mirror of
https://github.com/slackhq/nebula.git
synced 2026-07-02 11:30:29 +02:00
WIP
This commit is contained in:
@@ -1,5 +1,3 @@
|
|||||||
//go:build fips140v1.0 || fips140v1.26
|
|
||||||
|
|
||||||
package noiseutil
|
package noiseutil
|
||||||
|
|
||||||
import (
|
import (
|
||||||
@@ -12,17 +10,12 @@ import (
|
|||||||
"github.com/flynn/noise"
|
"github.com/flynn/noise"
|
||||||
)
|
)
|
||||||
|
|
||||||
// EncryptLockNeeded indicates if calls to Encrypt need a lock
|
|
||||||
// This is true for fips140 because the Seal function verifies that the
|
|
||||||
// nonce is strictly increasing.
|
|
||||||
const EncryptLockNeeded = true
|
|
||||||
|
|
||||||
// TODO: Use NewGCMWithCounterNonce once available:
|
// TODO: Use NewGCMWithCounterNonce once available:
|
||||||
// - https://github.com/golang/go/issues/73110
|
// - https://github.com/golang/go/issues/73110
|
||||||
// Using tls.aeadAESGCM gives us the TLS 1.2 GCM, which also verifies
|
// Using tls.aeadAESGCM gives us the TLS 1.2 GCM, which also verifies
|
||||||
// that the nonce is strictly increasing.
|
// that the nonce is strictly increasing.
|
||||||
//
|
//
|
||||||
//go:linkname aeadAESGCM crypto/tls.aeadAESGCM
|
//go:linkname aeadAESGCM crypto/tls.aeadAESGCMTLS13
|
||||||
func aeadAESGCM(key, noncePrefix []byte) cipher.AEAD
|
func aeadAESGCM(key, noncePrefix []byte) cipher.AEAD
|
||||||
|
|
||||||
type cipherFn struct {
|
type cipherFn struct {
|
||||||
@@ -37,10 +30,13 @@ func (c cipherFn) CipherName() string { return c.name }
|
|||||||
var CipherAESGCM noise.CipherFunc = cipherFn{cipherAESGCMFIPS140, "AESGCM"}
|
var CipherAESGCM noise.CipherFunc = cipherFn{cipherAESGCMFIPS140, "AESGCM"}
|
||||||
|
|
||||||
// tls.aeadAESGCM uses a 4 byte static prefix and an 8 byte nonce
|
// tls.aeadAESGCM uses a 4 byte static prefix and an 8 byte nonce
|
||||||
var emptyPrefix = []byte{0, 0, 0, 0}
|
var emptyPrefix = []byte{0, 0, 0, 0,
|
||||||
|
0, 0, 0, 0,
|
||||||
|
0, 0, 0, 0}
|
||||||
|
|
||||||
func cipherAESGCMFIPS140(k [32]byte) noise.Cipher {
|
func cipherAESGCMFIPS140(k [32]byte) noise.Cipher {
|
||||||
gcm := aeadAESGCM(k[:], emptyPrefix)
|
gcm := aeadAESGCM(k[:], emptyPrefix)
|
||||||
|
gcm.Seal([]byte{}, []byte{0, 0, 0, 0, 0, 0, 0, 0}, []byte{}, []byte{})
|
||||||
return aeadCipher{
|
return aeadCipher{
|
||||||
gcm,
|
gcm,
|
||||||
func(n uint64) []byte {
|
func(n uint64) []byte {
|
||||||
|
|||||||
@@ -1,5 +1,3 @@
|
|||||||
//go:build fips140v1.0 || fips140v1.26
|
|
||||||
|
|
||||||
package noiseutil
|
package noiseutil
|
||||||
|
|
||||||
import (
|
import (
|
||||||
@@ -11,16 +9,15 @@ import (
|
|||||||
"github.com/stretchr/testify/assert"
|
"github.com/stretchr/testify/assert"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestEncryptLockNeeded(t *testing.T) {
|
|
||||||
assert.True(t, EncryptLockNeeded)
|
|
||||||
}
|
|
||||||
|
|
||||||
// Ensure NewAESGCM validates the nonce is non-repeating
|
// Ensure NewAESGCM validates the nonce is non-repeating
|
||||||
func TestNewAESGCM(t *testing.T) {
|
func TestNewAESGCM(t *testing.T) {
|
||||||
assert.True(t, fips140.Enabled())
|
if !fips140.Enabled() {
|
||||||
|
t.Skip()
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
key, _ := hex.DecodeString("feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308")
|
key, _ := hex.DecodeString("feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308")
|
||||||
iv, _ := hex.DecodeString("00000000facedbaddecaf888")
|
iv, _ := hex.DecodeString("facedbaddecaf888")
|
||||||
plaintext, _ := hex.DecodeString("d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39")
|
plaintext, _ := hex.DecodeString("d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39")
|
||||||
aad, _ := hex.DecodeString("feedfacedeadbeeffeedfacedeadbeefabaddad2")
|
aad, _ := hex.DecodeString("feedfacedeadbeeffeedfacedeadbeefabaddad2")
|
||||||
expected, _ := hex.DecodeString("72ce2ea385f88c20d856e9d1248c2ca08562bbe8a61459ffae06ec393540518e9b6b4c40a146053f26a3df83c5384a48d273148b15aba64d970107432b2892741359275676441c1572c3fa9e")
|
expected, _ := hex.DecodeString("72ce2ea385f88c20d856e9d1248c2ca08562bbe8a61459ffae06ec393540518e9b6b4c40a146053f26a3df83c5384a48d273148b15aba64d970107432b2892741359275676441c1572c3fa9e")
|
||||||
|
|||||||
@@ -1,13 +1,13 @@
|
|||||||
//go:build !boringcrypto && !fips140v1.0 && !fips140v1.26
|
//go:build !boringcrypto
|
||||||
|
|
||||||
package noiseutil
|
package noiseutil
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"github.com/flynn/noise"
|
"crypto/fips140"
|
||||||
)
|
)
|
||||||
|
|
||||||
// EncryptLockNeeded indicates if calls to Encrypt need a lock
|
// EncryptLockNeeded indicates if calls to Encrypt need a lock
|
||||||
const EncryptLockNeeded = false
|
var EncryptLockNeeded = fips140.Enabled()
|
||||||
|
|
||||||
// CipherAESGCM is the standard noise.CipherAESGCM when boringcrypto is not enabled
|
// CipherAESGCM is the standard noise.CipherAESGCM when boringcrypto is not enabled
|
||||||
var CipherAESGCM noise.CipherFunc = noise.CipherAESGCM
|
// var CipherAESGCM noise.CipherFunc = noise.CipherAESGCM
|
||||||
|
|||||||
Reference in New Issue
Block a user