Merge pull request #1459 from microsoft/add-sha512-224-256-openssl

Add SHA512-224 and SHA512-256 support for OpenSSL backend and implement its methods in other backends
microsoft · Jan 10, 2025 · bd145c4 · bd145c4
2 parents c09f0a9 + b574a60
commit bd145c4
Show file tree

Hide file tree

Showing 4 changed files with 118 additions and 92 deletions.
diff --git a/patches/0002-Add-crypto-backend-foundation.patch b/patches/0002-Add-crypto-backend-foundation.patch
@@ -34,7 +34,7 @@ Subject: [PATCH] Add crypto backend foundation
  .../internal/backend/fips140/isrequirefips.go |   9 +
  .../internal/backend/fips140/norequirefips.go |   9 +
  .../backend/fips140/nosystemcrypto.go         |  11 +
- src/crypto/internal/backend/nobackend.go      | 229 ++++++++++++++++++
+ src/crypto/internal/backend/nobackend.go      | 233 ++++++++++++++++++
  src/crypto/internal/backend/stub.s            |  10 +
  src/crypto/internal/cryptotest/allocations.go |   2 +-
  .../internal/cryptotest/implementations.go    |   2 +-
@@ -68,15 +68,15 @@ Subject: [PATCH] Add crypto backend foundation
  src/crypto/tls/handshake_server.go            |  10 +-
  src/crypto/tls/handshake_server_tls13.go      |  25 +-
  src/crypto/tls/internal/fips140tls/fipstls.go |   3 +-
- src/crypto/tls/prf.go                         |  41 ++++
+ src/crypto/tls/prf.go                         |  41 +++
  src/go/build/deps_test.go                     |   8 +-
  src/hash/boring_test.go                       |   9 +
  src/hash/example_test.go                      |   2 +
  src/hash/marshal_test.go                      |   9 +
  src/hash/notboring_test.go                    |   9 +
  src/net/smtp/smtp_test.go                     |  72 ++++--
  src/runtime/runtime_boring.go                 |   5 +
- 72 files changed, 1217 insertions(+), 89 deletions(-)
+ 72 files changed, 1221 insertions(+), 89 deletions(-)
  create mode 100644 src/crypto/dsa/boring.go
  create mode 100644 src/crypto/dsa/notboring.go
  create mode 100644 src/crypto/ed25519/boring.go
@@ -556,10 +556,10 @@ index 275c60b4de49eb..ff8bddf28c4545 100644
  	"math/big"
  )
 diff --git a/src/crypto/ecdsa/ecdsa.go b/src/crypto/ecdsa/ecdsa.go
-index 0f9749975ffba9..41ac17df22d7d7 100644
+index f682e6b1c6cfa6..049da55bd70f2c 100644
 --- a/src/crypto/ecdsa/ecdsa.go
 +++ b/src/crypto/ecdsa/ecdsa.go
-@@ -18,8 +18,8 @@ import (
+@@ -20,8 +20,8 @@ import (
  	"crypto"
  	"crypto/ecdh"
  	"crypto/elliptic"
@@ -590,7 +590,7 @@ index 039bd82ed21f9f..69a97d9bf250be 100644
  	panic("boringcrypto: not available")
 diff --git a/src/crypto/ed25519/boring.go b/src/crypto/ed25519/boring.go
 new file mode 100644
-index 00000000000000..3a7d7b76c8d8d7
+index 00000000000000..cce33e4d6cc927
 --- /dev/null
 +++ b/src/crypto/ed25519/boring.go
 @@ -0,0 +1,71 @@
@@ -633,7 +633,7 @@ index 00000000000000..3a7d7b76c8d8d7
 +
 +	b = new(boringPub)
 +	copy(b.orig[:], pub)
-+	key, err := boring.NewPublicKeyEd25119(b.orig[:])
++	key, err := boring.NewPublicKeyEd25519(b.orig[:])
 +	if err != nil {
 +		return nil, err
 +	}
@@ -657,7 +657,7 @@ index 00000000000000..3a7d7b76c8d8d7
 +
 +	b = new(boringPriv)
 +	copy(b.orig[:], priv)
-+	key, err := boring.NewPrivateKeyEd25119(b.orig[:])
++	key, err := boring.NewPrivateKeyEd25519(b.orig[:])
 +	if err != nil {
 +		return nil, err
 +	}
@@ -666,7 +666,7 @@ index 00000000000000..3a7d7b76c8d8d7
 +	return key, nil
 +}
 diff --git a/src/crypto/ed25519/ed25519.go b/src/crypto/ed25519/ed25519.go
-index c1f8ff784e4a5c..308d814ff6302b 100644
+index c1f8ff784e4a5c..6476bfbe896d6c 100644
 --- a/src/crypto/ed25519/ed25519.go
 +++ b/src/crypto/ed25519/ed25519.go
 @@ -17,6 +17,7 @@ package ed25519
@@ -767,7 +767,7 @@ index c1f8ff784e4a5c..308d814ff6302b 100644
 +		0x22, 0xab, 0xbe, 0xe6, 0x85, 0xfd, 0xa4, 0x42, 0x0f, 0x88, 0x34,
 +		0xb1, 0x08, 0xc3, 0xbd, 0xae, 0x36, 0x9e, 0xf5, 0x49, 0xfa,
 +	}
-+	pub, err := boring.NewPublicKeyEd25119(pkey)
++	pub, err := boring.NewPublicKeyEd25519(pkey)
 +	if err != nil {
 +		return false
 +	}
@@ -1148,10 +1148,10 @@ index 00000000000000..83691d7dd42d51
 +}
 diff --git a/src/crypto/internal/backend/nobackend.go b/src/crypto/internal/backend/nobackend.go
 new file mode 100644
-index 00000000000000..71e0ec9dc25a02
+index 00000000000000..3ebb6d5e4b4bb5
 --- /dev/null
 +++ b/src/crypto/internal/backend/nobackend.go
-@@ -0,0 +1,229 @@
+@@ -0,0 +1,233 @@
 +// Copyright 2017 The Go Authors. All rights reserved.
 +// Use of this source code is governed by a BSD-style
 +// license that can be found in the LICENSE file.
@@ -1180,19 +1180,23 @@ index 00000000000000..71e0ec9dc25a02
 +
 +func SupportsHash(h crypto.Hash) bool { panic("cryptobackend: not available") }
 +
-+func NewMD5() hash.Hash    { panic("cryptobackend: not available") }
-+func NewSHA1() hash.Hash   { panic("cryptobackend: not available") }
-+func NewSHA224() hash.Hash { panic("cryptobackend: not available") }
-+func NewSHA256() hash.Hash { panic("cryptobackend: not available") }
-+func NewSHA384() hash.Hash { panic("cryptobackend: not available") }
-+func NewSHA512() hash.Hash { panic("cryptobackend: not available") }
-+
-+func MD5(p []byte) (sum [16]byte)    { panic("cryptobackend: not available") }
-+func SHA1(p []byte) (sum [20]byte)   { panic("cryptobackend: not available") }
-+func SHA224(p []byte) (sum [28]byte) { panic("cryptobackend: not available") }
-+func SHA256(p []byte) (sum [32]byte) { panic("cryptobackend: not available") }
-+func SHA384(p []byte) (sum [48]byte) { panic("cryptobackend: not available") }
-+func SHA512(p []byte) (sum [64]byte) { panic("cryptobackend: not available") }
++func NewMD5() hash.Hash        { panic("cryptobackend: not available") }
++func NewSHA1() hash.Hash       { panic("cryptobackend: not available") }
++func NewSHA224() hash.Hash     { panic("cryptobackend: not available") }
++func NewSHA256() hash.Hash     { panic("cryptobackend: not available") }
++func NewSHA384() hash.Hash     { panic("cryptobackend: not available") }
++func NewSHA512() hash.Hash     { panic("cryptobackend: not available") }
++func NewSHA512_224() hash.Hash { panic("cryptobackend: not available") }
++func NewSHA512_256() hash.Hash { panic("cryptobackend: not available") }
++
++func MD5(p []byte) (sum [16]byte)        { panic("cryptobackend: not available") }
++func SHA1(p []byte) (sum [20]byte)       { panic("cryptobackend: not available") }
++func SHA224(p []byte) (sum [28]byte)     { panic("cryptobackend: not available") }
++func SHA256(p []byte) (sum [32]byte)     { panic("cryptobackend: not available") }
++func SHA384(p []byte) (sum [48]byte)     { panic("cryptobackend: not available") }
++func SHA512(p []byte) (sum [64]byte)     { panic("cryptobackend: not available") }
++func SHA512_224(p []byte) (sum [28]byte) { panic("cryptobackend: not available") }
++func SHA512_256(p []byte) (sum [32]byte) { panic("cryptobackend: not available") }
 +
 +func NewHMAC(h func() hash.Hash, key []byte) hash.Hash { panic("cryptobackend: not available") }
 +
@@ -1331,11 +1335,11 @@ index 00000000000000..71e0ec9dc25a02
 +	panic("cryptobackend: not available")
 +}
 +
-+func NewPrivateKeyEd25119(priv []byte) (*PrivateKeyEd25519, error) {
++func NewPrivateKeyEd25519(priv []byte) (*PrivateKeyEd25519, error) {
 +	panic("cryptobackend: not available")
 +}
 +
-+func NewPublicKeyEd25119(pub []byte) (*PublicKeyEd25519, error) {
++func NewPublicKeyEd25519(pub []byte) (*PublicKeyEd25519, error) {
 +	panic("cryptobackend: not available")
 +}
 +
@@ -2430,7 +2434,7 @@ index e7369542a73270..ff52175e4ac636 100644
  	}
  }
 diff --git a/src/go/build/deps_test.go b/src/go/build/deps_test.go
-index d9d985dca4ade4..de88160bcf3a1c 100644
+index a62a5173b9c6bc..b39db00839ab43 100644
 --- a/src/go/build/deps_test.go
 +++ b/src/go/build/deps_test.go
 @@ -493,6 +493,8 @@ var depsRules = `

diff --git a/patches/0003-Add-BoringSSL-crypto-backend.patch b/patches/0003-Add-BoringSSL-crypto-backend.patch
@@ -5,9 +5,9 @@ Subject: [PATCH] Add BoringSSL crypto backend
 
 ---
  .../internal/backend/bbig/big_boring.go       |  12 +
- src/crypto/internal/backend/boring_linux.go   | 263 ++++++++++++++++++
+ src/crypto/internal/backend/boring_linux.go   | 267 ++++++++++++++++++
  src/crypto/internal/backend/fips140/boring.go |  11 +
- 3 files changed, 286 insertions(+)
+ 3 files changed, 290 insertions(+)
  create mode 100644 src/crypto/internal/backend/bbig/big_boring.go
  create mode 100644 src/crypto/internal/backend/boring_linux.go
  create mode 100644 src/crypto/internal/backend/fips140/boring.go
@@ -32,10 +32,10 @@ index 00000000000000..0b62cef68546d0
 +var Dec = bbig.Dec
 diff --git a/src/crypto/internal/backend/boring_linux.go b/src/crypto/internal/backend/boring_linux.go
 new file mode 100644
-index 00000000000000..b1bd6d5ba756d7
+index 00000000000000..94bc444f10eb2b
 --- /dev/null
 +++ b/src/crypto/internal/backend/boring_linux.go
-@@ -0,0 +1,263 @@
+@@ -0,0 +1,267 @@
 +// Copyright 2017 The Go Authors. All rights reserved.
 +// Use of this source code is governed by a BSD-style
 +// license that can be found in the LICENSE file.
@@ -69,19 +69,23 @@ index 00000000000000..b1bd6d5ba756d7
 +	}
 +}
 +
-+func NewMD5() hash.Hash    { panic("cryptobackend: not available") }
-+func NewSHA1() hash.Hash   { return boring.NewSHA1() }
-+func NewSHA224() hash.Hash { return boring.NewSHA224() }
-+func NewSHA256() hash.Hash { return boring.NewSHA256() }
-+func NewSHA384() hash.Hash { return boring.NewSHA384() }
-+func NewSHA512() hash.Hash { return boring.NewSHA512() }
-+
-+func MD5(p []byte) (sum [16]byte)    { panic("cryptobackend: not available") }
-+func SHA1(p []byte) (sum [20]byte)   { return boring.SHA1(p) }
-+func SHA224(p []byte) (sum [28]byte) { return boring.SHA224(p) }
-+func SHA256(p []byte) (sum [32]byte) { return boring.SHA256(p) }
-+func SHA384(p []byte) (sum [48]byte) { return boring.SHA384(p) }
-+func SHA512(p []byte) (sum [64]byte) { return boring.SHA512(p) }
++func NewMD5() hash.Hash        { panic("cryptobackend: not available") }
++func NewSHA1() hash.Hash       { return boring.NewSHA1() }
++func NewSHA224() hash.Hash     { return boring.NewSHA224() }
++func NewSHA256() hash.Hash     { return boring.NewSHA256() }
++func NewSHA384() hash.Hash     { return boring.NewSHA384() }
++func NewSHA512() hash.Hash     { return boring.NewSHA512() }
++func NewSHA512_224() hash.Hash { panic("cryptobackend: not available") }
++func NewSHA512_256() hash.Hash { panic("cryptobackend: not available") }
++
++func MD5(p []byte) (sum [16]byte)        { panic("cryptobackend: not available") }
++func SHA1(p []byte) (sum [20]byte)       { return boring.SHA1(p) }
++func SHA224(p []byte) (sum [28]byte)     { return boring.SHA224(p) }
++func SHA256(p []byte) (sum [32]byte)     { return boring.SHA256(p) }
++func SHA384(p []byte) (sum [48]byte)     { return boring.SHA384(p) }
++func SHA512(p []byte) (sum [64]byte)     { return boring.SHA512(p) }
++func SHA512_224(p []byte) (sum [28]byte) { panic("cryptobackend: not available") }
++func SHA512_256(p []byte) (sum [32]byte) { panic("cryptobackend: not available") }
 +
 +func NewHMAC(h func() hash.Hash, key []byte) hash.Hash { return boring.NewHMAC(h, key) }
 +
@@ -249,11 +253,11 @@ index 00000000000000..b1bd6d5ba756d7
 +	panic("cryptobackend: not available")
 +}
 +
-+func NewPrivateKeyEd25119(priv []byte) (*PrivateKeyEd25519, error) {
++func NewPrivateKeyEd25519(priv []byte) (*PrivateKeyEd25519, error) {
 +	panic("cryptobackend: not available")
 +}
 +
-+func NewPublicKeyEd25119(pub []byte) (*PublicKeyEd25519, error) {
++func NewPublicKeyEd25519(pub []byte) (*PublicKeyEd25519, error) {
 +	panic("cryptobackend: not available")
 +}
 +

diff --git a/patches/0004-Add-OpenSSL-crypto-backend.patch b/patches/0004-Add-OpenSSL-crypto-backend.patch
@@ -9,7 +9,7 @@ Subject: [PATCH] Add OpenSSL crypto backend
  src/cmd/link/internal/ld/lib.go               |   1 +
  .../internal/backend/bbig/big_openssl.go      |  12 +
  .../internal/backend/fips140/openssl.go       |  41 +++
- src/crypto/internal/backend/openssl_linux.go  | 331 ++++++++++++++++++
+ src/crypto/internal/backend/openssl_linux.go  | 345 ++++++++++++++++++
  src/crypto/rsa/rsa_test.go                    |   3 +
  src/go.mod                                    |   1 +
  src/go.sum                                    |   2 +
@@ -19,15 +19,15 @@ Subject: [PATCH] Add OpenSSL crypto backend
  .../goexperiment/exp_opensslcrypto_on.go      |   9 +
  src/internal/goexperiment/flags.go            |   1 +
  src/os/exec/exec_test.go                      |   9 +
- 15 files changed, 436 insertions(+), 5 deletions(-)
+ 15 files changed, 450 insertions(+), 5 deletions(-)
  create mode 100644 src/crypto/internal/backend/bbig/big_openssl.go
  create mode 100644 src/crypto/internal/backend/fips140/openssl.go
  create mode 100644 src/crypto/internal/backend/openssl_linux.go
  create mode 100644 src/internal/goexperiment/exp_opensslcrypto_off.go
  create mode 100644 src/internal/goexperiment/exp_opensslcrypto_on.go
 
 diff --git a/src/cmd/dist/test.go b/src/cmd/dist/test.go
-index 06bd01bc5bb995..9561bf2bca9a9d 100644
+index 0c992118f4287b..0de6e80fd985a3 100644
 --- a/src/cmd/dist/test.go
 +++ b/src/cmd/dist/test.go
 @@ -1324,12 +1324,11 @@ func (t *tester) registerCgoTests(heading string) {
@@ -142,10 +142,10 @@ index 00000000000000..118efa3a492a7d
 +}
 diff --git a/src/crypto/internal/backend/openssl_linux.go b/src/crypto/internal/backend/openssl_linux.go
 new file mode 100644
-index 00000000000000..d3a663737a1ce3
+index 00000000000000..44d91d5b7ba3d5
 --- /dev/null
 +++ b/src/crypto/internal/backend/openssl_linux.go
-@@ -0,0 +1,331 @@
+@@ -0,0 +1,345 @@
 +// Copyright 2017 The Go Authors. All rights reserved.
 +// Use of this source code is governed by a BSD-style
 +// license that can be found in the LICENSE file.
@@ -233,19 +233,23 @@ index 00000000000000..d3a663737a1ce3
 +	return openssl.SupportsHash(h)
 +}
 +
-+func NewMD5() hash.Hash    { return openssl.NewMD5() }
-+func NewSHA1() hash.Hash   { return openssl.NewSHA1() }
-+func NewSHA224() hash.Hash { return openssl.NewSHA224() }
-+func NewSHA256() hash.Hash { return openssl.NewSHA256() }
-+func NewSHA384() hash.Hash { return openssl.NewSHA384() }
-+func NewSHA512() hash.Hash { return openssl.NewSHA512() }
-+
-+func MD5(p []byte) (sum [16]byte)    { return openssl.MD5(p) }
-+func SHA1(p []byte) (sum [20]byte)   { return openssl.SHA1(p) }
-+func SHA224(p []byte) (sum [28]byte) { return openssl.SHA224(p) }
-+func SHA256(p []byte) (sum [32]byte) { return openssl.SHA256(p) }
-+func SHA384(p []byte) (sum [48]byte) { return openssl.SHA384(p) }
-+func SHA512(p []byte) (sum [64]byte) { return openssl.SHA512(p) }
++func NewMD5() hash.Hash        { return openssl.NewMD5() }
++func NewSHA1() hash.Hash       { return openssl.NewSHA1() }
++func NewSHA224() hash.Hash     { return openssl.NewSHA224() }
++func NewSHA256() hash.Hash     { return openssl.NewSHA256() }
++func NewSHA384() hash.Hash     { return openssl.NewSHA384() }
++func NewSHA512() hash.Hash     { return openssl.NewSHA512() }
++func NewSHA512_224() hash.Hash { return openssl.NewSHA512_224() }
++func NewSHA512_256() hash.Hash { return openssl.NewSHA512_256() }
++
++func MD5(p []byte) (sum [16]byte)        { return openssl.MD5(p) }
++func SHA1(p []byte) (sum [20]byte)       { return openssl.SHA1(p) }
++func SHA224(p []byte) (sum [28]byte)     { return openssl.SHA224(p) }
++func SHA256(p []byte) (sum [32]byte)     { return openssl.SHA256(p) }
++func SHA384(p []byte) (sum [48]byte)     { return openssl.SHA384(p) }
++func SHA512(p []byte) (sum [64]byte)     { return openssl.SHA512(p) }
++func SHA512_224(p []byte) (sum [28]byte) { return openssl.SHA512_224(p) }
++func SHA512_256(p []byte) (sum [32]byte) { return openssl.SHA512_256(p) }
 +
 +func NewHMAC(h func() hash.Hash, key []byte) hash.Hash { return openssl.NewHMAC(h, key) }
 +
@@ -411,12 +415,22 @@ index 00000000000000..d3a663737a1ce3
 +	return openssl.GenerateKeyEd25519()
 +}
 +
++// Deprecated: use NewPrivateKeyEd25519 instead.
 +func NewPrivateKeyEd25119(priv []byte) (*PrivateKeyEd25519, error) {
-+	return openssl.NewPrivateKeyEd25119(priv)
++	return openssl.NewPrivateKeyEd25519(priv)
 +}
 +
++// Deprecated: use NewPublicKeyEd25519 instead.
 +func NewPublicKeyEd25119(pub []byte) (*PublicKeyEd25519, error) {
-+	return openssl.NewPublicKeyEd25119(pub)
++	return openssl.NewPublicKeyEd25519(pub)
++}
++
++func NewPrivateKeyEd25519(priv []byte) (*PrivateKeyEd25519, error) {
++	return openssl.NewPrivateKeyEd25519(priv)
++}
++
++func NewPublicKeyEd25519(pub []byte) (*PublicKeyEd25519, error) {
++	return openssl.NewPublicKeyEd25519(pub)
 +}
 +
 +func NewPrivateKeyEd25519FromSeed(seed []byte) (*PrivateKeyEd25519, error) {
@@ -492,7 +506,7 @@ index f9543d9cc89e7b..f07c75821aab13 100644
 
  	msg := []byte{0xed, 0x36, 0x90, 0x8d, 0xbe, 0xfc, 0x35, 0x40, 0x70, 0x4f, 0xf5, 0x9d, 0x6e, 0xc2, 0xeb, 0xf5, 0x27, 0xae, 0x65, 0xb0, 0x59, 0x29, 0x45, 0x25, 0x8c, 0xc1, 0x91, 0x22}
 diff --git a/src/go.mod b/src/go.mod
-index 7a1318dcac32ba..186ced4a1123a8 100644
+index 7a1318dcac32ba..f12d9b4d9172ab 100644
 --- a/src/go.mod
 +++ b/src/go.mod
 @@ -3,6 +3,7 @@ module std
@@ -504,7 +518,7 @@ index 7a1318dcac32ba..186ced4a1123a8 100644
  	golang.org/x/net v0.32.1-0.20241206180132-552d8ac903a1
  )
 diff --git a/src/go.sum b/src/go.sum
-index 9e661352f16e0b..0a58eccb57a869 100644
+index 9e661352f16e0b..e51f0f57540a83 100644
 --- a/src/go.sum
 +++ b/src/go.sum
 @@ -1,3 +1,5 @@
@@ -514,7 +528,7 @@ index 9e661352f16e0b..0a58eccb57a869 100644
  golang.org/x/crypto v0.30.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
  golang.org/x/net v0.32.1-0.20241206180132-552d8ac903a1 h1:+Yk1FZ5E+/ewA0nOO/HRYs9E4yeqpGOShuSAdzCNNoQ=
 diff --git a/src/go/build/deps_test.go b/src/go/build/deps_test.go
-index de88160bcf3a1c..339cb53d8a1468 100644
+index b39db00839ab43..392f8d8c52c4b6 100644
 --- a/src/go/build/deps_test.go
 +++ b/src/go/build/deps_test.go
 @@ -509,12 +509,14 @@ var depsRules = `