2022-09-15 16:34:41 +00:00
|
|
|
use pbkdf2 from OpenSSL if FIPS mode is enabled
|
|
|
|
|
|
|
|
This patch modifies the x/crypto/pbkdf2 function to use OpenSSL
|
|
|
|
if FIPS mode is enabled.
|
|
|
|
|
2021-06-07 15:24:19 +00:00
|
|
|
diff --git a/vendor/golang.org/x/crypto/internal/boring/boring.go b/vendor/golang.org/x/crypto/internal/boring/boring.go
|
|
|
|
new file mode 100644
|
2022-09-15 16:34:41 +00:00
|
|
|
index 0000000000..5a06918832
|
2021-06-07 15:24:19 +00:00
|
|
|
--- /dev/null
|
|
|
|
+++ b/vendor/golang.org/x/crypto/internal/boring/boring.go
|
|
|
|
@@ -0,0 +1,74 @@
|
|
|
|
+// Copyright 2017 The Go Authors. All rights reserved.
|
|
|
|
+// Copyright 2021 Red Hat.
|
|
|
|
+// Use of this source code is governed by a BSD-style
|
|
|
|
+// license that can be found in the LICENSE file.
|
|
|
|
+
|
|
|
|
+// +build linux
|
|
|
|
+// +build !android
|
|
|
|
+// +build !no_openssl
|
|
|
|
+// +build !cmd_go_bootstrap
|
|
|
|
+// +build !msan
|
|
|
|
+
|
|
|
|
+package boring
|
|
|
|
+
|
|
|
|
+// #include "openssl_pbkdf2.h"
|
|
|
|
+// #cgo LDFLAGS: -ldl
|
|
|
|
+import "C"
|
|
|
|
+import (
|
|
|
|
+ "bytes"
|
|
|
|
+ "crypto/sha1"
|
|
|
|
+ "crypto/sha256"
|
|
|
|
+ "hash"
|
|
|
|
+ "unsafe"
|
|
|
|
+)
|
|
|
|
+
|
|
|
|
+var (
|
|
|
|
+ emptySha1 = sha1.Sum([]byte{})
|
|
|
|
+ emptySha256 = sha256.Sum256([]byte{})
|
|
|
|
+)
|
|
|
|
+
|
|
|
|
+func hashToMD(h hash.Hash) *C.GO_EVP_MD {
|
|
|
|
+ emptyHash := h.Sum([]byte{})
|
|
|
|
+
|
|
|
|
+ switch {
|
|
|
|
+ case bytes.Equal(emptyHash, emptySha1[:]):
|
|
|
|
+ return C._goboringcrypto_EVP_sha1()
|
|
|
|
+ case bytes.Equal(emptyHash, emptySha256[:]):
|
|
|
|
+ return C._goboringcrypto_EVP_sha256()
|
|
|
|
+ }
|
|
|
|
+ return nil
|
|
|
|
+}
|
|
|
|
+
|
|
|
|
+// charptr returns the address of the underlying array in b,
|
|
|
|
+// being careful not to panic when b has zero length.
|
|
|
|
+func charptr(b []byte) *C.char {
|
|
|
|
+ if len(b) == 0 {
|
|
|
|
+ return nil
|
|
|
|
+ }
|
|
|
|
+ return (*C.char)(unsafe.Pointer(&b[0]))
|
|
|
|
+}
|
|
|
|
+
|
|
|
|
+// ucharptr returns the address of the underlying array in b,
|
|
|
|
+// being careful not to panic when b has zero length.
|
|
|
|
+func ucharptr(b []byte) *C.uchar {
|
|
|
|
+ if len(b) == 0 {
|
|
|
|
+ return nil
|
|
|
|
+ }
|
|
|
|
+ return (*C.uchar)(unsafe.Pointer(&b[0]))
|
|
|
|
+}
|
|
|
|
+
|
|
|
|
+func Pbkdf2Key(password, salt []byte, iter, keyLen int, h func() hash.Hash) []byte {
|
|
|
|
+ // println("[debug] using pbkdf2 from OpenSSL")
|
|
|
|
+ ch := h()
|
|
|
|
+ md := hashToMD(ch)
|
|
|
|
+ if md == nil {
|
|
|
|
+ return nil
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ out := make([]byte, keyLen)
|
|
|
|
+ ok := C._goboringcrypto_PKCS5_PBKDF2_HMAC(charptr(password), C.int(len(password)), ucharptr(salt), C.int(len(salt)), C.int(iter), md, C.int(keyLen), ucharptr(out))
|
|
|
|
+ if ok != 1 {
|
|
|
|
+ panic("boringcrypto: PKCS5_PBKDF2_HMAC failed")
|
|
|
|
+ }
|
|
|
|
+ return out
|
|
|
|
+}
|
|
|
|
diff --git a/vendor/golang.org/x/crypto/internal/boring/notboring.go b/vendor/golang.org/x/crypto/internal/boring/notboring.go
|
|
|
|
new file mode 100644
|
2022-09-15 16:34:41 +00:00
|
|
|
index 0000000000..e244fb5663
|
2021-06-07 15:24:19 +00:00
|
|
|
--- /dev/null
|
|
|
|
+++ b/vendor/golang.org/x/crypto/internal/boring/notboring.go
|
|
|
|
@@ -0,0 +1,16 @@
|
|
|
|
+// Copyright 2017 The Go Authors. All rights reserved.
|
|
|
|
+// Copyright 2021 Red Hat.
|
|
|
|
+// Use of this source code is governed by a BSD-style
|
|
|
|
+// license that can be found in the LICENSE file.
|
|
|
|
+
|
|
|
|
+// +build !linux !cgo android cmd_go_bootstrap msan no_openssl
|
|
|
|
+
|
|
|
|
+package boring
|
|
|
|
+
|
|
|
|
+import (
|
|
|
|
+ "hash"
|
|
|
|
+)
|
|
|
|
+
|
|
|
|
+func Pbkdf2Key(password, salt []byte, iter, keyLen int, h func() hash.Hash) []byte {
|
|
|
|
+ panic("boringcrypto: not available")
|
|
|
|
+}
|
|
|
|
diff --git a/vendor/golang.org/x/crypto/internal/boring/openssl_pbkdf2.h b/vendor/golang.org/x/crypto/internal/boring/openssl_pbkdf2.h
|
|
|
|
new file mode 100644
|
2022-09-15 16:34:41 +00:00
|
|
|
index 0000000000..6dfdf10424
|
2021-06-07 15:24:19 +00:00
|
|
|
--- /dev/null
|
|
|
|
+++ b/vendor/golang.org/x/crypto/internal/boring/openssl_pbkdf2.h
|
|
|
|
@@ -0,0 +1,5 @@
|
|
|
|
+#include "/usr/lib/golang/src/crypto/internal/boring/goboringcrypto.h"
|
|
|
|
+
|
|
|
|
+DEFINEFUNC(int, PKCS5_PBKDF2_HMAC,
|
|
|
|
+ (const char *pass, int passlen, const unsigned char *salt, int saltlen, int iter, EVP_MD *digest, int keylen, unsigned char *out),
|
|
|
|
+ (pass, passlen, salt, saltlen, iter, digest, keylen, out))
|
|
|
|
diff --git a/vendor/golang.org/x/crypto/pbkdf2/pbkdf2.go b/vendor/golang.org/x/crypto/pbkdf2/pbkdf2.go
|
2022-09-15 16:34:41 +00:00
|
|
|
index 593f653008..799a611f94 100644
|
2021-06-07 15:24:19 +00:00
|
|
|
--- a/vendor/golang.org/x/crypto/pbkdf2/pbkdf2.go
|
|
|
|
+++ b/vendor/golang.org/x/crypto/pbkdf2/pbkdf2.go
|
|
|
|
@@ -19,8 +19,11 @@ pbkdf2.Key.
|
|
|
|
package pbkdf2 // import "golang.org/x/crypto/pbkdf2"
|
|
|
|
|
|
|
|
import (
|
|
|
|
+ "crypto/boring"
|
|
|
|
"crypto/hmac"
|
|
|
|
"hash"
|
|
|
|
+
|
|
|
|
+ xboring "golang.org/x/crypto/internal/boring"
|
|
|
|
)
|
|
|
|
|
|
|
|
// Key derives a key from the password, salt and iteration count, returning a
|
|
|
|
@@ -40,6 +43,10 @@ import (
|
|
|
|
// Using a higher iteration count will increase the cost of an exhaustive
|
|
|
|
// search but will also make derivation proportionally slower.
|
|
|
|
func Key(password, salt []byte, iter, keyLen int, h func() hash.Hash) []byte {
|
|
|
|
+ if boring.Enabled() {
|
|
|
|
+ return xboring.Pbkdf2Key(password, salt, iter, keyLen, h)
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
prf := hmac.New(h, password)
|
|
|
|
hashLen := prf.Size()
|
|
|
|
numBlocks := (keyLen + hashLen - 1) / hashLen
|