nebula

Author SHA1 Message Date

Author	SHA1	Message	Date
Wade Simmons	31ed9269d7	add test for GOEXPERIMENT=boringcrypto (#861 ) * add test for GOEXPERIMENT=boringcrypto * fix NebulaCertificate.Sign Set the PublicKey field in a more compatible way for the tests. The current method grabs the public key from the certificate, but the correct thing to do is to derive it from the private key. Either way doesn't really matter as I don't think the Sign method actually even uses the PublicKey field. * assert boring * cleanup tests	2023-05-08 13:27:01 -04:00
Wade Simmons	e0553822b0	Use NewGCMTLS (when using experiment boringcrypto) (#803 ) * Use NewGCMTLS (when using experiment boringcrypto) This change only affects builds built using `GOEXPERIMENT=boringcrypto`. When built with this experiment, we use the NewGCMTLS() method exposed by goboring, which validates that the nonce is strictly monotonically increasing. This is the TLS 1.2 specification for nonce generation (which also matches the method used by the Noise Protocol) - https://github.com/golang/go/blob/go1.19/src/crypto/tls/cipher_suites.go#L520-L522 - https://github.com/golang/go/blob/go1.19/src/crypto/internal/boring/aes.go#L235-L237 - https://github.com/golang/go/blob/go1.19/src/crypto/internal/boring/aes.go#L250 - `ae223d6138/include/openssl/aead.h (L379-L381)` - `ae223d6138/crypto/fipsmodule/cipher/e_aes.c (L1082-L1093)` * need to lock around EncryptDanger in SendVia * fix link to test vector	2023-04-05 11:08:23 -04:00

Wade Simmons

31ed9269d7

add test for GOEXPERIMENT=boringcrypto (#861 )

* add test for GOEXPERIMENT=boringcrypto

* fix NebulaCertificate.Sign

Set the PublicKey field in a more compatible way for the tests. The
current method grabs the public key from the certificate, but the
correct thing to do is to derive it from the private key. Either way
doesn't really matter as I don't think the Sign method actually even
uses the PublicKey field.

* assert boring

* cleanup tests

2023-05-08 13:27:01 -04:00

Wade Simmons

e0553822b0

Use NewGCMTLS (when using experiment boringcrypto) (#803 )

* Use NewGCMTLS (when using experiment boringcrypto)

This change only affects builds built using `GOEXPERIMENT=boringcrypto`.
When built with this experiment, we use the NewGCMTLS() method exposed by
goboring, which validates that the nonce is strictly monotonically increasing.
This is the TLS 1.2 specification for nonce generation (which also matches the
method used by the Noise Protocol)

- https://github.com/golang/go/blob/go1.19/src/crypto/tls/cipher_suites.go#L520-L522
- https://github.com/golang/go/blob/go1.19/src/crypto/internal/boring/aes.go#L235-L237
- https://github.com/golang/go/blob/go1.19/src/crypto/internal/boring/aes.go#L250
- ae223d6138/include/openssl/aead.h (L379-L381)
- ae223d6138/crypto/fipsmodule/cipher/e_aes.c (L1082-L1093)

* need to lock around EncryptDanger in SendVia

* fix link to test vector

2023-04-05 11:08:23 -04:00

2 Commits