@ |
300 | +From 4c50bd765f76109882d8cc42dc2540da1f9e61d9 Mon Sep 17 00:00:00 2001 |
301 | +From: Dimitri John Ledkov <dimitri.ledkov@canonical.com> |
302 | +Date: Sun, 2 Jul 2023 00:44:15 +0100 |
303 | +Subject: [PATCH 202/203] Upgrade go-crypto-openssl to sha3 capable |
304 | + |
305 | +Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com> |
306 | +--- |
307 | + src/crypto/internal/backend/openssl_linux.go | 17 +- |
308 | + src/go.mod | 4 +- |
309 | + src/go.sum | 4 +- |
310 | + .../go-crypto-openssl/openssl/aes.go | 12 +- |
311 | + .../go-crypto-openssl/openssl/bbig/big.go | 38 +++ |
312 | + .../openssl/bbig/bridge/bridge.go | 83 +++++++ |
313 | + .../go-crypto-openssl/openssl/big.go | 13 + |
314 | + .../go-crypto-openssl/openssl/ecdh.go | 223 ++++++++++++++++++ |
315 | + .../go-crypto-openssl/openssl/ecdsa.go | 92 ++------ |
316 | + .../go-crypto-openssl/openssl/evpkey.go | 157 ++++++++---- |
317 | + .../go-crypto-openssl/openssl/goopenssl.c | 53 ++++- |
318 | + .../go-crypto-openssl/openssl/goopenssl.h | 23 +- |
319 | + .../go-crypto-openssl/openssl/hmac.go | 150 ++++++++++-- |
320 | + .../go-crypto-openssl/openssl/openssl.go | 149 ++++++++---- |
321 | + .../go-crypto-openssl/openssl/openssl_funcs.h | 70 +++++- |
322 | + .../go-crypto-openssl/openssl/rsa.go | 82 +++++-- |
323 | + .../go-crypto-openssl/openssl/sha.go | 191 ++++++++++++++- |
324 | + src/vendor/modules.txt | 6 +- |
325 | + 18 files changed, 1125 insertions(+), 242 deletions(-) |
326 | + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/bbig/big.go |
327 | + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/bbig/bridge/bridge.go |
328 | + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/big.go |
329 | + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ecdh.go |
330 | + |
331 | +diff --git a/src/crypto/internal/backend/openssl_linux.go b/src/crypto/internal/backend/openssl_linux.go |
332 | +index 659104006e..6678020bf1 100644 |
333 | +--- a/src/crypto/internal/backend/openssl_linux.go |
334 | ++++ b/src/crypto/internal/backend/openssl_linux.go |
335 | +@@ -15,6 +15,7 @@ import ( |
336 | + "syscall" |
337 | + |
338 | + "github.com/microsoft/go-crypto-openssl/openssl" |
339 | ++ "github.com/microsoft/go-crypto-openssl/openssl/bbig/bridge" |
340 | + ) |
341 | + |
342 | + // Enabled controls whether FIPS crypto is enabled. |
343 | +@@ -116,12 +117,12 @@ var NewAESCipher = openssl.NewAESCipher |
344 | + type PublicKeyECDSA = openssl.PublicKeyECDSA |
345 | + type PrivateKeyECDSA = openssl.PrivateKeyECDSA |
346 | + |
347 | +-var GenerateKeyECDSA = openssl.GenerateKeyECDSA |
348 | +-var NewPrivateKeyECDSA = openssl.NewPrivateKeyECDSA |
349 | +-var NewPublicKeyECDSA = openssl.NewPublicKeyECDSA |
350 | +-var SignECDSA = openssl.SignECDSA |
351 | ++var GenerateKeyECDSA = bridge.GenerateKeyECDSA |
352 | ++var NewPrivateKeyECDSA = bridge.NewPrivateKeyECDSA |
353 | ++var NewPublicKeyECDSA = bridge.NewPublicKeyECDSA |
354 | ++var SignECDSA = bridge.SignECDSA |
355 | + var SignMarshalECDSA = openssl.SignMarshalECDSA |
356 | +-var VerifyECDSA = openssl.VerifyECDSA |
357 | ++var VerifyECDSA = bridge.VerifyECDSA |
358 | + |
359 | + type PublicKeyRSA = openssl.PublicKeyRSA |
360 | + type PrivateKeyRSA = openssl.PrivateKeyRSA |
361 | +@@ -132,9 +133,9 @@ var DecryptRSANoPadding = openssl.DecryptRSANoPadding |
362 | + var EncryptRSAOAEP = openssl.EncryptRSAOAEP |
363 | + var EncryptRSAPKCS1 = openssl.EncryptRSAPKCS1 |
364 | + var EncryptRSANoPadding = openssl.EncryptRSANoPadding |
365 | +-var GenerateKeyRSA = openssl.GenerateKeyRSA |
366 | +-var NewPrivateKeyRSA = openssl.NewPrivateKeyRSA |
367 | +-var NewPublicKeyRSA = openssl.NewPublicKeyRSA |
368 | ++var GenerateKeyRSA = bridge.GenerateKeyRSA |
369 | ++var NewPrivateKeyRSA = bridge.NewPrivateKeyRSA |
370 | ++var NewPublicKeyRSA = bridge.NewPublicKeyRSA |
371 | + var SignRSAPKCS1v15 = openssl.SignRSAPKCS1v15 |
372 | + var SignRSAPSS = openssl.SignRSAPSS |
373 | + var VerifyRSAPKCS1v15 = openssl.VerifyRSAPKCS1v15 |
374 | +diff --git a/src/go.mod b/src/go.mod |
375 | +index 5a46c4c944..1d46c8fa5d 100644 |
376 | +--- a/src/go.mod |
377 | ++++ b/src/go.mod |
378 | +@@ -3,7 +3,7 @@ module std |
379 | + go 1.18 |
380 | + |
381 | + require ( |
382 | +- github.com/microsoft/go-crypto-openssl v0.1.2 |
383 | ++ github.com/microsoft/go-crypto-openssl v0.2.8 |
384 | + golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3 |
385 | + golang.org/x/net v0.0.0-20221214163811-6143a133e5c9 |
386 | + ) |
387 | +@@ -12,3 +12,5 @@ require ( |
388 | + golang.org/x/sys v0.0.0-20220310020820-b874c991c1a5 // indirect |
389 | + golang.org/x/text v0.3.8-0.20211105212822-18b340fc7af2 // indirect |
390 | + ) |
391 | ++ |
392 | ++replace github.com/microsoft/go-crypto-openssl v0.2.8 => github.com/xnox/go-crypto-openssl v0.2.9-0.20230701230530-84b71a4b45db |
393 | +diff --git a/src/go.sum b/src/go.sum |
394 | +index 46ee4c4442..1ebb25d4ef 100644 |
395 | +--- a/src/go.sum |
396 | ++++ b/src/go.sum |
397 | +@@ -1,5 +1,5 @@ |
398 | +-github.com/microsoft/go-crypto-openssl v0.1.2 h1:1JO/O62aLFCGpKWKrxdxzIITNJJ00hkBL0v/LLpEZUM= |
399 | +-github.com/microsoft/go-crypto-openssl v0.1.2/go.mod h1:rC+rtBU3m60UCQifBmpWII0VETfu78w6YGZQvVc0rd4= |
400 | ++github.com/xnox/go-crypto-openssl v0.2.9-0.20230701230530-84b71a4b45db h1:wDf6GGeSKkHOjTTNV5jky1+zXm9U4qoDW7kGtKk726A= |
401 | ++github.com/xnox/go-crypto-openssl v0.2.9-0.20230701230530-84b71a4b45db/go.mod h1:xOSmQnWz4xvNB2+KQN2g2UUwMG9vqDHBk9nk/NdmyRw= |
402 | + golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3 h1:0es+/5331RGQPcXlMfP+WrnIIS6dNnNRe0WB02W0F4M= |
403 | + golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= |
404 | + golang.org/x/net v0.0.0-20221214163811-6143a133e5c9 h1:gcbGP3ZkgsHGpX/48qvg7Q/YmTtzZRWc/zpvN8XGSBg= |
405 | +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/aes.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/aes.go |
406 | +index 3177c0d37c..46d70bf264 100644 |
407 | +--- a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/aes.go |
408 | ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/aes.go |
409 | +@@ -116,8 +116,12 @@ func (c *aesCipher) Decrypt(dst, src []byte) { |
410 | + if err != nil { |
411 | + panic(err) |
412 | + } |
413 | ++ // Disable standard block padding detection, |
414 | ++ // src is always multiple of the block size. |
415 | ++ if C.go_openssl_EVP_CIPHER_CTX_set_padding(c.dec_ctx, 0) != 1 { |
416 | ++ panic("crypto/cipher: unable to set padding") |
417 | ++ } |
418 | + } |
419 | +- |
420 | + C.go_openssl_EVP_DecryptUpdate_wrapper(c.dec_ctx, base(dst), base(src), aesBlockSize) |
421 | + runtime.KeepAlive(c) |
422 | + } |
423 | +@@ -296,6 +300,12 @@ func (c *aesCipher) NewGCM(nonceSize, tagSize int) (cipher.AEAD, error) { |
424 | + return c.newGCM(false) |
425 | + } |
426 | + |
427 | ++// NewGCMTLS returns a GCM cipher specific to TLS |
428 | ++// and should not be used for non-TLS purposes. |
429 | ++func NewGCMTLS(c cipher.Block) (cipher.AEAD, error) { |
430 | ++ return c.(*aesCipher).NewGCMTLS() |
431 | ++} |
432 | ++ |
433 | + func (c *aesCipher) NewGCMTLS() (cipher.AEAD, error) { |
434 | + return c.newGCM(true) |
435 | + } |
436 | +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/bbig/big.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/bbig/big.go |
437 | +new file mode 100644 |
438 | +index 0000000000..1214e1097e |
439 | +--- /dev/null |
440 | ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/bbig/big.go |
441 | +@@ -0,0 +1,38 @@ |
442 | ++// Copyright 2022 The Go Authors. All rights reserved. |
443 | ++// Use of this source code is governed by a BSD-style |
444 | ++// license that can be found in the LICENSE file. |
445 | ++ |
446 | ++// This is a mirror of crypto/internal/boring/bbig/big.go. |
447 | ++ |
448 | ++package bbig |
449 | ++ |
450 | ++import ( |
451 | ++ "math/big" |
452 | ++ "unsafe" |
453 | ++ |
454 | ++ "github.com/microsoft/go-crypto-openssl/openssl" |
455 | ++) |
456 | ++ |
457 | ++func Enc(b *big.Int) openssl.BigInt { |
458 | ++ if b == nil { |
459 | ++ return nil |
460 | ++ } |
461 | ++ x := b.Bits() |
462 | ++ if len(x) == 0 { |
463 | ++ return openssl.BigInt{} |
464 | ++ } |
465 | ++ // TODO: Use unsafe.Slice((*uint)(&x[0]), len(x)) once go1.16 is no longer supported. |
466 | ++ return (*(*[]uint)(unsafe.Pointer(&x)))[:len(x)] |
467 | ++} |
468 | ++ |
469 | ++func Dec(b openssl.BigInt) *big.Int { |
470 | ++ if b == nil { |
471 | ++ return nil |
472 | ++ } |
473 | ++ if len(b) == 0 { |
474 | ++ return new(big.Int) |
475 | ++ } |
476 | ++ // TODO: Use unsafe.Slice((*uint)(&b[0]), len(b)) once go1.16 is no longer supported. |
477 | ++ x := (*(*[]big.Word)(unsafe.Pointer(&b)))[:len(b)] |
478 | ++ return new(big.Int).SetBits(x) |
479 | ++} |
480 | +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/bbig/bridge/bridge.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/bbig/bridge/bridge.go |
481 | +new file mode 100644 |
482 | +index 0000000000..43f5e60049 |
483 | +--- /dev/null |
484 | ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/bbig/bridge/bridge.go |
485 | +@@ -0,0 +1,83 @@ |
486 | ++// Copyright (c) Microsoft Corporation. |
487 | ++// Licensed under the MIT License. |
488 | ++ |
489 | ++// These wrappers only exist for code reuse in places where we need the old pre-go1.19 signature. |
490 | ++ |
491 | ++package bridge |
492 | ++ |
493 | ++import ( |
494 | ++ "encoding/asn1" |
495 | ++ "math/big" |
496 | ++ |
497 | ++ "github.com/microsoft/go-crypto-openssl/openssl" |
498 | ++ "github.com/microsoft/go-crypto-openssl/openssl/bbig" |
499 | ++) |
500 | ++ |
501 | ++func GenerateKeyECDSA(curve string) (X, Y, D *big.Int, err error) { |
502 | ++ x, y, d, err := openssl.GenerateKeyECDSA(curve) |
503 | ++ if err != nil { |
504 | ++ return nil, nil, nil, err |
505 | ++ } |
506 | ++ return bbig.Dec(x), bbig.Dec(y), bbig.Dec(d), nil |
507 | ++} |
508 | ++ |
509 | ++type ecdsaSignature struct { |
510 | ++ R, S *big.Int |
511 | ++} |
512 | ++ |
513 | ++func SignECDSA(priv *openssl.PrivateKeyECDSA, hash []byte) (r, s *big.Int, err error) { |
514 | ++ sig, err := openssl.SignMarshalECDSA(priv, hash) |
515 | ++ if err != nil { |
516 | ++ return nil, nil, err |
517 | ++ } |
518 | ++ var esig ecdsaSignature |
519 | ++ if _, err := asn1.Unmarshal(sig, &esig); err != nil { |
520 | ++ return nil, nil, err |
521 | ++ } |
522 | ++ return esig.R, esig.S, nil |
523 | ++} |
524 | ++ |
525 | ++func NewPrivateKeyECDSA(curve string, X, Y, D *big.Int) (*openssl.PrivateKeyECDSA, error) { |
526 | ++ return openssl.NewPrivateKeyECDSA(curve, bbig.Enc(X), bbig.Enc(Y), bbig.Enc(D)) |
527 | ++} |
528 | ++ |
529 | ++func NewPublicKeyECDSA(curve string, X, Y *big.Int) (*openssl.PublicKeyECDSA, error) { |
530 | ++ return openssl.NewPublicKeyECDSA(curve, bbig.Enc(X), bbig.Enc(Y)) |
531 | ++} |
532 | ++ |
533 | ++func VerifyECDSA(pub *openssl.PublicKeyECDSA, hash []byte, r, s *big.Int) bool { |
534 | ++ sig, err := asn1.Marshal(ecdsaSignature{r, s}) |
535 | ++ if err != nil { |
536 | ++ return false |
537 | ++ } |
538 | ++ return openssl.VerifyECDSA(pub, hash, sig) |
539 | ++} |
540 | ++ |
541 | ++func GenerateKeyRSA(bits int) (N, E, D, P, Q, Dp, Dq, Qinv *big.Int, err error) { |
542 | ++ bN, bE, bD, bP, bQ, bDp, bDq, bQinv, err1 := openssl.GenerateKeyRSA(bits) |
543 | ++ if err1 != nil { |
544 | ++ err = err1 |
545 | ++ return |
546 | ++ } |
547 | ++ N = bbig.Dec(bN) |
548 | ++ E = bbig.Dec(bE) |
549 | ++ D = bbig.Dec(bD) |
550 | ++ P = bbig.Dec(bP) |
551 | ++ Q = bbig.Dec(bQ) |
552 | ++ Dp = bbig.Dec(bDp) |
553 | ++ Dq = bbig.Dec(bDq) |
554 | ++ Qinv = bbig.Dec(bQinv) |
555 | ++ return |
556 | ++} |
557 | ++ |
558 | ++func NewPublicKeyRSA(N, E *big.Int) (*openssl.PublicKeyRSA, error) { |
559 | ++ return openssl.NewPublicKeyRSA(bbig.Enc(N), bbig.Enc(E)) |
560 | ++} |
561 | ++ |
562 | ++func NewPrivateKeyRSA(N, E, D, P, Q, Dp, Dq, Qinv *big.Int) (*openssl.PrivateKeyRSA, error) { |
563 | ++ return openssl.NewPrivateKeyRSA( |
564 | ++ bbig.Enc(N), bbig.Enc(E), bbig.Enc(D), |
565 | ++ bbig.Enc(P), bbig.Enc(Q), |
566 | ++ bbig.Enc(Dp), bbig.Enc(Dq), bbig.Enc(Qinv), |
567 | ++ ) |
568 | ++} |
569 | +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/big.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/big.go |
570 | +new file mode 100644 |
571 | +index 0000000000..c6856c7bc2 |
572 | +--- /dev/null |
573 | ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/big.go |
574 | +@@ -0,0 +1,13 @@ |
575 | ++// Copyright (c) Microsoft Corporation. |
576 | ++// Licensed under the MIT License. |
577 | ++package openssl |
578 | ++ |
579 | ++// This file does not have build constraints to |
580 | ++// facilitate using BigInt in Go crypto. |
581 | ++// Go crypto references BigInt unconditionally, |
582 | ++// even if it is not finally used. |
583 | ++ |
584 | ++// A BigInt is the raw words from a BigInt. |
585 | ++// This definition allows us to avoid importing math/big. |
586 | ++// Conversion between BigInt and *big.Int is in openssl/bbig. |
587 | ++type BigInt []uint |
588 | +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ecdh.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ecdh.go |
589 | +new file mode 100644 |
590 | +index 0000000000..fba3704531 |
591 | +--- /dev/null |
592 | ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ecdh.go |
593 | +@@ -0,0 +1,223 @@ |
594 | ++// Copyright (c) Microsoft Corporation. |
595 | ++// Licensed under the MIT License. |
596 | ++ |
597 | ++//go:build linux && !android |
598 | ++// +build linux,!android |
599 | ++ |
600 | ++package openssl |
601 | ++ |
602 | ++// #include "goopenssl.h" |
603 | ++import "C" |
604 | ++import ( |
605 | ++ "errors" |
606 | ++ "runtime" |
607 | ++) |
608 | ++ |
609 | ++type PublicKeyECDH struct { |
610 | ++ _pkey C.GO_EVP_PKEY_PTR |
611 | ++ bytes []byte |
612 | ++ |
613 | ++ // priv is only set when PublicKeyECDH is derived from a private key, |
614 | ++ // in which case priv's finalizer is responsible for freeing _pkey. |
615 | ++ // This ensures priv is not finalized while the public key is alive, |
616 | ++ // which could cause use-after-free and double-free behavior. |
617 | ++ // |
618 | ++ // We could avoid this altogether if using EVP_PKEY_up_ref |
619 | ++ // when instantiating a derived public key, unfortunately |
620 | ++ // it is not available on OpenSSL 1.0.2. |
621 | ++ priv *PrivateKeyECDH |
622 | ++} |
623 | ++ |
624 | ++func (k *PublicKeyECDH) finalize() { |
625 | ++ if k.priv == nil { |
626 | ++ C.go_openssl_EVP_PKEY_free(k._pkey) |
627 | ++ } |
628 | ++} |
629 | ++ |
630 | ++type PrivateKeyECDH struct { |
631 | ++ _pkey C.GO_EVP_PKEY_PTR |
632 | ++} |
633 | ++ |
634 | ++func (k *PrivateKeyECDH) finalize() { |
635 | ++ C.go_openssl_EVP_PKEY_free(k._pkey) |
636 | ++} |
637 | ++ |
638 | ++func NewPublicKeyECDH(curve string, bytes []byte) (*PublicKeyECDH, error) { |
639 | ++ if len(bytes) < 1 { |
640 | ++ return nil, errors.New("NewPublicKeyECDH: missing key") |
641 | ++ } |
642 | ++ nid, err := curveNID(curve) |
643 | ++ if err != nil { |
644 | ++ return nil, err |
645 | ++ } |
646 | ++ key := C.go_openssl_EC_KEY_new_by_curve_name(nid) |
647 | ++ if key == nil { |
648 | ++ return nil, newOpenSSLError("EC_KEY_new_by_curve_name") |
649 | ++ } |
650 | ++ var k *PublicKeyECDH |
651 | ++ defer func() { |
652 | ++ if k == nil { |
653 | ++ C.go_openssl_EC_KEY_free(key) |
654 | ++ } |
655 | ++ }() |
656 | ++ if vMajor == 1 && vMinor == 0 { |
657 | ++ // EC_KEY_oct2key does not exist on OpenSSL 1.0.2, |
658 | ++ // we have to simulate it. |
659 | ++ group := C.go_openssl_EC_KEY_get0_group(key) |
660 | ++ pt := C.go_openssl_EC_POINT_new(group) |
661 | ++ if pt == nil { |
662 | ++ return nil, newOpenSSLError("EC_POINT_new") |
663 | ++ } |
664 | ++ defer C.go_openssl_EC_POINT_free(pt) |
665 | ++ if C.go_openssl_EC_POINT_oct2point(group, pt, base(bytes), C.size_t(len(bytes)), nil) != 1 { |
666 | ++ return nil, errors.New("point not on curve") |
667 | ++ } |
668 | ++ if C.go_openssl_EC_KEY_set_public_key(key, pt) != 1 { |
669 | ++ return nil, newOpenSSLError("EC_KEY_set_public_key") |
670 | ++ } |
671 | ++ } else { |
672 | ++ if C.go_openssl_EC_KEY_oct2key(key, base(bytes), C.size_t(len(bytes)), nil) != 1 { |
673 | ++ return nil, newOpenSSLError("EC_KEY_oct2key") |
674 | ++ } |
675 | ++ } |
676 | ++ pkey, err := newEVPPKEY(key) |
677 | ++ if err != nil { |
678 | ++ return nil, err |
679 | ++ } |
680 | ++ k = &PublicKeyECDH{pkey, append([]byte(nil), bytes...), nil} |
681 | ++ runtime.SetFinalizer(k, (*PublicKeyECDH).finalize) |
682 | ++ return k, nil |
683 | ++} |
684 | ++ |
685 | ++func (k *PublicKeyECDH) Bytes() []byte { return k.bytes } |
686 | ++ |
687 | ++func NewPrivateKeyECDH(curve string, bytes []byte) (*PrivateKeyECDH, error) { |
688 | ++ nid, err := curveNID(curve) |
689 | ++ if err != nil { |
690 | ++ return nil, err |
691 | ++ } |
692 | ++ b := bytesToBN(bytes) |
693 | ++ if b == nil { |
694 | ++ return nil, newOpenSSLError("BN_bin2bn") |
695 | ++ } |
696 | ++ defer C.go_openssl_BN_free(b) |
697 | ++ key := C.go_openssl_EC_KEY_new_by_curve_name(nid) |
698 | ++ if key == nil { |
699 | ++ return nil, newOpenSSLError("EC_KEY_new_by_curve_name") |
700 | ++ } |
701 | ++ var pkey C.GO_EVP_PKEY_PTR |
702 | ++ defer func() { |
703 | ++ if pkey == nil { |
704 | ++ C.go_openssl_EC_KEY_free(key) |
705 | ++ } |
706 | ++ }() |
707 | ++ if C.go_openssl_EC_KEY_set_private_key(key, b) != 1 { |
708 | ++ return nil, newOpenSSLError("EC_KEY_set_private_key") |
709 | ++ } |
710 | ++ pkey, err = newEVPPKEY(key) |
711 | ++ if err != nil { |
712 | ++ return nil, err |
713 | ++ } |
714 | ++ k := &PrivateKeyECDH{pkey} |
715 | ++ runtime.SetFinalizer(k, (*PrivateKeyECDH).finalize) |
716 | ++ return k, nil |
717 | ++} |
718 | ++ |
719 | ++func (k *PrivateKeyECDH) PublicKey() (*PublicKeyECDH, error) { |
720 | ++ defer runtime.KeepAlive(k) |
721 | ++ key := C.go_openssl_EVP_PKEY_get1_EC_KEY(k._pkey) |
722 | ++ if key == nil { |
723 | ++ return nil, newOpenSSLError("EVP_PKEY_get1_EC_KEY") |
724 | ++ } |
725 | ++ defer C.go_openssl_EC_KEY_free(key) |
726 | ++ group := C.go_openssl_EC_KEY_get0_group(key) |
727 | ++ if group == nil { |
728 | ++ return nil, newOpenSSLError("EC_KEY_get0_group") |
729 | ++ } |
730 | ++ pt := C.go_openssl_EC_KEY_get0_public_key(key) |
731 | ++ if pt == nil { |
732 | ++ // The public key will be nil if k has been generated using |
733 | ++ // NewPrivateKeyECDH instead of GenerateKeyECDH. |
734 | ++ // |
735 | ++ // OpenSSL does not expose any method to generate the public |
736 | ++ // key from the private key [1], so we have to calculate it here |
737 | ++ // https://github.com/openssl/openssl/issues/18437#issuecomment-1144717206 |
738 | ++ pt = C.go_openssl_EC_POINT_new(group) |
739 | ++ if pt == nil { |
740 | ++ return nil, newOpenSSLError("EC_POINT_new") |
741 | ++ } |
742 | ++ defer C.go_openssl_EC_POINT_free(pt) |
743 | ++ kbig := C.go_openssl_EC_KEY_get0_private_key(key) |
744 | ++ if C.go_openssl_EC_POINT_mul(group, pt, kbig, nil, nil, nil) == 0 { |
745 | ++ return nil, newOpenSSLError("EC_POINT_mul") |
746 | ++ } |
747 | ++ } |
748 | ++ n := C.go_openssl_EC_POINT_point2oct(group, pt, C.GO_POINT_CONVERSION_UNCOMPRESSED, nil, 0, nil) |
749 | ++ if n == 0 { |
750 | ++ return nil, newOpenSSLError("EC_POINT_point2oct") |
751 | ++ } |
752 | ++ bytes := make([]byte, n) |
753 | ++ n = C.go_openssl_EC_POINT_point2oct(group, pt, C.GO_POINT_CONVERSION_UNCOMPRESSED, base(bytes), C.size_t(len(bytes)), nil) |
754 | ++ if int(n) != len(bytes) { |
755 | ++ return nil, newOpenSSLError("EC_POINT_point2oct") |
756 | ++ } |
757 | ++ pub := &PublicKeyECDH{k._pkey, bytes, k} |
758 | ++ // Note: Same as in NewPublicKeyECDH regarding finalizer and KeepAlive. |
759 | ++ runtime.SetFinalizer(pub, (*PublicKeyECDH).finalize) |
760 | ++ return pub, nil |
761 | ++} |
762 | ++ |
763 | ++func ECDH(priv *PrivateKeyECDH, pub *PublicKeyECDH) ([]byte, error) { |
764 | ++ defer runtime.KeepAlive(priv) |
765 | ++ defer runtime.KeepAlive(pub) |
766 | ++ ctx := C.go_openssl_EVP_PKEY_CTX_new(priv._pkey, nil) |
767 | ++ if ctx == nil { |
768 | ++ return nil, newOpenSSLError("EVP_PKEY_CTX_new") |
769 | ++ } |
770 | ++ defer C.go_openssl_EVP_PKEY_CTX_free(ctx) |
771 | ++ if C.go_openssl_EVP_PKEY_derive_init(ctx) != 1 { |
772 | ++ return nil, newOpenSSLError("EVP_PKEY_derive_init") |
773 | ++ } |
774 | ++ if C.go_openssl_EVP_PKEY_derive_set_peer(ctx, pub._pkey) != 1 { |
775 | ++ return nil, newOpenSSLError("EVP_PKEY_derive_set_peer") |
776 | ++ } |
777 | ++ var outLen C.size_t |
778 | ++ if C.go_openssl_EVP_PKEY_derive(ctx, nil, &outLen) != 1 { |
779 | ++ return nil, newOpenSSLError("EVP_PKEY_derive_init") |
780 | ++ } |
781 | ++ out := make([]byte, outLen) |
782 | ++ if C.go_openssl_EVP_PKEY_derive(ctx, base(out), &outLen) != 1 { |
783 | ++ return nil, newOpenSSLError("EVP_PKEY_derive_init") |
784 | ++ } |
785 | ++ return out, nil |
786 | ++} |
787 | ++ |
788 | ++func GenerateKeyECDH(curve string) (*PrivateKeyECDH, []byte, error) { |
789 | ++ pkey, err := generateEVPPKey(C.GO_EVP_PKEY_EC, 0, curve) |
790 | ++ if err != nil { |
791 | ++ return nil, nil, err |
792 | ++ } |
793 | ++ var k *PrivateKeyECDH |
794 | ++ defer func() { |
795 | ++ if k == nil { |
796 | ++ C.go_openssl_EVP_PKEY_free(pkey) |
797 | ++ } |
798 | ++ }() |
799 | ++ key := C.go_openssl_EVP_PKEY_get1_EC_KEY(pkey) |
800 | ++ if key == nil { |
801 | ++ return nil, nil, newOpenSSLError("EVP_PKEY_get1_EC_KEY") |
802 | ++ } |
803 | ++ defer C.go_openssl_EC_KEY_free(key) |
804 | ++ b := C.go_openssl_EC_KEY_get0_private_key(key) |
805 | ++ if b == nil { |
806 | ++ return nil, nil, newOpenSSLError("EC_KEY_get0_private_key") |
807 | ++ } |
808 | ++ bits := C.go_openssl_EVP_PKEY_get_bits(pkey) |
809 | ++ out := make([]byte, (bits+7)/8) |
810 | ++ if C.go_openssl_BN_bn2binpad(b, base(out), C.int(len(out))) == 0 { |
811 | ++ return nil, nil, newOpenSSLError("BN_bn2binpad") |
812 | ++ } |
813 | ++ k = &PrivateKeyECDH{pkey} |
814 | ++ runtime.SetFinalizer(k, (*PrivateKeyECDH).finalize) |
815 | ++ return k, out, nil |
816 | ++} |
817 | +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ecdsa.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ecdsa.go |
818 | +index 84f82e903c..de4aa0ecfc 100644 |
819 | +--- a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ecdsa.go |
820 | ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ecdsa.go |
821 | +@@ -9,17 +9,10 @@ package openssl |
822 | + // #include "goopenssl.h" |
823 | + import "C" |
824 | + import ( |
825 | +- "encoding/asn1" |
826 | + "errors" |
827 | +- "math/big" |
828 | + "runtime" |
829 | +- "unsafe" |
830 | + ) |
831 | + |
832 | +-type ecdsaSignature struct { |
833 | +- R, S *big.Int |
834 | +-} |
835 | +- |
836 | + type PrivateKeyECDSA struct { |
837 | + // _pkey MUST NOT be accessed directly. Instead, use the withKey method. |
838 | + _pkey C.GO_EVP_PKEY_PTR |
839 | +@@ -65,7 +58,7 @@ func curveNID(curve string) (C.int, error) { |
840 | + return 0, errUnknownCurve |
841 | + } |
842 | + |
843 | +-func NewPublicKeyECDSA(curve string, X, Y *big.Int) (*PublicKeyECDSA, error) { |
844 | ++func NewPublicKeyECDSA(curve string, X, Y BigInt) (*PublicKeyECDSA, error) { |
845 | + pkey, err := newECKey(curve, X, Y, nil) |
846 | + if err != nil { |
847 | + return nil, err |
848 | +@@ -79,13 +72,12 @@ func NewPublicKeyECDSA(curve string, X, Y *big.Int) (*PublicKeyECDSA, error) { |
849 | + return k, nil |
850 | + } |
851 | + |
852 | +-func newECKey(curve string, X, Y, D *big.Int) (pkey C.GO_EVP_PKEY_PTR, err error) { |
853 | +- var nid C.int |
854 | +- if nid, err = curveNID(curve); err != nil { |
855 | ++func newECKey(curve string, X, Y, D BigInt) (C.GO_EVP_PKEY_PTR, error) { |
856 | ++ nid, err := curveNID(curve) |
857 | ++ if err != nil { |
858 | + return nil, err |
859 | + } |
860 | +- var bx, by C.GO_BIGNUM_PTR |
861 | +- var key C.GO_EC_KEY_PTR |
862 | ++ var bx, by, bd C.GO_BIGNUM_PTR |
863 | + defer func() { |
864 | + if bx != nil { |
865 | + C.go_openssl_BN_free(bx) |
866 | +@@ -93,49 +85,40 @@ func newECKey(curve string, X, Y, D *big.Int) (pkey C.GO_EVP_PKEY_PTR, err error |
867 | + if by != nil { |
868 | + C.go_openssl_BN_free(by) |
869 | + } |
870 | +- if err != nil { |
871 | +- if key != nil { |
872 | +- C.go_openssl_EC_KEY_free(key) |
873 | +- } |
874 | +- if pkey != nil { |
875 | +- C.go_openssl_EVP_PKEY_free(pkey) |
876 | +- // pkey is a named return, so in case of error |
877 | +- // it have to be cleared before returing. |
878 | +- pkey = nil |
879 | +- } |
880 | ++ if bd != nil { |
881 | ++ C.go_openssl_BN_free(bd) |
882 | + } |
883 | + }() |
884 | + bx = bigToBN(X) |
885 | + by = bigToBN(Y) |
886 | +- if bx == nil || by == nil { |
887 | +- return nil, newOpenSSLError("BN_bin2bn failed") |
888 | ++ bd = bigToBN(D) |
889 | ++ if bx == nil || by == nil || (D != nil && bd == nil) { |
890 | ++ return nil, newOpenSSLError("BN_lebin2bn failed") |
891 | + } |
892 | +- if key = C.go_openssl_EC_KEY_new_by_curve_name(nid); key == nil { |
893 | ++ key := C.go_openssl_EC_KEY_new_by_curve_name(nid) |
894 | ++ if key == nil { |
895 | + return nil, newOpenSSLError("EC_KEY_new_by_curve_name failed") |
896 | + } |
897 | ++ var pkey C.GO_EVP_PKEY_PTR |
898 | ++ defer func() { |
899 | ++ if pkey == nil { |
900 | ++ defer C.go_openssl_EC_KEY_free(key) |
901 | ++ } |
902 | ++ }() |
903 | + if C.go_openssl_EC_KEY_set_public_key_affine_coordinates(key, bx, by) != 1 { |
904 | + return nil, newOpenSSLError("EC_KEY_set_public_key_affine_coordinates failed") |
905 | + } |
906 | +- if D != nil { |
907 | +- bd := bigToBN(D) |
908 | +- if bd == nil { |
909 | +- return nil, newOpenSSLError("BN_bin2bn failed") |
910 | +- } |
911 | +- defer C.go_openssl_BN_free(bd) |
912 | +- if C.go_openssl_EC_KEY_set_private_key(key, bd) != 1 { |
913 | +- return nil, newOpenSSLError("EC_KEY_set_private_key failed") |
914 | +- } |
915 | +- } |
916 | +- if pkey = C.go_openssl_EVP_PKEY_new(); pkey == nil { |
917 | +- return nil, newOpenSSLError("EVP_PKEY_new failed") |
918 | ++ if D != nil && C.go_openssl_EC_KEY_set_private_key(key, bd) != 1 { |
919 | ++ return nil, newOpenSSLError("EC_KEY_set_private_key failed") |
920 | + } |
921 | +- if C.go_openssl_EVP_PKEY_assign(pkey, C.GO_EVP_PKEY_EC, (unsafe.Pointer)(key)) != 1 { |
922 | +- return nil, newOpenSSLError("EVP_PKEY_assign failed") |
923 | ++ pkey, err = newEVPPKEY(key) |
924 | ++ if err != nil { |
925 | ++ return nil, err |
926 | + } |
927 | + return pkey, nil |
928 | + } |
929 | + |
930 | +-func NewPrivateKeyECDSA(curve string, X, Y *big.Int, D *big.Int) (*PrivateKeyECDSA, error) { |
931 | ++func NewPrivateKeyECDSA(curve string, X, Y, D BigInt) (*PrivateKeyECDSA, error) { |
932 | + pkey, err := newECKey(curve, X, Y, D) |
933 | + if err != nil { |
934 | + return nil, err |
935 | +@@ -149,38 +132,15 @@ func NewPrivateKeyECDSA(curve string, X, Y *big.Int, D *big.Int) (*PrivateKeyECD |
936 | + return k, nil |
937 | + } |
938 | + |
939 | +-func SignECDSA(priv *PrivateKeyECDSA, hash []byte) (r, s *big.Int, err error) { |
940 | +- // We could use ECDSA_do_sign instead but would need to convert |
941 | +- // the resulting BIGNUMs to *big.Int form. If we're going to do a |
942 | +- // conversion, converting the ASN.1 form is more convenient and |
943 | +- // likely not much more expensive. |
944 | +- sig, err := SignMarshalECDSA(priv, hash) |
945 | +- if err != nil { |
946 | +- return nil, nil, err |
947 | +- } |
948 | +- var esig ecdsaSignature |
949 | +- if _, err := asn1.Unmarshal(sig, &esig); err != nil { |
950 | +- return nil, nil, err |
951 | +- } |
952 | +- return esig.R, esig.S, nil |
953 | +-} |
954 | +- |
955 | + func SignMarshalECDSA(priv *PrivateKeyECDSA, hash []byte) ([]byte, error) { |
956 | + return evpSign(priv.withKey, 0, 0, 0, hash) |
957 | + } |
958 | + |
959 | +-func VerifyECDSA(pub *PublicKeyECDSA, hash []byte, r, s *big.Int) bool { |
960 | +- // We could use ECDSA_do_verify instead but would need to convert |
961 | +- // r and s to BIGNUM form. If we're going to do a conversion, marshaling |
962 | +- // to ASN.1 is more convenient and likely not much more expensive. |
963 | +- sig, err := asn1.Marshal(ecdsaSignature{r, s}) |
964 | +- if err != nil { |
965 | +- return false |
966 | +- } |
967 | ++func VerifyECDSA(pub *PublicKeyECDSA, hash []byte, sig []byte) bool { |
968 | + return evpVerify(pub.withKey, 0, 0, 0, sig, hash) == nil |
969 | + } |
970 | + |
971 | +-func GenerateKeyECDSA(curve string) (X, Y, D *big.Int, err error) { |
972 | ++func GenerateKeyECDSA(curve string) (X, Y, D BigInt, err error) { |
973 | + pkey, err := generateEVPPKey(C.GO_EVP_PKEY_EC, 0, curve) |
974 | + if err != nil { |
975 | + return nil, nil, nil, err |
976 | +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/evpkey.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/evpkey.go |
977 | +index 03a652aef1..638f0e134d 100644 |
978 | +--- a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/evpkey.go |
979 | ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/evpkey.go |
980 | +@@ -57,6 +57,26 @@ func cryptoHashToMD(ch crypto.Hash) C.GO_EVP_MD_PTR { |
981 | + return C.go_openssl_EVP_sha384() |
982 | + case crypto.SHA512: |
983 | + return C.go_openssl_EVP_sha512() |
984 | ++ case crypto.SHA3_224: |
985 | ++ if !SupportsSHA3() { |
986 | ++ return nil |
987 | ++ } |
988 | ++ return C.go_openssl_EVP_sha3_224() |
989 | ++ case crypto.SHA3_256: |
990 | ++ if !SupportsSHA3() { |
991 | ++ return nil |
992 | ++ } |
993 | ++ return C.go_openssl_EVP_sha3_256() |
994 | ++ case crypto.SHA3_384: |
995 | ++ if !SupportsSHA3() { |
996 | ++ return nil |
997 | ++ } |
998 | ++ return C.go_openssl_EVP_sha3_384() |
999 | ++ case crypto.SHA3_512: |
1000 | ++ if !SupportsSHA3() { |
1001 | ++ return nil |
1002 | ++ } |
1003 | ++ return C.go_openssl_EVP_sha3_512() |
1004 | + } |
1005 | + return nil |
1006 | + } |
1007 | +@@ -95,12 +115,12 @@ func generateEVPPKey(id C.int, bits int, curve string) (C.GO_EVP_PKEY_PTR, error |
1008 | + } |
1009 | + |
1010 | + type withKeyFunc func(func(C.GO_EVP_PKEY_PTR) C.int) C.int |
1011 | +-type initFunc func(C.GO_EVP_PKEY_CTX_PTR) C.int |
1012 | +-type cryptFunc func(C.GO_EVP_PKEY_CTX_PTR, *C.uchar, *C.size_t, *C.uchar, C.size_t) C.int |
1013 | +-type verifyFunc func(C.GO_EVP_PKEY_CTX_PTR, *C.uchar, C.size_t, *C.uchar, C.size_t) C.int |
1014 | ++type initFunc func(C.GO_EVP_PKEY_CTX_PTR) error |
1015 | ++type cryptFunc func(C.GO_EVP_PKEY_CTX_PTR, *C.uchar, *C.size_t, *C.uchar, C.size_t) error |
1016 | ++type verifyFunc func(C.GO_EVP_PKEY_CTX_PTR, *C.uchar, C.size_t, *C.uchar, C.size_t) error |
1017 | + |
1018 | + func setupEVP(withKey withKeyFunc, padding C.int, |
1019 | +- h hash.Hash, label []byte, saltLen int, ch crypto.Hash, |
1020 | ++ h, mgfHash hash.Hash, label []byte, saltLen C.int, ch crypto.Hash, |
1021 | + init initFunc) (ctx C.GO_EVP_PKEY_CTX_PTR, err error) { |
1022 | + defer func() { |
1023 | + if err != nil { |
1024 | +@@ -118,8 +138,8 @@ func setupEVP(withKey withKeyFunc, padding C.int, |
1025 | + if ctx == nil { |
1026 | + return nil, newOpenSSLError("EVP_PKEY_CTX_new failed") |
1027 | + } |
1028 | +- if init(ctx) != 1 { |
1029 | +- return nil, newOpenSSLError("EVP_PKEY_operation_init failed") |
1030 | ++ if err := init(ctx); err != nil { |
1031 | ++ return nil, err |
1032 | + } |
1033 | + if padding == 0 { |
1034 | + return ctx, nil |
1035 | +@@ -138,6 +158,14 @@ func setupEVP(withKey withKeyFunc, padding C.int, |
1036 | + if md == nil { |
1037 | + return nil, errors.New("crypto/rsa: unsupported hash function") |
1038 | + } |
1039 | ++ var mgfMD C.GO_EVP_MD_PTR |
1040 | ++ if mgfHash != nil { |
1041 | ++ // mgfHash is optional, but if it is set it must match a supported hash function. |
1042 | ++ mgfMD = hashToMD(mgfHash) |
1043 | ++ if mgfMD == nil { |
1044 | ++ return nil, errors.New("crypto/rsa: unsupported hash function") |
1045 | ++ } |
1046 | ++ } |
1047 | + // setPadding must happen before setting EVP_PKEY_CTRL_RSA_OAEP_MD. |
1048 | + if err := setPadding(); err != nil { |
1049 | + return nil, err |
1050 | +@@ -145,6 +173,11 @@ func setupEVP(withKey withKeyFunc, padding C.int, |
1051 | + if C.go_openssl_EVP_PKEY_CTX_ctrl(ctx, C.GO_EVP_PKEY_RSA, -1, C.GO_EVP_PKEY_CTRL_RSA_OAEP_MD, 0, unsafe.Pointer(md)) != 1 { |
1052 | + return nil, newOpenSSLError("EVP_PKEY_CTX_ctrl failed") |
1053 | + } |
1054 | ++ if mgfHash != nil { |
1055 | ++ if C.go_openssl_EVP_PKEY_CTX_ctrl(ctx, C.GO_EVP_PKEY_RSA, -1, C.GO_EVP_PKEY_CTRL_RSA_MGF1_MD, 0, unsafe.Pointer(mgfMD)) != 1 { |
1056 | ++ return nil, newOpenSSLError("EVP_PKEY_CTX_ctrl failed") |
1057 | ++ } |
1058 | ++ } |
1059 | + // ctx takes ownership of label, so malloc a copy for OpenSSL to free. |
1060 | + // OpenSSL 1.1.1 and higher does not take ownership of the label if the length is zero, |
1061 | + // so better avoid the allocation. |
1062 | +@@ -154,7 +187,16 @@ func setupEVP(withKey withKeyFunc, padding C.int, |
1063 | + clabel = (*C.uchar)(C.malloc(C.size_t(len(label)))) |
1064 | + copy((*[1 << 30]byte)(unsafe.Pointer(clabel))[:len(label)], label) |
1065 | + } |
1066 | +- if C.go_openssl_EVP_PKEY_CTX_ctrl(ctx, C.GO_EVP_PKEY_RSA, -1, C.GO_EVP_PKEY_CTRL_RSA_OAEP_LABEL, C.int(len(label)), unsafe.Pointer(clabel)) != 1 { |
1067 | ++ var ret C.int |
1068 | ++ if vMajor == 1 { |
1069 | ++ ret = C.go_openssl_EVP_PKEY_CTX_ctrl(ctx, C.GO_EVP_PKEY_RSA, -1, C.GO_EVP_PKEY_CTRL_RSA_OAEP_LABEL, C.int(len(label)), unsafe.Pointer(clabel)) |
1070 | ++ } else { |
1071 | ++ // OpenSSL 3 implements EVP_PKEY_CTX_set0_rsa_oaep_label as a function, |
1072 | ++ // instead of a macro around EVP_PKEY_CTX_ctrl, and it takes a different |
1073 | ++ // code path when the implementation is provided by FIPS provider. |
1074 | ++ ret = C.go_openssl_EVP_PKEY_CTX_set0_rsa_oaep_label(ctx, unsafe.Pointer(clabel), C.int(len(label))) |
1075 | ++ } |
1076 | ++ if ret != 1 { |
1077 | + if clabel != nil { |
1078 | + C.free(unsafe.Pointer(clabel)) |
1079 | + } |
1080 | +@@ -173,7 +215,7 @@ func setupEVP(withKey withKeyFunc, padding C.int, |
1081 | + return nil, err |
1082 | + } |
1083 | + if saltLen != 0 { |
1084 | +- if C.go_openssl_EVP_PKEY_CTX_ctrl(ctx, C.GO_EVP_PKEY_RSA, -1, C.GO_EVP_PKEY_CTRL_RSA_PSS_SALTLEN, C.int(saltLen), nil) != 1 { |
1085 | ++ if C.go_openssl_EVP_PKEY_CTX_ctrl(ctx, C.GO_EVP_PKEY_RSA, -1, C.GO_EVP_PKEY_CTRL_RSA_PSS_SALTLEN, saltLen, nil) != 1 { |
1086 | + return nil, newOpenSSLError("EVP_PKEY_CTX_ctrl failed") |
1087 | + } |
1088 | + } |
1089 | +@@ -201,10 +243,10 @@ func setupEVP(withKey withKeyFunc, padding C.int, |
1090 | + } |
1091 | + |
1092 | + func cryptEVP(withKey withKeyFunc, padding C.int, |
1093 | +- h hash.Hash, label []byte, saltLen int, ch crypto.Hash, |
1094 | ++ h, mgfHash hash.Hash, label []byte, saltLen C.int, ch crypto.Hash, |
1095 | + init initFunc, crypt cryptFunc, in []byte) ([]byte, error) { |
1096 | + |
1097 | +- ctx, err := setupEVP(withKey, padding, h, label, saltLen, ch, init) |
1098 | ++ ctx, err := setupEVP(withKey, padding, h, mgfHash, label, saltLen, ch, init) |
1099 | + if err != nil { |
1100 | + return nil, err |
1101 | + } |
1102 | +@@ -214,8 +256,8 @@ func cryptEVP(withKey withKeyFunc, padding C.int, |
1103 | + }) |
1104 | + outLen := C.size_t(pkeySize) |
1105 | + out := make([]byte, pkeySize) |
1106 | +- if crypt(ctx, base(out), &outLen, base(in), C.size_t(len(in))) != 1 { |
1107 | +- return nil, newOpenSSLError("EVP_PKEY_decrypt/encrypt failed") |
1108 | ++ if err := crypt(ctx, base(out), &outLen, base(in), C.size_t(len(in))); err != nil { |
1109 | ++ return nil, err |
1110 | + } |
1111 | + // The size returned by EVP_PKEY_get_size() is only preliminary and not exact, |
1112 | + // so the final contents of the out buffer may be smaller. |
1113 | +@@ -223,57 +265,90 @@ func cryptEVP(withKey withKeyFunc, padding C.int, |
1114 | + } |
1115 | + |
1116 | + func verifyEVP(withKey withKeyFunc, padding C.int, |
1117 | +- h hash.Hash, label []byte, saltLen int, ch crypto.Hash, |
1118 | ++ h hash.Hash, label []byte, saltLen C.int, ch crypto.Hash, |
1119 | + init initFunc, verify verifyFunc, |
1120 | + sig, in []byte) error { |
1121 | + |
1122 | +- ctx, err := setupEVP(withKey, padding, h, label, saltLen, ch, init) |
1123 | ++ ctx, err := setupEVP(withKey, padding, h, nil, label, saltLen, ch, init) |
1124 | + if err != nil { |
1125 | + return err |
1126 | + } |
1127 | + defer C.go_openssl_EVP_PKEY_CTX_free(ctx) |
1128 | +- if verify(ctx, base(sig), C.size_t(len(sig)), base(in), C.size_t(len(in))) != 1 { |
1129 | +- return newOpenSSLError("EVP_PKEY_decrypt/encrypt failed") |
1130 | +- } |
1131 | +- return nil |
1132 | ++ return verify(ctx, base(sig), C.size_t(len(sig)), base(in), C.size_t(len(in))) |
1133 | + } |
1134 | + |
1135 | +-func evpEncrypt(withKey withKeyFunc, padding C.int, h hash.Hash, label, msg []byte) ([]byte, error) { |
1136 | +- encryptInit := func(ctx C.GO_EVP_PKEY_CTX_PTR) C.int { |
1137 | +- return C.go_openssl_EVP_PKEY_encrypt_init(ctx) |
1138 | ++func evpEncrypt(withKey withKeyFunc, padding C.int, h, mgfHash hash.Hash, label, msg []byte) ([]byte, error) { |
1139 | ++ encryptInit := func(ctx C.GO_EVP_PKEY_CTX_PTR) error { |
1140 | ++ if ret := C.go_openssl_EVP_PKEY_encrypt_init(ctx); ret != 1 { |
1141 | ++ return newOpenSSLError("EVP_PKEY_encrypt_init failed") |
1142 | ++ } |
1143 | ++ return nil |
1144 | + } |
1145 | +- encrypt := func(ctx C.GO_EVP_PKEY_CTX_PTR, out *C.uchar, outLen *C.size_t, in *C.uchar, inLen C.size_t) C.int { |
1146 | +- return C.go_openssl_EVP_PKEY_encrypt(ctx, out, outLen, in, inLen) |
1147 | ++ encrypt := func(ctx C.GO_EVP_PKEY_CTX_PTR, out *C.uchar, outLen *C.size_t, in *C.uchar, inLen C.size_t) error { |
1148 | ++ if ret := C.go_openssl_EVP_PKEY_encrypt(ctx, out, outLen, in, inLen); ret != 1 { |
1149 | ++ return newOpenSSLError("EVP_PKEY_encrypt failed") |
1150 | ++ } |
1151 | ++ return nil |
1152 | + } |
1153 | +- return cryptEVP(withKey, padding, h, label, 0, 0, encryptInit, encrypt, msg) |
1154 | ++ return cryptEVP(withKey, padding, h, mgfHash, label, 0, 0, encryptInit, encrypt, msg) |
1155 | + } |
1156 | + |
1157 | +-func evpDecrypt(withKey withKeyFunc, padding C.int, h hash.Hash, label, msg []byte) ([]byte, error) { |
1158 | +- decryptInit := func(ctx C.GO_EVP_PKEY_CTX_PTR) C.int { |
1159 | +- return C.go_openssl_EVP_PKEY_decrypt_init(ctx) |
1160 | ++func evpDecrypt(withKey withKeyFunc, padding C.int, h, mgfHash hash.Hash, label, msg []byte) ([]byte, error) { |
1161 | ++ decryptInit := func(ctx C.GO_EVP_PKEY_CTX_PTR) error { |
1162 | ++ if ret := C.go_openssl_EVP_PKEY_decrypt_init(ctx); ret != 1 { |
1163 | ++ return newOpenSSLError("EVP_PKEY_decrypt_init failed") |
1164 | ++ } |
1165 | ++ return nil |
1166 | + } |
1167 | +- decrypt := func(ctx C.GO_EVP_PKEY_CTX_PTR, out *C.uchar, outLen *C.size_t, in *C.uchar, inLen C.size_t) C.int { |
1168 | +- return C.go_openssl_EVP_PKEY_decrypt(ctx, out, outLen, in, inLen) |
1169 | ++ decrypt := func(ctx C.GO_EVP_PKEY_CTX_PTR, out *C.uchar, outLen *C.size_t, in *C.uchar, inLen C.size_t) error { |
1170 | ++ if ret := C.go_openssl_EVP_PKEY_decrypt(ctx, out, outLen, in, inLen); ret != 1 { |
1171 | ++ return newOpenSSLError("EVP_PKEY_decrypt failed") |
1172 | ++ } |
1173 | ++ return nil |
1174 | + } |
1175 | +- return cryptEVP(withKey, padding, h, label, 0, 0, decryptInit, decrypt, msg) |
1176 | ++ return cryptEVP(withKey, padding, h, mgfHash, label, 0, 0, decryptInit, decrypt, msg) |
1177 | + } |
1178 | + |
1179 | +-func evpSign(withKey withKeyFunc, padding C.int, saltLen int, h crypto.Hash, hashed []byte) ([]byte, error) { |
1180 | +- signtInit := func(ctx C.GO_EVP_PKEY_CTX_PTR) C.int { |
1181 | +- return C.go_openssl_EVP_PKEY_sign_init(ctx) |
1182 | ++func evpSign(withKey withKeyFunc, padding C.int, saltLen C.int, h crypto.Hash, hashed []byte) ([]byte, error) { |
1183 | ++ signtInit := func(ctx C.GO_EVP_PKEY_CTX_PTR) error { |
1184 | ++ if ret := C.go_openssl_EVP_PKEY_sign_init(ctx); ret != 1 { |
1185 | ++ return newOpenSSLError("EVP_PKEY_sign_init failed") |
1186 | ++ } |
1187 | ++ return nil |
1188 | + } |
1189 | +- sign := func(ctx C.GO_EVP_PKEY_CTX_PTR, out *C.uchar, outLen *C.size_t, in *C.uchar, inLen C.size_t) C.int { |
1190 | +- return C.go_openssl_EVP_PKEY_sign(ctx, out, outLen, in, inLen) |
1191 | ++ sign := func(ctx C.GO_EVP_PKEY_CTX_PTR, out *C.uchar, outLen *C.size_t, in *C.uchar, inLen C.size_t) error { |
1192 | ++ if ret := C.go_openssl_EVP_PKEY_sign(ctx, out, outLen, in, inLen); ret != 1 { |
1193 | ++ return newOpenSSLError("EVP_PKEY_sign failed") |
1194 | ++ } |
1195 | ++ return nil |
1196 | + } |
1197 | +- return cryptEVP(withKey, padding, nil, nil, saltLen, h, signtInit, sign, hashed) |
1198 | ++ return cryptEVP(withKey, padding, nil, nil, nil, saltLen, h, signtInit, sign, hashed) |
1199 | + } |
1200 | + |
1201 | +-func evpVerify(withKey withKeyFunc, padding C.int, saltLen int, h crypto.Hash, sig, hashed []byte) error { |
1202 | +- verifyInit := func(ctx C.GO_EVP_PKEY_CTX_PTR) C.int { |
1203 | +- return C.go_openssl_EVP_PKEY_verify_init(ctx) |
1204 | ++func evpVerify(withKey withKeyFunc, padding C.int, saltLen C.int, h crypto.Hash, sig, hashed []byte) error { |
1205 | ++ verifyInit := func(ctx C.GO_EVP_PKEY_CTX_PTR) error { |
1206 | ++ if ret := C.go_openssl_EVP_PKEY_verify_init(ctx); ret != 1 { |
1207 | ++ return newOpenSSLError("EVP_PKEY_verify_init failed") |
1208 | ++ } |
1209 | ++ return nil |
1210 | + } |
1211 | +- verify := func(ctx C.GO_EVP_PKEY_CTX_PTR, out *C.uchar, outLen C.size_t, in *C.uchar, inLen C.size_t) C.int { |
1212 | +- return C.go_openssl_EVP_PKEY_verify(ctx, out, outLen, in, inLen) |
1213 | ++ verify := func(ctx C.GO_EVP_PKEY_CTX_PTR, out *C.uchar, outLen C.size_t, in *C.uchar, inLen C.size_t) error { |
1214 | ++ if ret := C.go_openssl_EVP_PKEY_verify(ctx, out, outLen, in, inLen); ret != 1 { |
1215 | ++ return newOpenSSLError("EVP_PKEY_verify failed") |
1216 | ++ } |
1217 | ++ return nil |
1218 | + } |
1219 | + return verifyEVP(withKey, padding, nil, nil, saltLen, h, verifyInit, verify, sig, hashed) |
1220 | + } |
1221 | ++ |
1222 | ++func newEVPPKEY(key C.GO_EC_KEY_PTR) (C.GO_EVP_PKEY_PTR, error) { |
1223 | ++ pkey := C.go_openssl_EVP_PKEY_new() |
1224 | ++ if pkey == nil { |
1225 | ++ return nil, newOpenSSLError("EVP_PKEY_new failed") |
1226 | ++ } |
1227 | ++ if C.go_openssl_EVP_PKEY_assign(pkey, C.GO_EVP_PKEY_EC, (unsafe.Pointer)(key)) != 1 { |
1228 | ++ C.go_openssl_EVP_PKEY_free(pkey) |
1229 | ++ return nil, newOpenSSLError("EVP_PKEY_assign failed") |
1230 | ++ } |
1231 | ++ return pkey, nil |
1232 | ++} |
1233 | +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/goopenssl.c b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/goopenssl.c |
1234 | +index 7bbf741851..e5c3eea680 100644 |
1235 | +--- a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/goopenssl.c |
1236 | ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/goopenssl.c |
1237 | +@@ -9,6 +9,27 @@ |
1238 | + #include <dlfcn.h> |
1239 | + #include <stdio.h> |
1240 | + |
1241 | ++int |
1242 | ++go_openssl_fips_enabled(void* handle) |
1243 | ++{ |
1244 | ++ // For OpenSSL 1.x. |
1245 | ++ int (*FIPS_mode)(void); |
1246 | ++ FIPS_mode = (int (*)(void))dlsym(handle, "FIPS_mode"); |
1247 | ++ if (FIPS_mode != NULL) |
1248 | ++ return FIPS_mode(); |
1249 | ++ |
1250 | ++ // For OpenSSL 3.x. |
1251 | ++ int (*EVP_default_properties_is_fips_enabled)(void*); |
1252 | ++ int (*OSSL_PROVIDER_available)(void*, const char*); |
1253 | ++ EVP_default_properties_is_fips_enabled = (int (*)(void*))dlsym(handle, "EVP_default_properties_is_fips_enabled"); |
1254 | ++ OSSL_PROVIDER_available = (int (*)(void*, const char*))dlsym(handle, "OSSL_PROVIDER_available"); |
1255 | ++ if (EVP_default_properties_is_fips_enabled != NULL && OSSL_PROVIDER_available != NULL && |
1256 | ++ EVP_default_properties_is_fips_enabled(NULL) == 1 && OSSL_PROVIDER_available(NULL, "fips") == 1) |
1257 | ++ return 1; |
1258 | ++ |
1259 | ++ return 0; |
1260 | ++} |
1261 | ++ |
1262 | + static unsigned long |
1263 | + version_num(void* handle) |
1264 | + { |
1265 | +@@ -47,12 +68,12 @@ int |
1266 | + go_openssl_version_minor(void* handle) |
1267 | + { |
1268 | + unsigned int (*fn)(void); |
1269 | +- // OPENSSL_version_major is supported since OpenSSL 3. |
1270 | ++ // OPENSSL_version_minor is supported since OpenSSL 3. |
1271 | + fn = (unsigned int (*)(void))dlsym(handle, "OPENSSL_version_minor"); |
1272 | + if (fn != NULL) |
1273 | + return (int)fn(); |
1274 | + |
1275 | +- // If OPENSSL_version_major is not defined, try with OpenSSL 1 functions. |
1276 | ++ // If OPENSSL_version_minor is not defined, try with OpenSSL 1 functions. |
1277 | + unsigned long num = version_num(handle); |
1278 | + // OpenSSL version number follows this schema: |
1279 | + // MNNFFPPS: major minor fix patch status. |
1280 | +@@ -70,6 +91,24 @@ go_openssl_version_minor(void* handle) |
1281 | + return 0; |
1282 | + } |
1283 | + |
1284 | ++int |
1285 | ++go_openssl_version_feature(void* handle) |
1286 | ++{ |
1287 | ++ unsigned int (*fn)(void); |
1288 | ++ // OPENSSL_version_minor is supported since OpenSSL 3. |
1289 | ++ // OpenSSL 3 has feature level always set to zero |
1290 | ++ fn = (unsigned int (*)(void))dlsym(handle, "OPENSSL_version_minor"); |
1291 | ++ if (fn != NULL) |
1292 | ++ return 0; |
1293 | ++ |
1294 | ++ // If OPENSSL_version_minor is not defined, try with OpenSSL 1 functions. |
1295 | ++ unsigned long num = version_num(handle); |
1296 | ++ // OpenSSL version number follows this schema: |
1297 | ++ // MNNFFPPS: major minor feature patch status. |
1298 | ++ |
1299 | ++ return (num >> 12) & 0xff; |
1300 | ++} |
1301 | ++ |
1302 | + // Approach taken from .Net System.Security.Cryptography.Native |
1303 | + // https://github.com/dotnet/runtime/blob/f64246ce08fb7a58221b2b7c8e68f69c02522b0d/src/libraries/Native/Unix/System.Security.Cryptography.Native/opensslshim.c |
1304 | + |
1305 | +@@ -77,6 +116,7 @@ go_openssl_version_minor(void* handle) |
1306 | + #define DEFINEFUNC_LEGACY_1_0(ret, func, args, argscall) DEFINEFUNC(ret, func, args, argscall) |
1307 | + #define DEFINEFUNC_LEGACY_1(ret, func, args, argscall) DEFINEFUNC(ret, func, args, argscall) |
1308 | + #define DEFINEFUNC_1_1(ret, func, args, argscall) DEFINEFUNC(ret, func, args, argscall) |
1309 | ++#define DEFINEFUNC_1_1_1(ret, func, args, argscall) DEFINEFUNC(ret, func, args, argscall) |
1310 | + #define DEFINEFUNC_3_0(ret, func, args, argscall) DEFINEFUNC(ret, func, args, argscall) |
1311 | + #define DEFINEFUNC_RENAMED_1_1(ret, func, oldfunc, args, argscall) DEFINEFUNC(ret, func, args, argscall) |
1312 | + #define DEFINEFUNC_RENAMED_3_0(ret, func, oldfunc, args, argscall) DEFINEFUNC(ret, func, args, argscall) |
1313 | +@@ -87,6 +127,7 @@ FOR_ALL_OPENSSL_FUNCTIONS |
1314 | + #undef DEFINEFUNC_LEGACY_1_0 |
1315 | + #undef DEFINEFUNC_LEGACY_1 |
1316 | + #undef DEFINEFUNC_1_1 |
1317 | ++#undef DEFINEFUNC_1_1_1 |
1318 | + #undef DEFINEFUNC_3_0 |
1319 | + #undef DEFINEFUNC_RENAMED_1_1 |
1320 | + #undef DEFINEFUNC_RENAMED_3_0 |
1321 | +@@ -95,7 +136,7 @@ FOR_ALL_OPENSSL_FUNCTIONS |
1322 | + // and assign them to their corresponding function pointer |
1323 | + // defined in goopenssl.h. |
1324 | + void |
1325 | +-go_openssl_load_functions(void* handle, int major, int minor) |
1326 | ++go_openssl_load_functions(void* handle, int major, int minor, int feature) |
1327 | + { |
1328 | + #define DEFINEFUNC_INTERNAL(name, func) \ |
1329 | + _g_##name = dlsym(handle, func); \ |
1330 | +@@ -117,6 +158,11 @@ go_openssl_load_functions(void* handle, int major, int minor) |
1331 | + { \ |
1332 | + DEFINEFUNC_INTERNAL(func, #func) \ |
1333 | + } |
1334 | ++#define DEFINEFUNC_1_1_1(ret, func, args, argscall) \ |
1335 | ++ if (major == 3 || (major == 1 && minor == 1 && feature == 1)) \ |
1336 | ++ { \ |
1337 | ++ DEFINEFUNC_INTERNAL(func, #func) \ |
1338 | ++ } |
1339 | + #define DEFINEFUNC_3_0(ret, func, args, argscall) \ |
1340 | + if (major == 3) \ |
1341 | + { \ |
1342 | +@@ -147,6 +193,7 @@ FOR_ALL_OPENSSL_FUNCTIONS |
1343 | + #undef DEFINEFUNC_LEGACY_1_0 |
1344 | + #undef DEFINEFUNC_LEGACY_1 |
1345 | + #undef DEFINEFUNC_1_1 |
1346 | ++#undef DEFINEFUNC_1_1_1 |
1347 | + #undef DEFINEFUNC_3_0 |
1348 | + #undef DEFINEFUNC_RENAMED_1_1 |
1349 | + #undef DEFINEFUNC_RENAMED_3_0 |
1350 | +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/goopenssl.h b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/goopenssl.h |
1351 | +index 9191b512e3..2a387ccbfa 100644 |
1352 | +--- a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/goopenssl.h |
1353 | ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/goopenssl.h |
1354 | +@@ -7,10 +7,12 @@ |
1355 | + |
1356 | + #include "openssl_funcs.h" |
1357 | + |
1358 | ++int go_openssl_fips_enabled(void* handle); |
1359 | + int go_openssl_version_major(void* handle); |
1360 | + int go_openssl_version_minor(void* handle); |
1361 | ++int go_openssl_version_feature(void* handle); |
1362 | + int go_openssl_thread_setup(void); |
1363 | +-void go_openssl_load_functions(void* handle, int major, int minor); |
1364 | ++void go_openssl_load_functions(void* handle, int major, int minor, int feature); |
1365 | + |
1366 | + // Define pointers to all the used OpenSSL functions. |
1367 | + // Calling C function pointers from Go is currently not supported. |
1368 | +@@ -28,6 +30,8 @@ void go_openssl_load_functions(void* handle, int major, int minor); |
1369 | + DEFINEFUNC(ret, func, args, argscall) |
1370 | + #define DEFINEFUNC_1_1(ret, func, args, argscall) \ |
1371 | + DEFINEFUNC(ret, func, args, argscall) |
1372 | ++#define DEFINEFUNC_1_1_1(ret, func, args, argscall) \ |
1373 | ++ DEFINEFUNC(ret, func, args, argscall) |
1374 | + #define DEFINEFUNC_3_0(ret, func, args, argscall) \ |
1375 | + DEFINEFUNC(ret, func, args, argscall) |
1376 | + #define DEFINEFUNC_RENAMED_1_1(ret, func, oldfunc, args, argscall) \ |
1377 | +@@ -41,10 +45,25 @@ FOR_ALL_OPENSSL_FUNCTIONS |
1378 | + #undef DEFINEFUNC_LEGACY_1_0 |
1379 | + #undef DEFINEFUNC_LEGACY_1 |
1380 | + #undef DEFINEFUNC_1_1 |
1381 | ++#undef DEFINEFUNC_1_1_1 |
1382 | + #undef DEFINEFUNC_3_0 |
1383 | + #undef DEFINEFUNC_RENAMED_1_1 |
1384 | + #undef DEFINEFUNC_RENAMED_3_0 |
1385 | + |
1386 | ++// go_shaX is a SHA generic wrapper which hash p into out. |
1387 | ++// One shot sha functions are expected to be fast, so |
1388 | ++// we maximize performance by batching all cgo calls. |
1389 | ++static inline int |
1390 | ++go_shaX(GO_EVP_MD_PTR md, void *p, size_t n, void *out) |
1391 | ++{ |
1392 | ++ GO_EVP_MD_CTX_PTR ctx = go_openssl_EVP_MD_CTX_new(); |
1393 | ++ go_openssl_EVP_DigestInit_ex(ctx, md, NULL); |
1394 | ++ int ret = go_openssl_EVP_DigestUpdate(ctx, p, n) && |
1395 | ++ go_openssl_EVP_DigestFinal_ex(ctx, out, NULL); |
1396 | ++ go_openssl_EVP_MD_CTX_free(ctx); |
1397 | ++ return ret; |
1398 | ++} |
1399 | ++ |
1400 | + // These wrappers allocate out_len on the C stack to avoid having to pass a pointer from Go, which would escape to the heap. |
1401 | + // Use them only in situations where the output length can be safely discarded. |
1402 | + static inline int |
1403 | +@@ -130,4 +149,4 @@ go_openssl_EVP_CIPHER_CTX_open_wrapper(const GO_EVP_CIPHER_CTX_PTR ctx, |
1404 | + return 0; |
1405 | + |
1406 | + return 1; |
1407 | +-}; |
1408 | +\ No newline at end of file |
1409 | ++}; |
1410 | +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hmac.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hmac.go |
1411 | +index 80f320b041..bb7c87fa48 100644 |
1412 | +--- a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hmac.go |
1413 | ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hmac.go |
1414 | +@@ -14,6 +14,11 @@ import ( |
1415 | + "unsafe" |
1416 | + ) |
1417 | + |
1418 | ++var ( |
1419 | ++ paramAlgHMAC = C.CString("HMAC") |
1420 | ++ paramDigest = C.CString("digest") |
1421 | ++) |
1422 | ++ |
1423 | + // NewHMAC returns a new HMAC using OpenSSL. |
1424 | + // The function h must return a hash implemented by |
1425 | + // OpenSSL (for example, h could be openssl.NewSHA256). |
1426 | +@@ -38,19 +43,19 @@ func NewHMAC(h func() hash.Hash, key []byte) hash.Hash { |
1427 | + // we pass an "empty" key. |
1428 | + hkey = make([]byte, C.GO_EVP_MAX_MD_SIZE) |
1429 | + } |
1430 | +- hmac := &opensslHMAC{ |
1431 | +- md: md, |
1432 | +- size: ch.Size(), |
1433 | +- blockSize: ch.BlockSize(), |
1434 | +- key: hkey, |
1435 | +- ctx: hmacCtxNew(), |
1436 | ++ switch vMajor { |
1437 | ++ case 1: |
1438 | ++ return newHMAC1(hkey, ch, md) |
1439 | ++ case 3: |
1440 | ++ return newHMAC3(hkey, ch, md) |
1441 | ++ default: |
1442 | ++ panic(errUnsuportedVersion()) |
1443 | + } |
1444 | +- runtime.SetFinalizer(hmac, (*opensslHMAC).finalize) |
1445 | +- hmac.Reset() |
1446 | +- return hmac |
1447 | + } |
1448 | + |
1449 | +-type opensslHMAC struct { |
1450 | ++// hmac1 implements hash.Hash |
1451 | ++// using functions available in OpenSSL 1. |
1452 | ++type hmac1 struct { |
1453 | + md C.GO_EVP_MD_PTR |
1454 | + ctx C.GO_HMAC_CTX_PTR |
1455 | + size int |
1456 | +@@ -59,8 +64,21 @@ type opensslHMAC struct { |
1457 | + sum []byte |
1458 | + } |
1459 | + |
1460 | +-func (h *opensslHMAC) Reset() { |
1461 | +- hmacCtxReset(h.ctx) |
1462 | ++func newHMAC1(key []byte, h hash.Hash, md C.GO_EVP_MD_PTR) *hmac1 { |
1463 | ++ hmac := &hmac1{ |
1464 | ++ md: md, |
1465 | ++ size: h.Size(), |
1466 | ++ blockSize: h.BlockSize(), |
1467 | ++ key: key, |
1468 | ++ ctx: hmac1CtxNew(), |
1469 | ++ } |
1470 | ++ runtime.SetFinalizer(hmac, (*hmac1).finalize) |
1471 | ++ hmac.Reset() |
1472 | ++ return hmac |
1473 | ++} |
1474 | ++ |
1475 | ++func (h *hmac1) Reset() { |
1476 | ++ hmac1CtxReset(h.ctx) |
1477 | + |
1478 | + if C.go_openssl_HMAC_Init_ex(h.ctx, unsafe.Pointer(&h.key[0]), C.int(len(h.key)), h.md, nil) == 0 { |
1479 | + panic("openssl: HMAC_Init failed") |
1480 | +@@ -73,11 +91,11 @@ func (h *opensslHMAC) Reset() { |
1481 | + h.sum = nil |
1482 | + } |
1483 | + |
1484 | +-func (h *opensslHMAC) finalize() { |
1485 | +- hmacCtxFree(h.ctx) |
1486 | ++func (h *hmac1) finalize() { |
1487 | ++ hmac1CtxFree(h.ctx) |
1488 | + } |
1489 | + |
1490 | +-func (h *opensslHMAC) Write(p []byte) (int, error) { |
1491 | ++func (h *hmac1) Write(p []byte) (int, error) { |
1492 | + if len(p) > 0 { |
1493 | + C.go_openssl_HMAC_Update(h.ctx, base(p), C.size_t(len(p))) |
1494 | + } |
1495 | +@@ -85,15 +103,15 @@ func (h *opensslHMAC) Write(p []byte) (int, error) { |
1496 | + return len(p), nil |
1497 | + } |
1498 | + |
1499 | +-func (h *opensslHMAC) Size() int { |
1500 | ++func (h *hmac1) Size() int { |
1501 | + return h.size |
1502 | + } |
1503 | + |
1504 | +-func (h *opensslHMAC) BlockSize() int { |
1505 | ++func (h *hmac1) BlockSize() int { |
1506 | + return h.blockSize |
1507 | + } |
1508 | + |
1509 | +-func (h *opensslHMAC) Sum(in []byte) []byte { |
1510 | ++func (h *hmac1) Sum(in []byte) []byte { |
1511 | + if h.sum == nil { |
1512 | + size := h.Size() |
1513 | + h.sum = make([]byte, size) |
1514 | +@@ -102,8 +120,8 @@ func (h *opensslHMAC) Sum(in []byte) []byte { |
1515 | + // that Sum has no effect on the underlying stream. |
1516 | + // In particular it is OK to Sum, then Write more, then Sum again, |
1517 | + // and the second Sum acts as if the first didn't happen. |
1518 | +- ctx2 := hmacCtxNew() |
1519 | +- defer hmacCtxFree(ctx2) |
1520 | ++ ctx2 := hmac1CtxNew() |
1521 | ++ defer hmac1CtxFree(ctx2) |
1522 | + if C.go_openssl_HMAC_CTX_copy(ctx2, h.ctx) == 0 { |
1523 | + panic("openssl: HMAC_CTX_copy failed") |
1524 | + } |
1525 | +@@ -111,7 +129,7 @@ func (h *opensslHMAC) Sum(in []byte) []byte { |
1526 | + return append(in, h.sum...) |
1527 | + } |
1528 | + |
1529 | +-func hmacCtxNew() C.GO_HMAC_CTX_PTR { |
1530 | ++func hmac1CtxNew() C.GO_HMAC_CTX_PTR { |
1531 | + if vMajor == 1 && vMinor == 0 { |
1532 | + // 0x120 is the sizeof value when building against OpenSSL 1.0.2 on Ubuntu 16.04. |
1533 | + ctx := (C.GO_HMAC_CTX_PTR)(C.malloc(0x120)) |
1534 | +@@ -123,7 +141,7 @@ func hmacCtxNew() C.GO_HMAC_CTX_PTR { |
1535 | + return C.go_openssl_HMAC_CTX_new() |
1536 | + } |
1537 | + |
1538 | +-func hmacCtxReset(ctx C.GO_HMAC_CTX_PTR) { |
1539 | ++func hmac1CtxReset(ctx C.GO_HMAC_CTX_PTR) { |
1540 | + if ctx == nil { |
1541 | + return |
1542 | + } |
1543 | +@@ -135,7 +153,7 @@ func hmacCtxReset(ctx C.GO_HMAC_CTX_PTR) { |
1544 | + C.go_openssl_HMAC_CTX_reset(ctx) |
1545 | + } |
1546 | + |
1547 | +-func hmacCtxFree(ctx C.GO_HMAC_CTX_PTR) { |
1548 | ++func hmac1CtxFree(ctx C.GO_HMAC_CTX_PTR) { |
1549 | + if ctx == nil { |
1550 | + return |
1551 | + } |
1552 | +@@ -146,3 +164,89 @@ func hmacCtxFree(ctx C.GO_HMAC_CTX_PTR) { |
1553 | + } |
1554 | + C.go_openssl_HMAC_CTX_free(ctx) |
1555 | + } |
1556 | ++ |
1557 | ++// hmac3 implements hash.Hash |
1558 | ++// using functions available in OpenSSL 3. |
1559 | ++type hmac3 struct { |
1560 | ++ md C.GO_EVP_MAC_PTR |
1561 | ++ ctx C.GO_EVP_MAC_CTX_PTR |
1562 | ++ params [2]C.OSSL_PARAM |
1563 | ++ size int |
1564 | ++ blockSize int |
1565 | ++ key []byte |
1566 | ++ sum []byte |
1567 | ++} |
1568 | ++ |
1569 | ++func newHMAC3(key []byte, h hash.Hash, md C.GO_EVP_MD_PTR) *hmac3 { |
1570 | ++ mac := C.go_openssl_EVP_MAC_fetch(nil, paramAlgHMAC, nil) |
1571 | ++ ctx := C.go_openssl_EVP_MAC_CTX_new(mac) |
1572 | ++ if ctx == nil { |
1573 | ++ panic("openssl: EVP_MAC_CTX_new failed") |
1574 | ++ } |
1575 | ++ digest := C.go_openssl_EVP_MD_get0_name(md) |
1576 | ++ params := [2]C.OSSL_PARAM{ |
1577 | ++ C.go_openssl_OSSL_PARAM_construct_utf8_string(paramDigest, digest, 0), |
1578 | ++ C.go_openssl_OSSL_PARAM_construct_end(), |
1579 | ++ } |
1580 | ++ hmac := &hmac3{ |
1581 | ++ md: mac, |
1582 | ++ ctx: ctx, |
1583 | ++ params: params, |
1584 | ++ size: h.Size(), |
1585 | ++ blockSize: h.BlockSize(), |
1586 | ++ key: key, |
1587 | ++ } |
1588 | ++ runtime.SetFinalizer(hmac, (*hmac3).finalize) |
1589 | ++ hmac.Reset() |
1590 | ++ return hmac |
1591 | ++} |
1592 | ++ |
1593 | ++func (h *hmac3) Reset() { |
1594 | ++ if C.go_openssl_EVP_MAC_init(h.ctx, base(h.key), C.size_t(len(h.key)), &h.params[0]) == 0 { |
1595 | ++ panic(newOpenSSLError("EVP_MAC_init failed")) |
1596 | ++ } |
1597 | ++ runtime.KeepAlive(h) // Next line will keep h alive too; just making doubly sure. |
1598 | ++ h.sum = nil |
1599 | ++} |
1600 | ++ |
1601 | ++func (h *hmac3) finalize() { |
1602 | ++ C.go_openssl_EVP_MAC_free(h.md) |
1603 | ++ if h.ctx == nil { |
1604 | ++ return |
1605 | ++ } |
1606 | ++ C.go_openssl_EVP_MAC_CTX_free(h.ctx) |
1607 | ++} |
1608 | ++ |
1609 | ++func (h *hmac3) Write(p []byte) (int, error) { |
1610 | ++ if len(p) > 0 { |
1611 | ++ C.go_openssl_EVP_MAC_update(h.ctx, base(p), C.size_t(len(p))) |
1612 | ++ } |
1613 | ++ runtime.KeepAlive(h) |
1614 | ++ return len(p), nil |
1615 | ++} |
1616 | ++ |
1617 | ++func (h *hmac3) Size() int { |
1618 | ++ return h.size |
1619 | ++} |
1620 | ++ |
1621 | ++func (h *hmac3) BlockSize() int { |
1622 | ++ return h.blockSize |
1623 | ++} |
1624 | ++ |
1625 | ++func (h *hmac3) Sum(in []byte) []byte { |
1626 | ++ if h.sum == nil { |
1627 | ++ size := h.Size() |
1628 | ++ h.sum = make([]byte, size) |
1629 | ++ } |
1630 | ++ // Make copy of context because Go hash.Hash mandates |
1631 | ++ // that Sum has no effect on the underlying stream. |
1632 | ++ // In particular it is OK to Sum, then Write more, then Sum again, |
1633 | ++ // and the second Sum acts as if the first didn't happen. |
1634 | ++ ctx2 := C.go_openssl_EVP_MAC_CTX_dup(h.ctx) |
1635 | ++ if ctx2 == nil { |
1636 | ++ panic("openssl: EVP_MAC_CTX_dup failed") |
1637 | ++ } |
1638 | ++ defer C.go_openssl_EVP_MAC_CTX_free(ctx2) |
1639 | ++ C.go_openssl_EVP_MAC_final(ctx2, base(h.sum), nil, C.size_t(len(h.sum))) |
1640 | ++ return append(in, h.sum...) |
1641 | ++} |
1642 | +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/openssl.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/openssl.go |
1643 | +index 2c354e1df0..b360a9f9bc 100644 |
1644 | +--- a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/openssl.go |
1645 | ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/openssl.go |
1646 | +@@ -13,7 +13,7 @@ package openssl |
1647 | + import "C" |
1648 | + import ( |
1649 | + "errors" |
1650 | +- "math/big" |
1651 | ++ "math/bits" |
1652 | + "strconv" |
1653 | + "strings" |
1654 | + "sync" |
1655 | +@@ -24,18 +24,16 @@ import ( |
1656 | + var ( |
1657 | + providerNameFips = C.CString("fips") |
1658 | + providerNameDefault = C.CString("default") |
1659 | +- propFipsYes = C.CString("fips=yes") |
1660 | +- propFipsNo = C.CString("fips=no") |
1661 | +- algProve = C.CString("SHA2-256") |
1662 | + ) |
1663 | + |
1664 | + var ( |
1665 | + initOnce sync.Once |
1666 | + // errInit is set when first calling Init(). |
1667 | + errInit error |
1668 | +- // vMajor and vMinor hold the major/minor OpenSSL version. |
1669 | +- // It is only populated if Init has been called. |
1670 | +- vMajor, vMinor int |
1671 | ++ // vMajor, vMinor and vFeature hold the major/minor/feature |
1672 | ++ // OpenSSL version. It is only populated if Init has been |
1673 | ++ // called. |
1674 | ++ vMajor, vMinor, vFeature int |
1675 | + ) |
1676 | + |
1677 | + // knownVersions is a list of supported and well-known libcrypto.so suffixes in decreasing version order. |
1678 | +@@ -49,7 +47,7 @@ var ( |
1679 | + var knownVersions = [...]string{"3", "1.1", "11", "111", "1.0.2", "1.0.0", "10"} |
1680 | + |
1681 | + func errUnsuportedVersion() error { |
1682 | +- return errors.New("openssl: OpenSSL version: " + strconv.Itoa(vMajor) + "." + strconv.Itoa(vMinor)) |
1683 | ++ return errors.New("openssl: OpenSSL version: " + strconv.Itoa(vMajor) + "." + strconv.Itoa(vMinor) + "." + strconv.Itoa(vFeature)) |
1684 | + } |
1685 | + |
1686 | + // Init loads and initializes OpenSSL. |
1687 | +@@ -74,7 +72,8 @@ func Init() error { |
1688 | + |
1689 | + vMajor = int(C.go_openssl_version_major(handle)) |
1690 | + vMinor = int(C.go_openssl_version_minor(handle)) |
1691 | +- if vMajor == -1 || vMinor == -1 { |
1692 | ++ vFeature = int(C.go_openssl_version_feature(handle)) |
1693 | ++ if vMajor == -1 || vMinor == -1 || vFeature == -1 { |
1694 | + errInit = errors.New("openssl: can't retrieve OpenSSL version") |
1695 | + return |
1696 | + } |
1697 | +@@ -90,7 +89,7 @@ func Init() error { |
1698 | + return |
1699 | + } |
1700 | + |
1701 | +- C.go_openssl_load_functions(handle, C.int(vMajor), C.int(vMinor)) |
1702 | ++ C.go_openssl_load_functions(handle, C.int(vMajor), C.int(vMinor), C.int(vFeature)) |
1703 | + C.go_openssl_OPENSSL_init() |
1704 | + if vMajor == 1 && vMinor == 0 { |
1705 | + if C.go_openssl_thread_setup() != 1 { |
1706 | +@@ -126,26 +125,33 @@ func loadLibrary(version string) (unsafe.Pointer, error) { |
1707 | + } |
1708 | + return handle, nil |
1709 | + } |
1710 | ++ var fallbackHandle unsafe.Pointer |
1711 | + for _, v := range knownVersions { |
1712 | + handle := dlopen(v) |
1713 | +- if handle != nil { |
1714 | ++ if handle == nil { |
1715 | ++ continue |
1716 | ++ } |
1717 | ++ if C.go_openssl_fips_enabled(handle) == 1 { |
1718 | ++ // Found a FIPS enabled version, use it. |
1719 | ++ if fallbackHandle != nil { |
1720 | ++ // If we found a FIPS enabled version but we already have a fallback |
1721 | ++ // version, close the fallback version. |
1722 | ++ C.dlclose(fallbackHandle) |
1723 | ++ } |
1724 | + return handle, nil |
1725 | + } |
1726 | ++ if fallbackHandle == nil { |
1727 | ++ // Remember the first version that exists but is not FIPS enabled |
1728 | ++ // in case we don't find any FIPS enabled version. |
1729 | ++ fallbackHandle = handle |
1730 | ++ } else { |
1731 | ++ C.dlclose(handle) |
1732 | ++ } |
1733 | + } |
1734 | +- return nil, errors.New("openssl: can't load libcrypto.so using any known version suffix") |
1735 | +-} |
1736 | +- |
1737 | +-// providerAvailable looks through provider's digests |
1738 | +-// checking if there is any that matches the props query. |
1739 | +-func providerAvailable(props *C.char) bool { |
1740 | +- C.go_openssl_ERR_set_mark() |
1741 | +- md := C.go_openssl_EVP_MD_fetch(nil, algProve, props) |
1742 | +- C.go_openssl_ERR_pop_to_mark() |
1743 | +- if md == nil { |
1744 | +- return false |
1745 | ++ if fallbackHandle != nil { |
1746 | ++ return fallbackHandle, nil |
1747 | + } |
1748 | +- C.go_openssl_EVP_MD_free(md) |
1749 | +- return true |
1750 | ++ return nil, errors.New("openssl: can't load libcrypto.so using any known version suffix") |
1751 | + } |
1752 | + |
1753 | + // FIPS returns true if OpenSSL is running in FIPS mode, else returns false. |
1754 | +@@ -159,7 +165,7 @@ func FIPS() bool { |
1755 | + } |
1756 | + // EVP_default_properties_is_fips_enabled can return true even if the FIPS provider isn't loaded, |
1757 | + // it is only based on the default properties. |
1758 | +- return providerAvailable(propFipsYes) |
1759 | ++ return C.go_openssl_OSSL_PROVIDER_available(nil, providerNameFips) == 1 |
1760 | + default: |
1761 | + panic(errUnsuportedVersion()) |
1762 | + } |
1763 | +@@ -167,45 +173,41 @@ func FIPS() bool { |
1764 | + |
1765 | + // SetFIPS enables or disables FIPS mode. |
1766 | + // |
1767 | +-// It implements the following provider fallback logic for OpenSSL 3: |
1768 | +-// - The "fips" provider is loaded if enabled=true and no loaded provider matches "fips=yes". |
1769 | +-// - The "default" provider is loaded if enabled=false and no loaded provider matches "fips=no". |
1770 | +-// This logic allows advanced users to define their own providers that match "fips=yes" and "fips=no" using the OpenSSL config file. |
1771 | ++// On OpenSSL 3, the `fips` provider is loaded if enabled is true, |
1772 | ++// else the `default` provider is loaded. |
1773 | + func SetFIPS(enabled bool) error { |
1774 | ++ var mode C.int |
1775 | ++ if enabled { |
1776 | ++ mode = C.int(1) |
1777 | ++ } else { |
1778 | ++ mode = C.int(0) |
1779 | ++ } |
1780 | + switch vMajor { |
1781 | + case 1: |
1782 | +- var mode C.int |
1783 | +- if enabled { |
1784 | +- mode = C.int(1) |
1785 | +- } else { |
1786 | +- mode = C.int(0) |
1787 | +- } |
1788 | + if C.go_openssl_FIPS_mode_set(mode) != 1 { |
1789 | + return newOpenSSLError("openssl: FIPS_mode_set") |
1790 | + } |
1791 | + return nil |
1792 | + case 3: |
1793 | +- var props, provName *C.char |
1794 | ++ var provName *C.char |
1795 | + if enabled { |
1796 | +- props = propFipsYes |
1797 | + provName = providerNameFips |
1798 | + } else { |
1799 | +- props = propFipsNo |
1800 | + provName = providerNameDefault |
1801 | + } |
1802 | +- // Check if there is any provider that matches props. |
1803 | +- if !providerAvailable(props) { |
1804 | ++ // Check if provName is not loaded. |
1805 | ++ if C.go_openssl_OSSL_PROVIDER_available(nil, provName) == 0 { |
1806 | + // If not, fallback to provName provider. |
1807 | + if C.go_openssl_OSSL_PROVIDER_load(nil, provName) == nil { |
1808 | +- return newOpenSSLError("openssl: OSSL_PROVIDER_try_load") |
1809 | ++ return newOpenSSLError("openssl: OSSL_PROVIDER_load") |
1810 | + } |
1811 | + // Make sure we now have a provider available. |
1812 | +- if !providerAvailable(props) { |
1813 | ++ if C.go_openssl_OSSL_PROVIDER_available(nil, provName) == 0 { |
1814 | + return fail("SetFIPS(" + strconv.FormatBool(enabled) + ") not supported") |
1815 | + } |
1816 | + } |
1817 | +- if C.go_openssl_EVP_set_default_properties(nil, props) != 1 { |
1818 | +- return newOpenSSLError("openssl: EVP_set_default_properties") |
1819 | ++ if C.go_openssl_EVP_default_properties_enable_fips(nil, mode) != 1 { |
1820 | ++ return newOpenSSLError("openssl: EVP_default_properties_enable_fips") |
1821 | + } |
1822 | + return nil |
1823 | + default: |
1824 | +@@ -242,19 +244,62 @@ type fail string |
1825 | + |
1826 | + func (e fail) Error() string { return "openssl: " + string(e) + " failed" } |
1827 | + |
1828 | +-func bigToBN(x *big.Int) C.GO_BIGNUM_PTR { |
1829 | +- if x == nil { |
1830 | ++const wordBytes = bits.UintSize / 8 |
1831 | ++ |
1832 | ++func wbase(b BigInt) *C.uchar { |
1833 | ++ if len(b) == 0 { |
1834 | + return nil |
1835 | + } |
1836 | +- raw := x.Bytes() |
1837 | +- return C.go_openssl_BN_bin2bn(base(raw), C.int(len(raw)), nil) |
1838 | ++ return (*C.uchar)(unsafe.Pointer(&b[0])) |
1839 | + } |
1840 | + |
1841 | +-func bnToBig(bn C.GO_BIGNUM_PTR) *big.Int { |
1842 | ++func bytesToBN(x []byte) C.GO_BIGNUM_PTR { |
1843 | ++ if len(x) == 0 { |
1844 | ++ return nil |
1845 | ++ } |
1846 | ++ return C.go_openssl_BN_bin2bn(base(x), C.int(len(x)), nil) |
1847 | ++} |
1848 | ++ |
1849 | ++func bigToBN(x BigInt) C.GO_BIGNUM_PTR { |
1850 | ++ if len(x) == 0 { |
1851 | ++ return nil |
1852 | ++ } |
1853 | ++ return C.go_openssl_BN_lebin2bn(wbase(x), C.int(len(x)*wordBytes), nil) |
1854 | ++} |
1855 | ++ |
1856 | ++func bnToBig(bn C.GO_BIGNUM_PTR) BigInt { |
1857 | + if bn == nil { |
1858 | + return nil |
1859 | + } |
1860 | +- raw := make([]byte, (C.go_openssl_BN_num_bits(bn)+7)/8) |
1861 | +- n := C.go_openssl_BN_bn2bin(bn, base(raw)) |
1862 | +- return new(big.Int).SetBytes(raw[:n]) |
1863 | ++ x := make(BigInt, C.go_openssl_BN_num_bits(bn)) |
1864 | ++ if C.go_openssl_BN_bn2lebinpad(bn, wbase(x), C.int(len(x)*wordBytes)) == 0 { |
1865 | ++ panic("openssl: bignum conversion failed") |
1866 | ++ } |
1867 | ++ return x |
1868 | ++} |
1869 | ++ |
1870 | ++// noescape hides a pointer from escape analysis. noescape is |
1871 | ++// the identity function but escape analysis doesn't think the |
1872 | ++// output depends on the input. noescape is inlined and currently |
1873 | ++// compiles down to zero instructions. |
1874 | ++// USE CAREFULLY! |
1875 | ++// |
1876 | ++//go:nosplit |
1877 | ++func noescape(p unsafe.Pointer) unsafe.Pointer { |
1878 | ++ x := uintptr(p) |
1879 | ++ return unsafe.Pointer(x ^ 0) |
1880 | ++} |
1881 | ++ |
1882 | ++var zero byte |
1883 | ++ |
1884 | ++// addr converts p to its base addr, including a noescape along the way. |
1885 | ++// If p is nil, addr returns a non-nil pointer, so that the result can always |
1886 | ++// be dereferenced. |
1887 | ++// |
1888 | ++//go:nosplit |
1889 | ++func addr(p []byte) *byte { |
1890 | ++ if len(p) == 0 { |
1891 | ++ return &zero |
1892 | ++ } |
1893 | ++ return (*byte)(noescape(unsafe.Pointer(&p[0]))) |
1894 | + } |
1895 | +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/openssl_funcs.h b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/openssl_funcs.h |
1896 | +index 95024cf8ec..cbc2d880c2 100644 |
1897 | +--- a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/openssl_funcs.h |
1898 | ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/openssl_funcs.h |
1899 | +@@ -38,9 +38,13 @@ enum { |
1900 | + |
1901 | + // #include <openssl/ec.h> |
1902 | + enum { |
1903 | +- GO_EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID = 0x1001 |
1904 | ++ GO_EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID = 0x1001, |
1905 | + }; |
1906 | + |
1907 | ++typedef enum { |
1908 | ++ GO_POINT_CONVERSION_UNCOMPRESSED = 4, |
1909 | ++} point_conversion_form_t; |
1910 | ++ |
1911 | + // #include <openssl/obj_mac.h> |
1912 | + enum { |
1913 | + GO_NID_X9_62_prime256v1 = 415, |
1914 | +@@ -55,9 +59,14 @@ enum { |
1915 | + GO_RSA_NO_PADDING = 3, |
1916 | + GO_RSA_PKCS1_OAEP_PADDING = 4, |
1917 | + GO_RSA_PKCS1_PSS_PADDING = 6, |
1918 | ++ GO_RSA_PSS_SALTLEN_DIGEST = -1, |
1919 | ++ GO_RSA_PSS_SALTLEN_AUTO = -2, |
1920 | ++ GO_RSA_PSS_SALTLEN_MAX_SIGN = -2, |
1921 | ++ GO_RSA_PSS_SALTLEN_MAX = -3, |
1922 | + GO_EVP_PKEY_CTRL_RSA_PADDING = 0x1001, |
1923 | + GO_EVP_PKEY_CTRL_RSA_PSS_SALTLEN = 0x1002, |
1924 | + GO_EVP_PKEY_CTRL_RSA_KEYGEN_BITS = 0x1003, |
1925 | ++ GO_EVP_PKEY_CTRL_RSA_MGF1_MD = 0x1005, |
1926 | + GO_EVP_PKEY_CTRL_RSA_OAEP_MD = 0x1009, |
1927 | + GO_EVP_PKEY_CTRL_RSA_OAEP_LABEL = 0x100A |
1928 | + }; |
1929 | +@@ -79,6 +88,21 @@ typedef void* GO_EC_KEY_PTR; |
1930 | + typedef void* GO_EC_POINT_PTR; |
1931 | + typedef void* GO_EC_GROUP_PTR; |
1932 | + typedef void* GO_RSA_PTR; |
1933 | ++typedef void* GO_EVP_MAC_PTR; |
1934 | ++typedef void* GO_EVP_MAC_CTX_PTR; |
1935 | ++ |
1936 | ++// OSSL_PARAM does not follow the GO_FOO_PTR pattern |
1937 | ++// because it is not passed around as a pointer but on the stack. |
1938 | ++// We can't abstract it away by using a void*. |
1939 | ++// Copied from |
1940 | ++// https://github.com/openssl/openssl/blob/fcae2ae4f675def607d338b7945b9af1dd9bb746/include/openssl/core.h#L82-L88. |
1941 | ++typedef struct { |
1942 | ++ const char *key; |
1943 | ++ unsigned int data_type; |
1944 | ++ void *data; |
1945 | ++ size_t data_size; |
1946 | ++ size_t return_size; |
1947 | ++} OSSL_PARAM; |
1948 | + |
1949 | + // List of all functions from the libcrypto that are used in this package. |
1950 | + // Forgetting to add a function here results in build failure with message reporting the function |
1951 | +@@ -126,8 +150,6 @@ typedef void* GO_RSA_PTR; |
1952 | + // #include <openssl/provider.h> |
1953 | + // #endif |
1954 | + #define FOR_ALL_OPENSSL_FUNCTIONS \ |
1955 | +-DEFINEFUNC(int, ERR_set_mark, (void), ()) \ |
1956 | +-DEFINEFUNC(int, ERR_pop_to_mark, (void), ()) \ |
1957 | + DEFINEFUNC(unsigned long, ERR_get_error, (void), ()) \ |
1958 | + DEFINEFUNC(void, ERR_error_string_n, (unsigned long e, char *buf, size_t len), (e, buf, len)) \ |
1959 | + DEFINEFUNC_RENAMED_1_1(const char *, OpenSSL_version, SSLeay_version, (int type), (type)) \ |
1960 | +@@ -141,25 +163,32 @@ DEFINEFUNC_1_1(int, OPENSSL_init_crypto, (uint64_t ops, const GO_OPENSSL_INIT_SE |
1961 | + DEFINEFUNC_LEGACY_1(int, FIPS_mode, (void), ()) \ |
1962 | + DEFINEFUNC_LEGACY_1(int, FIPS_mode_set, (int r), (r)) \ |
1963 | + DEFINEFUNC_3_0(int, EVP_default_properties_is_fips_enabled, (GO_OSSL_LIB_CTX_PTR libctx), (libctx)) \ |
1964 | +-DEFINEFUNC_3_0(int, EVP_set_default_properties, (GO_OSSL_LIB_CTX_PTR libctx, const char *propq), (libctx, propq)) \ |
1965 | ++DEFINEFUNC_3_0(int, EVP_default_properties_enable_fips, (GO_OSSL_LIB_CTX_PTR libctx, int enable), (libctx, enable)) \ |
1966 | + DEFINEFUNC_3_0(GO_OSSL_PROVIDER_PTR, OSSL_PROVIDER_load, (GO_OSSL_LIB_CTX_PTR libctx, const char *name), (libctx, name)) \ |
1967 | ++DEFINEFUNC_3_0(int, OSSL_PROVIDER_available, (GO_OSSL_LIB_CTX_PTR libctx, const char *name), (libctx, name)) \ |
1968 | + DEFINEFUNC(int, RAND_bytes, (unsigned char* arg0, int arg1), (arg0, arg1)) \ |
1969 | ++DEFINEFUNC(int, EVP_DigestInit, (GO_EVP_MD_CTX_PTR ctx, const GO_EVP_MD_PTR type), (ctx, type)) \ |
1970 | + DEFINEFUNC(int, EVP_DigestInit_ex, (GO_EVP_MD_CTX_PTR ctx, const GO_EVP_MD_PTR type, GO_ENGINE_PTR impl), (ctx, type, impl)) \ |
1971 | + DEFINEFUNC(int, EVP_DigestUpdate, (GO_EVP_MD_CTX_PTR ctx, const void *d, size_t cnt), (ctx, d, cnt)) \ |
1972 | + DEFINEFUNC(int, EVP_DigestFinal_ex, (GO_EVP_MD_CTX_PTR ctx, unsigned char *md, unsigned int *s), (ctx, md, s)) \ |
1973 | ++DEFINEFUNC(int, EVP_DigestFinal, (GO_EVP_MD_CTX_PTR ctx, unsigned char *md, unsigned int *s), (ctx, md, s)) \ |
1974 | + DEFINEFUNC_RENAMED_1_1(GO_EVP_MD_CTX_PTR, EVP_MD_CTX_new, EVP_MD_CTX_create, (), ()) \ |
1975 | + DEFINEFUNC_RENAMED_1_1(void, EVP_MD_CTX_free, EVP_MD_CTX_destroy, (GO_EVP_MD_CTX_PTR ctx), (ctx)) \ |
1976 | + DEFINEFUNC(int, EVP_MD_CTX_copy_ex, (GO_EVP_MD_CTX_PTR out, const GO_EVP_MD_CTX_PTR in), (out, in)) \ |
1977 | ++DEFINEFUNC(int, EVP_MD_CTX_copy, (GO_EVP_MD_CTX_PTR out, const GO_EVP_MD_CTX_PTR in), (out, in)) \ |
1978 | + DEFINEFUNC_RENAMED_1_1(int, EVP_MD_CTX_reset, EVP_MD_CTX_cleanup, (GO_EVP_MD_CTX_PTR ctx), (ctx)) \ |
1979 | ++DEFINEFUNC_3_0(const char *, EVP_MD_get0_name, (const GO_EVP_MD_PTR md), (md)) \ |
1980 | + DEFINEFUNC(const GO_EVP_MD_PTR, EVP_md5, (void), ()) \ |
1981 | + DEFINEFUNC(const GO_EVP_MD_PTR, EVP_sha1, (void), ()) \ |
1982 | + DEFINEFUNC(const GO_EVP_MD_PTR, EVP_sha224, (void), ()) \ |
1983 | + DEFINEFUNC(const GO_EVP_MD_PTR, EVP_sha256, (void), ()) \ |
1984 | + DEFINEFUNC(const GO_EVP_MD_PTR, EVP_sha384, (void), ()) \ |
1985 | + DEFINEFUNC(const GO_EVP_MD_PTR, EVP_sha512, (void), ()) \ |
1986 | ++DEFINEFUNC_1_1_1(const GO_EVP_MD_PTR, EVP_sha3_224, (void), ()) \ |
1987 | ++DEFINEFUNC_1_1_1(const GO_EVP_MD_PTR, EVP_sha3_256, (void), ()) \ |
1988 | ++DEFINEFUNC_1_1_1(const GO_EVP_MD_PTR, EVP_sha3_384, (void), ()) \ |
1989 | ++DEFINEFUNC_1_1_1(const GO_EVP_MD_PTR, EVP_sha3_512, (void), ()) \ |
1990 | + DEFINEFUNC_1_1(const GO_EVP_MD_PTR, EVP_md5_sha1, (void), ()) \ |
1991 | +-DEFINEFUNC_3_0(GO_EVP_MD_PTR, EVP_MD_fetch, (GO_OSSL_LIB_CTX_PTR ctx, const char *algorithm, const char *properties), (ctx, algorithm, properties)) \ |
1992 | +-DEFINEFUNC_3_0(void, EVP_MD_free, (GO_EVP_MD_PTR md), (md)) \ |
1993 | + DEFINEFUNC_RENAMED_3_0(int, EVP_MD_get_size, EVP_MD_size, (const GO_EVP_MD_PTR arg0), (arg0)) \ |
1994 | + DEFINEFUNC_LEGACY_1_0(void, HMAC_CTX_init, (GO_HMAC_CTX_PTR arg0), (arg0)) \ |
1995 | + DEFINEFUNC_LEGACY_1_0(void, HMAC_CTX_cleanup, (GO_HMAC_CTX_PTR arg0), (arg0)) \ |
1996 | +@@ -180,15 +209,24 @@ DEFINEFUNC(void, BN_clear_free, (GO_BIGNUM_PTR arg0), (arg0)) \ |
1997 | + DEFINEFUNC(int, BN_num_bits, (const GO_BIGNUM_PTR arg0), (arg0)) \ |
1998 | + DEFINEFUNC(GO_BIGNUM_PTR, BN_bin2bn, (const unsigned char *arg0, int arg1, GO_BIGNUM_PTR arg2), (arg0, arg1, arg2)) \ |
1999 | + DEFINEFUNC(int, BN_bn2bin, (const GO_BIGNUM_PTR arg0, unsigned char *arg1), (arg0, arg1)) \ |
2000 | ++/* bn_lebin2bn, bn_bn2lebinpad and BN_bn2binpad are not exported in any OpenSSL 1.0.2, but they exist. */ \ |
2001 | ++/*check:from=1.1.0*/ DEFINEFUNC_RENAMED_1_1(GO_BIGNUM_PTR, BN_lebin2bn, bn_lebin2bn, (const unsigned char *s, int len, GO_BIGNUM_PTR ret), (s, len, ret)) \ |
2002 | ++/*check:from=1.1.0*/ DEFINEFUNC_RENAMED_1_1(int, BN_bn2lebinpad, bn_bn2lebinpad, (const GO_BIGNUM_PTR a, unsigned char *to, int tolen), (a, to, tolen)) \ |
2003 | ++/*check:from=1.1.0*/ DEFINEFUNC_RENAMED_1_1(int, BN_bn2binpad, bn_bn2binpad, (const GO_BIGNUM_PTR a, unsigned char *to, int tolen), (a, to, tolen)) \ |
2004 | + DEFINEFUNC(void, EC_GROUP_free, (GO_EC_GROUP_PTR arg0), (arg0)) \ |
2005 | + DEFINEFUNC(GO_EC_POINT_PTR, EC_POINT_new, (const GO_EC_GROUP_PTR arg0), (arg0)) \ |
2006 | + DEFINEFUNC(void, EC_POINT_free, (GO_EC_POINT_PTR arg0), (arg0)) \ |
2007 | + DEFINEFUNC(int, EC_POINT_get_affine_coordinates_GFp, (const GO_EC_GROUP_PTR arg0, const GO_EC_POINT_PTR arg1, GO_BIGNUM_PTR arg2, GO_BIGNUM_PTR arg3, GO_BN_CTX_PTR arg4), (arg0, arg1, arg2, arg3, arg4)) \ |
2008 | ++DEFINEFUNC(size_t, EC_POINT_point2oct, (const GO_EC_GROUP_PTR group, const GO_EC_POINT_PTR p, point_conversion_form_t form, unsigned char *buf, size_t len, GO_BN_CTX_PTR ctx), (group, p, form, buf, len, ctx)) \ |
2009 | ++DEFINEFUNC_LEGACY_1_0(int, EC_POINT_oct2point, (const GO_EC_GROUP_PTR group, GO_EC_POINT_PTR p, const unsigned char *buf, size_t len, GO_BN_CTX_PTR ctx), (group, p, buf, len, ctx)) \ |
2010 | ++DEFINEFUNC(int, EC_POINT_mul, (const GO_EC_GROUP_PTR group, GO_EC_POINT_PTR r, const GO_BIGNUM_PTR n, const GO_EC_POINT_PTR q, const GO_BIGNUM_PTR m, GO_BN_CTX_PTR ctx), (group, r, n, q, m, ctx)) \ |
2011 | + DEFINEFUNC(GO_EC_KEY_PTR, EC_KEY_new_by_curve_name, (int arg0), (arg0)) \ |
2012 | + DEFINEFUNC(int, EC_KEY_set_public_key_affine_coordinates, (GO_EC_KEY_PTR key, GO_BIGNUM_PTR x, GO_BIGNUM_PTR y), (key, x, y)) \ |
2013 | ++DEFINEFUNC_LEGACY_1_0(int, EC_KEY_set_public_key, (GO_EC_KEY_PTR key, const GO_EC_POINT_PTR pub), (key, pub)) \ |
2014 | + DEFINEFUNC(void, EC_KEY_free, (GO_EC_KEY_PTR arg0), (arg0)) \ |
2015 | + DEFINEFUNC(const GO_EC_GROUP_PTR, EC_KEY_get0_group, (const GO_EC_KEY_PTR arg0), (arg0)) \ |
2016 | + DEFINEFUNC(int, EC_KEY_set_private_key, (GO_EC_KEY_PTR arg0, const GO_BIGNUM_PTR arg1), (arg0, arg1)) \ |
2017 | ++DEFINEFUNC_1_1(int, EC_KEY_oct2key, (GO_EC_KEY_PTR eckey, const unsigned char *buf, size_t len, GO_BN_CTX_PTR ctx), (eckey, buf, len, ctx)) \ |
2018 | + DEFINEFUNC(const GO_BIGNUM_PTR, EC_KEY_get0_private_key, (const GO_EC_KEY_PTR arg0), (arg0)) \ |
2019 | + DEFINEFUNC(const GO_EC_POINT_PTR, EC_KEY_get0_public_key, (const GO_EC_KEY_PTR arg0), (arg0)) \ |
2020 | + DEFINEFUNC(GO_RSA_PTR, RSA_new, (void), ()) \ |
2021 | +@@ -219,9 +257,10 @@ DEFINEFUNC(const GO_EVP_CIPHER_PTR, EVP_aes_256_gcm, (void), ()) \ |
2022 | + DEFINEFUNC(void, EVP_CIPHER_CTX_free, (GO_EVP_CIPHER_CTX_PTR arg0), (arg0)) \ |
2023 | + DEFINEFUNC(int, EVP_CIPHER_CTX_ctrl, (GO_EVP_CIPHER_CTX_PTR ctx, int type, int arg, void *ptr), (ctx, type, arg, ptr)) \ |
2024 | + DEFINEFUNC(GO_EVP_PKEY_PTR, EVP_PKEY_new, (void), ()) \ |
2025 | +-/* EVP_PKEY_size pkey parameter is const since OpenSSL 1.1.1. */ \ |
2026 | ++/* EVP_PKEY_size and EVP_PKEY_get_bits pkey parameter is const since OpenSSL 1.1.1. */ \ |
2027 | + /* Exclude it from headercheck tool when using previous OpenSSL versions. */ \ |
2028 | + /*check:from=1.1.1*/ DEFINEFUNC_RENAMED_3_0(int, EVP_PKEY_get_size, EVP_PKEY_size, (const GO_EVP_PKEY_PTR pkey), (pkey)) \ |
2029 | ++/*check:from=1.1.1*/ DEFINEFUNC_RENAMED_3_0(int, EVP_PKEY_get_bits, EVP_PKEY_bits, (const GO_EVP_PKEY_PTR pkey), (pkey)) \ |
2030 | + DEFINEFUNC(void, EVP_PKEY_free, (GO_EVP_PKEY_PTR arg0), (arg0)) \ |
2031 | + DEFINEFUNC(GO_EC_KEY_PTR, EVP_PKEY_get1_EC_KEY, (GO_EVP_PKEY_PTR pkey), (pkey)) \ |
2032 | + DEFINEFUNC(GO_RSA_PTR, EVP_PKEY_get1_RSA, (GO_EVP_PKEY_PTR pkey), (pkey)) \ |
2033 | +@@ -239,4 +278,19 @@ DEFINEFUNC(int, EVP_PKEY_decrypt_init, (GO_EVP_PKEY_CTX_PTR arg0), (arg0)) \ |
2034 | + DEFINEFUNC(int, EVP_PKEY_encrypt_init, (GO_EVP_PKEY_CTX_PTR arg0), (arg0)) \ |
2035 | + DEFINEFUNC(int, EVP_PKEY_sign_init, (GO_EVP_PKEY_CTX_PTR arg0), (arg0)) \ |
2036 | + DEFINEFUNC(int, EVP_PKEY_verify_init, (GO_EVP_PKEY_CTX_PTR arg0), (arg0)) \ |
2037 | +-DEFINEFUNC(int, EVP_PKEY_sign, (GO_EVP_PKEY_CTX_PTR arg0, unsigned char *arg1, size_t *arg2, const unsigned char *arg3, size_t arg4), (arg0, arg1, arg2, arg3, arg4)) |
2038 | ++DEFINEFUNC(int, EVP_PKEY_sign, (GO_EVP_PKEY_CTX_PTR arg0, unsigned char *arg1, size_t *arg2, const unsigned char *arg3, size_t arg4), (arg0, arg1, arg2, arg3, arg4)) \ |
2039 | ++DEFINEFUNC(int, EVP_PKEY_derive_init, (GO_EVP_PKEY_CTX_PTR ctx), (ctx)) \ |
2040 | ++DEFINEFUNC(int, EVP_PKEY_derive_set_peer, (GO_EVP_PKEY_CTX_PTR ctx, GO_EVP_PKEY_PTR peer), (ctx, peer)) \ |
2041 | ++DEFINEFUNC(int, EVP_PKEY_derive, (GO_EVP_PKEY_CTX_PTR ctx, unsigned char *key, size_t *keylen), (ctx, key, keylen)) \ |
2042 | ++DEFINEFUNC_3_0(GO_EVP_MAC_PTR, EVP_MAC_fetch, (GO_OSSL_LIB_CTX_PTR ctx, const char *algorithm, const char *properties), (ctx, algorithm, properties)) \ |
2043 | ++DEFINEFUNC_3_0(void, EVP_MAC_free, (GO_EVP_MAC_PTR mac), (mac)) \ |
2044 | ++DEFINEFUNC_3_0(GO_EVP_MAC_CTX_PTR, EVP_MAC_CTX_new, (GO_EVP_MAC_PTR arg0), (arg0)) \ |
2045 | ++DEFINEFUNC_3_0(void, EVP_MAC_CTX_free, (GO_EVP_MAC_CTX_PTR arg0), (arg0)) \ |
2046 | ++DEFINEFUNC_3_0(GO_EVP_MAC_CTX_PTR, EVP_MAC_CTX_dup, (const GO_EVP_MAC_CTX_PTR arg0), (arg0)) \ |
2047 | ++DEFINEFUNC_3_0(int, EVP_MAC_init, (GO_EVP_MAC_CTX_PTR ctx, const unsigned char *key, size_t keylen, const OSSL_PARAM params[]), (ctx, key, keylen, params)) \ |
2048 | ++DEFINEFUNC_3_0(int, EVP_MAC_update, (GO_EVP_MAC_CTX_PTR ctx, const unsigned char *data, size_t datalen), (ctx, data, datalen)) \ |
2049 | ++DEFINEFUNC_3_0(int, EVP_MAC_final, (GO_EVP_MAC_CTX_PTR ctx, unsigned char *out, size_t *outl, size_t outsize), (ctx, out, outl, outsize)) \ |
2050 | ++DEFINEFUNC_3_0(OSSL_PARAM, OSSL_PARAM_construct_utf8_string, (const char *key, char *buf, size_t bsize), (key, buf, bsize)) \ |
2051 | ++DEFINEFUNC_3_0(OSSL_PARAM, OSSL_PARAM_construct_end, (void), ()) \ |
2052 | ++DEFINEFUNC_3_0(int, EVP_PKEY_CTX_set0_rsa_oaep_label, (GO_EVP_PKEY_CTX_PTR ctx, void *label, int len), (ctx, label, len)) \ |
2053 | ++ |
2054 | +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/rsa.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/rsa.go |
2055 | +index 05ff62cd73..b717ea932c 100644 |
2056 | +--- a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/rsa.go |
2057 | ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/rsa.go |
2058 | +@@ -13,13 +13,12 @@ import ( |
2059 | + "crypto/subtle" |
2060 | + "errors" |
2061 | + "hash" |
2062 | +- "math/big" |
2063 | + "runtime" |
2064 | + "unsafe" |
2065 | + ) |
2066 | + |
2067 | +-func GenerateKeyRSA(bits int) (N, E, D, P, Q, Dp, Dq, Qinv *big.Int, err error) { |
2068 | +- bad := func(e error) (N, E, D, P, Q, Dp, Dq, Qinv *big.Int, err error) { |
2069 | ++func GenerateKeyRSA(bits int) (N, E, D, P, Q, Dp, Dq, Qinv BigInt, err error) { |
2070 | ++ bad := func(e error) (N, E, D, P, Q, Dp, Dq, Qinv BigInt, err error) { |
2071 | + return nil, nil, nil, nil, nil, nil, nil, nil, e |
2072 | + } |
2073 | + pkey, err := generateEVPPKey(C.GO_EVP_PKEY_RSA, bits, "") |
2074 | +@@ -31,6 +30,7 @@ func GenerateKeyRSA(bits int) (N, E, D, P, Q, Dp, Dq, Qinv *big.Int, err error) |
2075 | + if key == nil { |
2076 | + return bad(newOpenSSLError("EVP_PKEY_get1_RSA failed")) |
2077 | + } |
2078 | ++ defer C.go_openssl_RSA_free(key) |
2079 | + N, E, D = rsaGetKey(key) |
2080 | + P, Q = rsaGetFactors(key) |
2081 | + Dp, Dq, Qinv = rsaGetCRTParams(key) |
2082 | +@@ -42,7 +42,7 @@ type PublicKeyRSA struct { |
2083 | + _pkey C.GO_EVP_PKEY_PTR |
2084 | + } |
2085 | + |
2086 | +-func NewPublicKeyRSA(N, E *big.Int) (*PublicKeyRSA, error) { |
2087 | ++func NewPublicKeyRSA(N, E BigInt) (*PublicKeyRSA, error) { |
2088 | + key := C.go_openssl_RSA_new() |
2089 | + if key == nil { |
2090 | + return nil, newOpenSSLError("RSA_new failed") |
2091 | +@@ -82,7 +82,7 @@ type PrivateKeyRSA struct { |
2092 | + _pkey C.GO_EVP_PKEY_PTR |
2093 | + } |
2094 | + |
2095 | +-func NewPrivateKeyRSA(N, E, D, P, Q, Dp, Dq, Qinv *big.Int) (*PrivateKeyRSA, error) { |
2096 | ++func NewPrivateKeyRSA(N, E, D, P, Q, Dp, Dq, Qinv BigInt) (*PrivateKeyRSA, error) { |
2097 | + key := C.go_openssl_RSA_new() |
2098 | + if key == nil { |
2099 | + return nil, newOpenSSLError("RSA_new failed") |
2100 | +@@ -128,23 +128,31 @@ func (k *PrivateKeyRSA) withKey(f func(C.GO_EVP_PKEY_PTR) C.int) C.int { |
2101 | + } |
2102 | + |
2103 | + func DecryptRSAOAEP(h hash.Hash, priv *PrivateKeyRSA, ciphertext, label []byte) ([]byte, error) { |
2104 | +- return evpDecrypt(priv.withKey, C.GO_RSA_PKCS1_OAEP_PADDING, h, label, ciphertext) |
2105 | ++ return evpDecrypt(priv.withKey, C.GO_RSA_PKCS1_OAEP_PADDING, h, nil, label, ciphertext) |
2106 | + } |
2107 | + |
2108 | + func EncryptRSAOAEP(h hash.Hash, pub *PublicKeyRSA, msg, label []byte) ([]byte, error) { |
2109 | +- return evpEncrypt(pub.withKey, C.GO_RSA_PKCS1_OAEP_PADDING, h, label, msg) |
2110 | ++ return evpEncrypt(pub.withKey, C.GO_RSA_PKCS1_OAEP_PADDING, h, nil, label, msg) |
2111 | ++} |
2112 | ++ |
2113 | ++func DecryptRSAOAEPWithMGF1Hash(h, mgfHash hash.Hash, priv *PrivateKeyRSA, ciphertext, label []byte) ([]byte, error) { |
2114 | ++ return evpDecrypt(priv.withKey, C.GO_RSA_PKCS1_OAEP_PADDING, h, mgfHash, label, ciphertext) |
2115 | ++} |
2116 | ++ |
2117 | ++func EncryptRSAOAEPWithMGF1Hash(h, mgfHash hash.Hash, pub *PublicKeyRSA, msg, label []byte) ([]byte, error) { |
2118 | ++ return evpEncrypt(pub.withKey, C.GO_RSA_PKCS1_OAEP_PADDING, h, mgfHash, label, msg) |
2119 | + } |
2120 | + |
2121 | + func DecryptRSAPKCS1(priv *PrivateKeyRSA, ciphertext []byte) ([]byte, error) { |
2122 | +- return evpDecrypt(priv.withKey, C.GO_RSA_PKCS1_PADDING, nil, nil, ciphertext) |
2123 | ++ return evpDecrypt(priv.withKey, C.GO_RSA_PKCS1_PADDING, nil, nil, nil, ciphertext) |
2124 | + } |
2125 | + |
2126 | + func EncryptRSAPKCS1(pub *PublicKeyRSA, msg []byte) ([]byte, error) { |
2127 | +- return evpEncrypt(pub.withKey, C.GO_RSA_PKCS1_PADDING, nil, nil, msg) |
2128 | ++ return evpEncrypt(pub.withKey, C.GO_RSA_PKCS1_PADDING, nil, nil, nil, msg) |
2129 | + } |
2130 | + |
2131 | + func DecryptRSANoPadding(priv *PrivateKeyRSA, ciphertext []byte) ([]byte, error) { |
2132 | +- ret, err := evpDecrypt(priv.withKey, C.GO_RSA_NO_PADDING, nil, nil, ciphertext) |
2133 | ++ ret, err := evpDecrypt(priv.withKey, C.GO_RSA_NO_PADDING, nil, nil, nil, ciphertext) |
2134 | + if err != nil { |
2135 | + return nil, err |
2136 | + } |
2137 | +@@ -168,21 +176,47 @@ func DecryptRSANoPadding(priv *PrivateKeyRSA, ciphertext []byte) ([]byte, error) |
2138 | + } |
2139 | + |
2140 | + func EncryptRSANoPadding(pub *PublicKeyRSA, msg []byte) ([]byte, error) { |
2141 | +- return evpEncrypt(pub.withKey, C.GO_RSA_NO_PADDING, nil, nil, msg) |
2142 | ++ return evpEncrypt(pub.withKey, C.GO_RSA_NO_PADDING, nil, nil, nil, msg) |
2143 | + } |
2144 | + |
2145 | +-func SignRSAPSS(priv *PrivateKeyRSA, h crypto.Hash, hashed []byte, saltLen int) ([]byte, error) { |
2146 | ++func saltLength(saltLen int, sign bool) (C.int, error) { |
2147 | ++ // A salt length of -2 is valid in OpenSSL, but not in crypto/rsa, so reject |
2148 | ++ // it, and lengths < -2, before we convert to the OpenSSL sentinel values. |
2149 | ++ if saltLen <= -2 { |
2150 | ++ return 0, errors.New("crypto/rsa: PSSOptions.SaltLength cannot be negative") |
2151 | ++ } |
2152 | ++ // OpenSSL uses sentinel salt length values like Go crypto does, |
2153 | ++ // but the values don't fully match for rsa.PSSSaltLengthAuto (0). |
2154 | + if saltLen == 0 { |
2155 | +- saltLen = -1 // RSA_PSS_SALTLEN_DIGEST |
2156 | ++ if sign { |
2157 | ++ if vMajor == 1 { |
2158 | ++ // OpenSSL 1.x uses -2 to mean maximal size when signing where Go crypto uses 0. |
2159 | ++ return C.GO_RSA_PSS_SALTLEN_MAX_SIGN, nil |
2160 | ++ } |
2161 | ++ // OpenSSL 3.x deprecated RSA_PSS_SALTLEN_MAX_SIGN |
2162 | ++ // and uses -3 to mean maximal size when signing where Go crypto uses 0. |
2163 | ++ return C.GO_RSA_PSS_SALTLEN_MAX, nil |
2164 | ++ } |
2165 | ++ // OpenSSL uses -2 to mean auto-detect size when verifying where Go crypto uses 0. |
2166 | ++ return C.GO_RSA_PSS_SALTLEN_AUTO, nil |
2167 | + } |
2168 | +- return evpSign(priv.withKey, C.GO_RSA_PKCS1_PSS_PADDING, saltLen, h, hashed) |
2169 | ++ return C.int(saltLen), nil |
2170 | ++} |
2171 | ++ |
2172 | ++func SignRSAPSS(priv *PrivateKeyRSA, h crypto.Hash, hashed []byte, saltLen int) ([]byte, error) { |
2173 | ++ cSaltLen, err := saltLength(saltLen, true) |
2174 | ++ if err != nil { |
2175 | ++ return nil, err |
2176 | ++ } |
2177 | ++ return evpSign(priv.withKey, C.GO_RSA_PKCS1_PSS_PADDING, cSaltLen, h, hashed) |
2178 | + } |
2179 | + |
2180 | + func VerifyRSAPSS(pub *PublicKeyRSA, h crypto.Hash, hashed, sig []byte, saltLen int) error { |
2181 | +- if saltLen == 0 { |
2182 | +- saltLen = -2 // RSA_PSS_SALTLEN_AUTO |
2183 | ++ cSaltLen, err := saltLength(saltLen, false) |
2184 | ++ if err != nil { |
2185 | ++ return err |
2186 | + } |
2187 | +- return evpVerify(pub.withKey, C.GO_RSA_PKCS1_PSS_PADDING, saltLen, h, sig, hashed) |
2188 | ++ return evpVerify(pub.withKey, C.GO_RSA_PKCS1_PSS_PADDING, cSaltLen, h, sig, hashed) |
2189 | + } |
2190 | + |
2191 | + func SignRSAPKCS1v15(priv *PrivateKeyRSA, h crypto.Hash, hashed []byte) ([]byte, error) { |
2192 | +@@ -213,7 +247,7 @@ type rsa_st_1_0_2 struct { |
2193 | + // It contains more fields, but we are not interesed on them. |
2194 | + } |
2195 | + |
2196 | +-func bnSet(b1 *C.GO_BIGNUM_PTR, b2 *big.Int) { |
2197 | ++func bnSet(b1 *C.GO_BIGNUM_PTR, b2 BigInt) { |
2198 | + if b2 == nil { |
2199 | + return |
2200 | + } |
2201 | +@@ -223,7 +257,7 @@ func bnSet(b1 *C.GO_BIGNUM_PTR, b2 *big.Int) { |
2202 | + *b1 = bigToBN(b2) |
2203 | + } |
2204 | + |
2205 | +-func rsaSetKey(key C.GO_RSA_PTR, n, e, d *big.Int) bool { |
2206 | ++func rsaSetKey(key C.GO_RSA_PTR, n, e, d BigInt) bool { |
2207 | + if vMajor == 1 && vMinor == 0 { |
2208 | + r := (*rsa_st_1_0_2)(unsafe.Pointer(key)) |
2209 | + //r.d and d will be nil for public keys. |
2210 | +@@ -239,7 +273,7 @@ func rsaSetKey(key C.GO_RSA_PTR, n, e, d *big.Int) bool { |
2211 | + return C.go_openssl_RSA_set0_key(key, bigToBN(n), bigToBN(e), bigToBN(d)) == 1 |
2212 | + } |
2213 | + |
2214 | +-func rsaSetFactors(key C.GO_RSA_PTR, p, q *big.Int) bool { |
2215 | ++func rsaSetFactors(key C.GO_RSA_PTR, p, q BigInt) bool { |
2216 | + if vMajor == 1 && vMinor == 0 { |
2217 | + r := (*rsa_st_1_0_2)(unsafe.Pointer(key)) |
2218 | + if (r.p == nil && p == nil) || |
2219 | +@@ -253,7 +287,7 @@ func rsaSetFactors(key C.GO_RSA_PTR, p, q *big.Int) bool { |
2220 | + return C.go_openssl_RSA_set0_factors(key, bigToBN(p), bigToBN(q)) == 1 |
2221 | + } |
2222 | + |
2223 | +-func rsaSetCRTParams(key C.GO_RSA_PTR, dmp1, dmq1, iqmp *big.Int) bool { |
2224 | ++func rsaSetCRTParams(key C.GO_RSA_PTR, dmp1, dmq1, iqmp BigInt) bool { |
2225 | + if vMajor == 1 && vMinor == 0 { |
2226 | + r := (*rsa_st_1_0_2)(unsafe.Pointer(key)) |
2227 | + if (r.dmp1 == nil && dmp1 == nil) || |
2228 | +@@ -269,7 +303,7 @@ func rsaSetCRTParams(key C.GO_RSA_PTR, dmp1, dmq1, iqmp *big.Int) bool { |
2229 | + return C.go_openssl_RSA_set0_crt_params(key, bigToBN(dmp1), bigToBN(dmq1), bigToBN(iqmp)) == 1 |
2230 | + } |
2231 | + |
2232 | +-func rsaGetKey(key C.GO_RSA_PTR) (*big.Int, *big.Int, *big.Int) { |
2233 | ++func rsaGetKey(key C.GO_RSA_PTR) (BigInt, BigInt, BigInt) { |
2234 | + var n, e, d C.GO_BIGNUM_PTR |
2235 | + if vMajor == 1 && vMinor == 0 { |
2236 | + r := (*rsa_st_1_0_2)(unsafe.Pointer(key)) |
2237 | +@@ -280,7 +314,7 @@ func rsaGetKey(key C.GO_RSA_PTR) (*big.Int, *big.Int, *big.Int) { |
2238 | + return bnToBig(n), bnToBig(e), bnToBig(d) |
2239 | + } |
2240 | + |
2241 | +-func rsaGetFactors(key C.GO_RSA_PTR) (*big.Int, *big.Int) { |
2242 | ++func rsaGetFactors(key C.GO_RSA_PTR) (BigInt, BigInt) { |
2243 | + var p, q C.GO_BIGNUM_PTR |
2244 | + if vMajor == 1 && vMinor == 0 { |
2245 | + r := (*rsa_st_1_0_2)(unsafe.Pointer(key)) |
2246 | +@@ -291,7 +325,7 @@ func rsaGetFactors(key C.GO_RSA_PTR) (*big.Int, *big.Int) { |
2247 | + return bnToBig(p), bnToBig(q) |
2248 | + } |
2249 | + |
2250 | +-func rsaGetCRTParams(key C.GO_RSA_PTR) (*big.Int, *big.Int, *big.Int) { |
2251 | ++func rsaGetCRTParams(key C.GO_RSA_PTR) (BigInt, BigInt, BigInt) { |
2252 | + var dmp1, dmq1, iqmp C.GO_BIGNUM_PTR |
2253 | + if vMajor == 1 && vMinor == 0 { |
2254 | + r := (*rsa_st_1_0_2)(unsafe.Pointer(key)) |
2255 | +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/sha.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/sha.go |
2256 | +index c5b0189efc..cdd216423b 100644 |
2257 | +--- a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/sha.go |
2258 | ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/sha.go |
2259 | +@@ -17,6 +17,91 @@ import ( |
2260 | + "unsafe" |
2261 | + ) |
2262 | + |
2263 | ++// NOTE: Implementation ported from https://go-review.googlesource.com/c/go/+/404295. |
2264 | ++// The cgo calls in this file are arranged to avoid marking the parameters as escaping. |
2265 | ++// To do that, we call noescape (including via addr). |
2266 | ++// We must also make sure that the data pointer arguments have the form unsafe.Pointer(&...) |
2267 | ++// so that cgo does not annotate them with cgoCheckPointer calls. If it did that, it might look |
2268 | ++// beyond the byte slice and find Go pointers in unprocessed parts of a larger allocation. |
2269 | ++// To do both of these simultaneously, the idiom is unsafe.Pointer(&*addr(p)), |
2270 | ++// where addr returns the base pointer of p, substituting a non-nil pointer for nil, |
2271 | ++// and applying a noescape along the way. |
2272 | ++// This is all to preserve compatibility with the allocation behavior of the non-openssl implementations. |
2273 | ++ |
2274 | ++func shaX(md C.GO_EVP_MD_PTR, p []byte, sum []byte) bool { |
2275 | ++ return C.go_shaX(md, unsafe.Pointer(&*addr(p)), C.size_t(len(p)), noescape(unsafe.Pointer(&sum[0]))) != 0 |
2276 | ++} |
2277 | ++ |
2278 | ++func SHA1(p []byte) (sum [20]byte) { |
2279 | ++ if !shaX(C.go_openssl_EVP_sha1(), p, sum[:]) { |
2280 | ++ panic("openssl: SHA1 failed") |
2281 | ++ } |
2282 | ++ return |
2283 | ++} |
2284 | ++ |
2285 | ++func SHA224(p []byte) (sum [28]byte) { |
2286 | ++ if !shaX(C.go_openssl_EVP_sha224(), p, sum[:]) { |
2287 | ++ panic("openssl: SHA224 failed") |
2288 | ++ } |
2289 | ++ return |
2290 | ++} |
2291 | ++ |
2292 | ++func SHA256(p []byte) (sum [32]byte) { |
2293 | ++ if !shaX(C.go_openssl_EVP_sha256(), p, sum[:]) { |
2294 | ++ panic("openssl: SHA256 failed") |
2295 | ++ } |
2296 | ++ return |
2297 | ++} |
2298 | ++ |
2299 | ++func SHA384(p []byte) (sum [48]byte) { |
2300 | ++ if !shaX(C.go_openssl_EVP_sha384(), p, sum[:]) { |
2301 | ++ panic("openssl: SHA384 failed") |
2302 | ++ } |
2303 | ++ return |
2304 | ++} |
2305 | ++ |
2306 | ++func SHA512(p []byte) (sum [64]byte) { |
2307 | ++ if !shaX(C.go_openssl_EVP_sha512(), p, sum[:]) { |
2308 | ++ panic("openssl: SHA512 failed") |
2309 | ++ } |
2310 | ++ return |
2311 | ++} |
2312 | ++ |
2313 | ++// Same as SupportsHKDF, as in v1.1.1+ |
2314 | ++func SupportsSHA3() bool { |
2315 | ++ return vMajor > 1 || |
2316 | ++ (vMajor >= 1 && vMinor > 1) || |
2317 | ++ (vMajor >= 1 && vMinor >= 1 && vFeature >= 1) |
2318 | ++} |
2319 | ++ |
2320 | ++func SHA3_224(p []byte) (sum [28]byte) { |
2321 | ++ if !shaX(C.go_openssl_EVP_sha3_224(), p, sum[:]) { |
2322 | ++ panic("openssl: SHA3_224 failed") |
2323 | ++ } |
2324 | ++ return |
2325 | ++} |
2326 | ++ |
2327 | ++func SHA3_256(p []byte) (sum [32]byte) { |
2328 | ++ if !shaX(C.go_openssl_EVP_sha3_256(), p, sum[:]) { |
2329 | ++ panic("openssl: SHA3_256 failed") |
2330 | ++ } |
2331 | ++ return |
2332 | ++} |
2333 | ++ |
2334 | ++func SHA3_384(p []byte) (sum [48]byte) { |
2335 | ++ if !shaX(C.go_openssl_EVP_sha3_384(), p, sum[:]) { |
2336 | ++ panic("openssl: SHA3_384 failed") |
2337 | ++ } |
2338 | ++ return |
2339 | ++} |
2340 | ++ |
2341 | ++func SHA3_512(p []byte) (sum [64]byte) { |
2342 | ++ if !shaX(C.go_openssl_EVP_sha3_512(), p, sum[:]) { |
2343 | ++ panic("openssl: SHA3_512 failed") |
2344 | ++ } |
2345 | ++ return |
2346 | ++} |
2347 | ++ |
2348 | + type evpHash struct { |
2349 | + md C.GO_EVP_MD_PTR |
2350 | + ctx C.GO_EVP_MD_CTX_PTR |
2351 | +@@ -55,8 +140,8 @@ func (h *evpHash) finalize() { |
2352 | + func (h *evpHash) Reset() { |
2353 | + // There is no need to reset h.ctx2 because it is always reset after |
2354 | + // use in evpHash.sum. |
2355 | +- C.go_openssl_EVP_MD_CTX_reset(h.ctx) |
2356 | +- |
2357 | ++ // Calling EVP_DigestInit on an already initialized EVP_MD_CTX results in |
2358 | ++ // memory leak on OpenSSL 1.0.2, use EVP_DigestInit_ex instead. |
2359 | + if C.go_openssl_EVP_DigestInit_ex(h.ctx, h.md, nil) != 1 { |
2360 | + panic("openssl: EVP_DigestInit_ex failed") |
2361 | + } |
2362 | +@@ -64,13 +149,35 @@ func (h *evpHash) Reset() { |
2363 | + } |
2364 | + |
2365 | + func (h *evpHash) Write(p []byte) (int, error) { |
2366 | +- if len(p) > 0 && C.go_openssl_EVP_DigestUpdate(h.ctx, unsafe.Pointer(&p[0]), C.size_t(len(p))) != 1 { |
2367 | ++ if len(p) > 0 && C.go_openssl_EVP_DigestUpdate(h.ctx, unsafe.Pointer(&*addr(p)), C.size_t(len(p))) != 1 { |
2368 | + panic("openssl: EVP_DigestUpdate failed") |
2369 | + } |
2370 | + runtime.KeepAlive(h) |
2371 | + return len(p), nil |
2372 | + } |
2373 | + |
2374 | ++func (h *evpHash) WriteString(s string) (int, error) { |
2375 | ++ // TODO: use unsafe.StringData once we drop support |
2376 | ++ // for go1.19 and earlier. |
2377 | ++ hdr := (*struct { |
2378 | ++ Data *byte |
2379 | ++ Len int |
2380 | ++ })(unsafe.Pointer(&s)) |
2381 | ++ if len(s) > 0 && C.go_openssl_EVP_DigestUpdate(h.ctx, unsafe.Pointer(hdr.Data), C.size_t(len(s))) == 0 { |
2382 | ++ panic("openssl: EVP_DigestUpdate failed") |
2383 | ++ } |
2384 | ++ runtime.KeepAlive(h) |
2385 | ++ return len(s), nil |
2386 | ++} |
2387 | ++ |
2388 | ++func (h *evpHash) WriteByte(c byte) error { |
2389 | ++ if C.go_openssl_EVP_DigestUpdate(h.ctx, unsafe.Pointer(&c), 1) == 0 { |
2390 | ++ panic("openssl: EVP_DigestUpdate failed") |
2391 | ++ } |
2392 | ++ runtime.KeepAlive(h) |
2393 | ++ return nil |
2394 | ++} |
2395 | ++ |
2396 | + func (h *evpHash) Size() int { |
2397 | + return h.size |
2398 | + } |
2399 | +@@ -84,14 +191,12 @@ func (h *evpHash) sum(out []byte) { |
2400 | + // that Sum has no effect on the underlying stream. |
2401 | + // In particular it is OK to Sum, then Write more, then Sum again, |
2402 | + // and the second Sum acts as if the first didn't happen. |
2403 | +- C.go_openssl_EVP_DigestInit_ex(h.ctx2, h.md, nil) |
2404 | +- if C.go_openssl_EVP_MD_CTX_copy_ex(h.ctx2, h.ctx) != 1 { |
2405 | +- panic("openssl: EVP_MD_CTX_copy_ex failed") |
2406 | ++ if C.go_openssl_EVP_MD_CTX_copy(h.ctx2, h.ctx) != 1 { |
2407 | ++ panic("openssl: EVP_MD_CTX_copy failed") |
2408 | + } |
2409 | +- if C.go_openssl_EVP_DigestFinal_ex(h.ctx2, base(out), nil) != 1 { |
2410 | +- panic("openssl: EVP_DigestFinal_ex failed") |
2411 | ++ if C.go_openssl_EVP_DigestFinal(h.ctx2, (*C.uchar)(noescape(unsafe.Pointer(base(out)))), nil) != 1 { |
2412 | ++ panic("openssl: EVP_DigestFinal failed") |
2413 | + } |
2414 | +- C.go_openssl_EVP_MD_CTX_reset(h.ctx2) |
2415 | + runtime.KeepAlive(h) |
2416 | + } |
2417 | + |
2418 | +@@ -499,6 +604,74 @@ func (h *sha512Hash) UnmarshalBinary(b []byte) error { |
2419 | + return nil |
2420 | + } |
2421 | + |
2422 | ++// NewSHA3_224 returns a new SHA3-224 hash. |
2423 | ++func NewSHA3_224() hash.Hash { |
2424 | ++ return &sha3_224Hash{ |
2425 | ++ evpHash: newEvpHash(crypto.SHA3_224, 224/8, 64), |
2426 | ++ } |
2427 | ++} |
2428 | ++ |
2429 | ++type sha3_224Hash struct { |
2430 | ++ *evpHash |
2431 | ++ out [224 / 8]byte |
2432 | ++} |
2433 | ++ |
2434 | ++func (h *sha3_224Hash) Sum(in []byte) []byte { |
2435 | ++ h.sum(h.out[:]) |
2436 | ++ return append(in, h.out[:]...) |
2437 | ++} |
2438 | ++ |
2439 | ++// NewSHA3_256 returns a new SHA3-256 hash. |
2440 | ++func NewSHA3_256() hash.Hash { |
2441 | ++ return &sha3_256Hash{ |
2442 | ++ evpHash: newEvpHash(crypto.SHA3_256, 256/8, 64), |
2443 | ++ } |
2444 | ++} |
2445 | ++ |
2446 | ++type sha3_256Hash struct { |
2447 | ++ *evpHash |
2448 | ++ out [256 / 8]byte |
2449 | ++} |
2450 | ++ |
2451 | ++func (h *sha3_256Hash) Sum(in []byte) []byte { |
2452 | ++ h.sum(h.out[:]) |
2453 | ++ return append(in, h.out[:]...) |
2454 | ++} |
2455 | ++ |
2456 | ++// NewSHA3_384 returns a new SHA3-384 hash. |
2457 | ++func NewSHA3_384() hash.Hash { |
2458 | ++ return &sha3_384Hash{ |
2459 | ++ evpHash: newEvpHash(crypto.SHA3_384, 384/8, 128), |
2460 | ++ } |
2461 | ++} |
2462 | ++ |
2463 | ++type sha3_384Hash struct { |
2464 | ++ *evpHash |
2465 | ++ out [384 / 8]byte |
2466 | ++} |
2467 | ++ |
2468 | ++func (h *sha3_384Hash) Sum(in []byte) []byte { |
2469 | ++ h.sum(h.out[:]) |
2470 | ++ return append(in, h.out[:]...) |
2471 | ++} |
2472 | ++ |
2473 | ++// NewSHA3_512 returns a new SHA3-512 hash. |
2474 | ++func NewSHA3_512() hash.Hash { |
2475 | ++ return &sha3_512Hash{ |
2476 | ++ evpHash: newEvpHash(crypto.SHA3_512, 512/8, 128), |
2477 | ++ } |
2478 | ++} |
2479 | ++ |
2480 | ++type sha3_512Hash struct { |
2481 | ++ *evpHash |
2482 | ++ out [512 / 8]byte |
2483 | ++} |
2484 | ++ |
2485 | ++func (h *sha3_512Hash) Sum(in []byte) []byte { |
2486 | ++ h.sum(h.out[:]) |
2487 | ++ return append(in, h.out[:]...) |
2488 | ++} |
2489 | ++ |
2490 | + // appendUint64 appends x into b as a big endian byte sequence. |
2491 | + func appendUint64(b []byte, x uint64) []byte { |
2492 | + return append(b, |
2493 | +diff --git a/src/vendor/modules.txt b/src/vendor/modules.txt |
2494 | +index c31f65cd61..75b78bfb94 100644 |
2495 | +--- a/src/vendor/modules.txt |
2496 | ++++ b/src/vendor/modules.txt |
2497 | +@@ -1,6 +1,8 @@ |
2498 | +-# github.com/microsoft/go-crypto-openssl v0.1.2 |
2499 | +-## explicit; go 1.16 |
2500 | ++# github.com/microsoft/go-crypto-openssl v0.2.8 => github.com/xnox/go-crypto-openssl v0.2.9-0.20230701230530-84b71a4b45db |
2501 | ++## explicit; go 1.17 |
2502 | + github.com/microsoft/go-crypto-openssl/openssl |
2503 | ++github.com/microsoft/go-crypto-openssl/openssl/bbig |
2504 | ++github.com/microsoft/go-crypto-openssl/openssl/bbig/bridge |
2505 | + github.com/microsoft/go-crypto-openssl/openssl/internal/subtle |
2506 | + # golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3 |
2507 | + ## explicit; go 1.17 |
2508 | +-- |
2509 | +2.34.1 |
2510 | + |
2511 | diff --git a/patches/0203-Add-crypto-sha3-package.patch b/patches/0203-Add-crypto-sha3-package.patch |
2512 | new file mode 100644 |
2513 | index 0000000..94f7c3d |
2514 | --- /dev/null |
2515 | +++ b/patches/0203-Add-crypto-sha3-package.patch |
2516 | @@ -0,0 +1,141 @@ |
2517 | +From d5b5b9bc5145c76cb1e069da5de88388a1d7e803 Mon Sep 17 00:00:00 2001 |
2518 | +From: Dimitri John Ledkov <dimitri.ledkov@canonical.com> |
2519 | +Date: Sun, 2 Jul 2023 00:59:30 +0100 |
2520 | +Subject: [PATCH 203/203] Add crypto/sha3 package |
2521 | + |
2522 | +Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com> |
2523 | +--- |
2524 | + api/go1.18.txt | 27 +++++++++++++++++ |
2525 | + src/crypto/internal/backend/openssl_linux.go | 10 ++++++ |
2526 | + src/crypto/sha3/sha3.go | 32 ++++++++++++++++++++ |
2527 | + src/go/build/deps_test.go | 10 +++--- |
2528 | + 4 files changed, 75 insertions(+), 4 deletions(-) |
2529 | + create mode 100644 src/crypto/sha3/sha3.go |
2530 | + |
2531 | +diff --git a/api/go1.18.txt b/api/go1.18.txt |
2532 | +index 0f3e26df9d..8a5feb6f5e 100644 |
2533 | +--- a/api/go1.18.txt |
2534 | ++++ b/api/go1.18.txt |
2535 | +@@ -2,6 +2,33 @@ pkg bufio, method (*Writer) AvailableBuffer() []uint8 |
2536 | + pkg bufio, method (ReadWriter) AvailableBuffer() []uint8 |
2537 | + pkg bytes, func Cut([]uint8, []uint8) ([]uint8, []uint8, bool) |
2538 | + pkg crypto/tls, method (*Conn) NetConn() net.Conn |
2539 | ++pkg crypto/sha3 (linux-386-cgo), var New224 func() hash.Hash |
2540 | ++pkg crypto/sha3 (linux-386-cgo), var New256 func() hash.Hash |
2541 | ++pkg crypto/sha3 (linux-386-cgo), var New384 func() hash.Hash |
2542 | ++pkg crypto/sha3 (linux-386-cgo), var New512 func() hash.Hash |
2543 | ++pkg crypto/sha3 (linux-386-cgo), var Sum224 func([]uint8) [28]uint8 |
2544 | ++pkg crypto/sha3 (linux-386-cgo), var Sum256 func([]uint8) [32]uint8 |
2545 | ++pkg crypto/sha3 (linux-386-cgo), var Sum384 func([]uint8) [48]uint8 |
2546 | ++pkg crypto/sha3 (linux-386-cgo), var Sum512 func([]uint8) [64]uint8 |
2547 | ++pkg crypto/sha3 (linux-386-cgo), var SupportsSHA3 func() bool |
2548 | ++pkg crypto/sha3 (linux-amd64-cgo), var New224 func() hash.Hash |
2549 | ++pkg crypto/sha3 (linux-amd64-cgo), var New256 func() hash.Hash |
2550 | ++pkg crypto/sha3 (linux-amd64-cgo), var New384 func() hash.Hash |
2551 | ++pkg crypto/sha3 (linux-amd64-cgo), var New512 func() hash.Hash |
2552 | ++pkg crypto/sha3 (linux-amd64-cgo), var Sum224 func([]uint8) [28]uint8 |
2553 | ++pkg crypto/sha3 (linux-amd64-cgo), var Sum256 func([]uint8) [32]uint8 |
2554 | ++pkg crypto/sha3 (linux-amd64-cgo), var Sum384 func([]uint8) [48]uint8 |
2555 | ++pkg crypto/sha3 (linux-amd64-cgo), var Sum512 func([]uint8) [64]uint8 |
2556 | ++pkg crypto/sha3 (linux-amd64-cgo), var SupportsSHA3 func() bool |
2557 | ++pkg crypto/sha3 (linux-arm-cgo), var New224 func() hash.Hash |
2558 | ++pkg crypto/sha3 (linux-arm-cgo), var New256 func() hash.Hash |
2559 | ++pkg crypto/sha3 (linux-arm-cgo), var New384 func() hash.Hash |
2560 | ++pkg crypto/sha3 (linux-arm-cgo), var New512 func() hash.Hash |
2561 | ++pkg crypto/sha3 (linux-arm-cgo), var Sum224 func([]uint8) [28]uint8 |
2562 | ++pkg crypto/sha3 (linux-arm-cgo), var Sum256 func([]uint8) [32]uint8 |
2563 | ++pkg crypto/sha3 (linux-arm-cgo), var Sum384 func([]uint8) [48]uint8 |
2564 | ++pkg crypto/sha3 (linux-arm-cgo), var Sum512 func([]uint8) [64]uint8 |
2565 | ++pkg crypto/sha3 (linux-arm-cgo), var SupportsSHA3 func() bool |
2566 | + pkg debug/buildinfo, func Read(io.ReaderAt) (*debug.BuildInfo, error) |
2567 | + pkg debug/buildinfo, func ReadFile(string) (*debug.BuildInfo, error) |
2568 | + pkg debug/buildinfo, type BuildInfo = debug.BuildInfo |
2569 | +diff --git a/src/crypto/internal/backend/openssl_linux.go b/src/crypto/internal/backend/openssl_linux.go |
2570 | +index 6678020bf1..94a98e1d8c 100644 |
2571 | +--- a/src/crypto/internal/backend/openssl_linux.go |
2572 | ++++ b/src/crypto/internal/backend/openssl_linux.go |
2573 | +@@ -110,6 +110,16 @@ var NewSHA256 = openssl.NewSHA256 |
2574 | + var NewSHA384 = openssl.NewSHA384 |
2575 | + var NewSHA512 = openssl.NewSHA512 |
2576 | + |
2577 | ++var SupportsSHA3 = openssl.SupportsSHA3 |
2578 | ++var NewSHA3_224 = openssl.NewSHA3_224 |
2579 | ++var NewSHA3_256 = openssl.NewSHA3_256 |
2580 | ++var NewSHA3_384 = openssl.NewSHA3_384 |
2581 | ++var NewSHA3_512 = openssl.NewSHA3_512 |
2582 | ++var SHA3_224 = openssl.SHA3_224 |
2583 | ++var SHA3_256 = openssl.SHA3_256 |
2584 | ++var SHA3_384 = openssl.SHA3_384 |
2585 | ++var SHA3_512 = openssl.SHA3_512 |
2586 | ++ |
2587 | + var NewHMAC = openssl.NewHMAC |
2588 | + |
2589 | + var NewAESCipher = openssl.NewAESCipher |
2590 | +diff --git a/src/crypto/sha3/sha3.go b/src/crypto/sha3/sha3.go |
2591 | +new file mode 100644 |
2592 | +index 0000000000..ac44533005 |
2593 | +--- /dev/null |
2594 | ++++ b/src/crypto/sha3/sha3.go |
2595 | +@@ -0,0 +1,32 @@ |
2596 | ++// Copyright 2023 Canonical Ltd. All rights reserved. |
2597 | ++// Use of this source code is governed by a BSD-style |
2598 | ++// license that can be found in the LICENSE file. |
2599 | ++ |
2600 | ++//go:build linux && cgo && !android && !gocrypt && !cmd_go_bootstrap && !msan |
2601 | ++// +build linux,cgo,!android,!gocrypt,!cmd_go_bootstrap,!msan |
2602 | ++ |
2603 | ++package sha3 |
2604 | ++ |
2605 | ++import ( |
2606 | ++ "crypto" |
2607 | ++ boring "crypto/internal/backend" |
2608 | ++) |
2609 | ++ |
2610 | ++var SupportsSHA3 = boring.SupportsSHA3 |
2611 | ++var New224 = boring.NewSHA3_224 |
2612 | ++var New256 = boring.NewSHA3_256 |
2613 | ++var New384 = boring.NewSHA3_384 |
2614 | ++var New512 = boring.NewSHA3_512 |
2615 | ++var Sum224 = boring.SHA3_224 |
2616 | ++var Sum256 = boring.SHA3_256 |
2617 | ++var Sum384 = boring.SHA3_384 |
2618 | ++var Sum512 = boring.SHA3_512 |
2619 | ++ |
2620 | ++func init() { |
2621 | ++ if boring.SupportsSHA3() { |
2622 | ++ crypto.RegisterHash(crypto.SHA3_224, New224) |
2623 | ++ crypto.RegisterHash(crypto.SHA3_256, New256) |
2624 | ++ crypto.RegisterHash(crypto.SHA3_384, New384) |
2625 | ++ crypto.RegisterHash(crypto.SHA3_512, New512) |
2626 | ++ } |
2627 | ++} |
2628 | +diff --git a/src/go/build/deps_test.go b/src/go/build/deps_test.go |
2629 | +index 809fc6658d..4ffcfe57fb 100644 |
2630 | +--- a/src/go/build/deps_test.go |
2631 | ++++ b/src/go/build/deps_test.go |
2632 | +@@ -417,16 +417,18 @@ var depsRules = ` |
2633 | + < crypto/ed25519/internal/edwards25519 |
2634 | + < crypto/cipher |
2635 | + < encoding/asn1 |
2636 | ++ < github.com/microsoft/go-crypto-openssl/openssl/internal/subtle |
2637 | ++ < github.com/microsoft/go-crypto-openssl/openssl |
2638 | ++ < github.com/microsoft/go-crypto-openssl/openssl/bbig |
2639 | ++ < github.com/microsoft/go-crypto-openssl/openssl/bbig/bridge |
2640 | + < CRYPTO; |
2641 | + |
2642 | + CRYPTO < crypto/internal/boring; |
2643 | +- |
2644 | ++ |
2645 | + CRYPTO |
2646 | +- < github.com/microsoft/go-crypto-openssl/openssl/internal/subtle |
2647 | +- < github.com/microsoft/go-crypto-openssl/openssl |
2648 | + < crypto/internal/backend |
2649 | + < crypto/aes, crypto/des, crypto/hmac, crypto/md5, crypto/rc4, |
2650 | +- crypto/sha1, crypto/sha256, crypto/sha512 |
2651 | ++ crypto/sha1, crypto/sha256, crypto/sha512, crypto/sha3 |
2652 | + < crypto/rand |
2653 | + < crypto/internal/randutil |
2654 | + < crypto/ed25519 |
2655 | +-- |
2656 | +2.34.1 |
2657 | + |
Hi, the code looks good.
But I don't understand the intention. There's no crypto/sha3 package in standard library in non-fips Go. It seems users need to import golang. org/x/crypto/ sha3 in their code. So shouldn't they just replace that path with github. com/golang- fips/openssl/ xcrypto/ sha3? It doesn't need to be a standard library in fips Go.