1
0
mirror of https://github.com/golang/go synced 2024-11-26 09:58:04 -07:00

[dev.boringcrypto] crypto/internal/boring: update BoringCrypto module to certificate 3678

Replace the chroot scaffolding with Docker, which brings its own caching
and works on macOS.

Fixes #40188

Change-Id: I5c96417932e952cbaf1e2991d131c1d5dd7d9921
Reviewed-on: https://go-review.googlesource.com/c/go/+/263997
Reviewed-by: Katie Hockman <katie@golang.org>
Trust: Filippo Valsorda <filippo@golang.org>
This commit is contained in:
Filippo Valsorda 2020-10-20 19:52:21 +02:00
parent ceda58bfd0
commit f42bd50779
11 changed files with 74 additions and 128 deletions

View File

@ -2,13 +2,13 @@
We have been working inside Google on a fork of Go that uses
BoringCrypto (the core of [BoringSSL][]) for various crypto
primitives, in furtherance of some [work related to FIPS 140-2][3318].
primitives, in furtherance of some [work related to FIPS 140-2][sp].
We have heard that some external users of Go would be interested in
this code as well, so this branch holds the patches to make Go use
BoringCrypto.
[BoringSSL]: https://boringssl.googlesource.com/boringssl/
[3318]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3318.pdf
[sp]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3678.pdf
Unlike typical dev branches, we do not intend any eventual merge of
this code into the master branch. Instead we intend to maintain in

View File

@ -1 +1 @@
6
7

View File

@ -0,0 +1,42 @@
# Copyright 2020 The Go Authors. All rights reserved.
# Use of this source code is governed by a BSD-style
# license that can be found in the LICENSE file.
# This Docker image builds goboringcrypto_linux_amd64.syso according to the
# Security Policy. To use it, build the image, run it, and then extract
# /boring/godriver/goboringcrypto_linux_amd64.syso.
#
# $ docker build -t goboring:140sp3678 .
# $ docker run -it --name goboring-140sp3678 goboring:140sp3678
# $ docker cp goboring-140sp3678:/boring/godriver/goboringcrypto_linux_amd64.syso .
# $ sha256sum goboringcrypto_linux_amd64.syso # compare to docker output
FROM ubuntu:focal
RUN mkdir /boring
WORKDIR /boring
# Following 140sp3678.pdf [0] page 19, install clang 7.0.1, Go 1.12.7, and
# Ninja 1.9.0, then download and verify BoringSSL.
#
# [0]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3678.pdf
RUN apt-get update && \
apt-get install --no-install-recommends -y cmake xz-utils wget unzip ca-certificates clang-7
RUN wget https://github.com/ninja-build/ninja/releases/download/v1.9.0/ninja-linux.zip && \
unzip ninja-linux.zip && \
rm ninja-linux.zip && \
mv ninja /usr/local/bin/
RUN wget https://golang.org/dl/go1.12.7.linux-amd64.tar.gz && \
tar -C /usr/local -xzf go1.12.7.linux-amd64.tar.gz && \
rm go1.12.7.linux-amd64.tar.gz && \
ln -s /usr/local/go/bin/go /usr/local/bin/
RUN wget https://commondatastorage.googleapis.com/chromium-boringssl-fips/boringssl-ae223d6138807a13006342edfeef32e813246b39.tar.xz
RUN [ "$(sha256sum boringssl-ae223d6138807a13006342edfeef32e813246b39.tar.xz | awk '{print $1}')" = \
3b5fdf23274d4179c2077b5e8fa625d9debd7a390aac1d165b7e47234f648bb8 ]
ADD goboringcrypto.h /boring/godriver/goboringcrypto.h
ADD build.sh /boring/build.sh
ENTRYPOINT ["/boring/build.sh"]

View File

@ -4,7 +4,7 @@ are covered by the usual Go license (see ../../../../LICENSE).
The goboringcrypto_linux_amd64.syso object file is built
from BoringSSL source code by build/build.sh and is covered
by the BoringSSL license reproduced below and also at
https://boringssl.googlesource.com/boringssl/+/fips-20180730/LICENSE.
https://boringssl.googlesource.com/boringssl/+/fips-20190808/LICENSE.
BoringSSL is a fork of OpenSSL. As such, large parts of it fall under OpenSSL
licensing. Files that are completely new have a Google copyright and an ISC

View File

@ -1,50 +1,47 @@
#!/bin/bash
# Copyright 2017 The Go Authors. All rights reserved.
# Copyright 2020 The Go Authors. All rights reserved.
# Use of this source code is governed by a BSD-style
# license that can be found in the LICENSE file.
set -e
echo running build_in_chroot.sh
id
date
export LANG=C
unset LANGUAGE
# Build BoringCrypto libcrypto.a.
# Following https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3318.pdf page 19.
if ! [ -e ./boringssl/build/tool/bssl ]; then
export PATH=$PATH:/usr/lib/go-1.10/bin:/clangbin
# Following https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3678.pdf page 19.
tar xJf boringssl-*z
# Go requires -fPIC for linux/amd64 cgo builds.
# Setting -fPIC only affects the compilation of the non-module code in libcrypto.a,
# because the FIPS module itself is already built with -fPIC.
mkdir /clangbin
echo '#!/bin/bash
exec clang-6.0 -fPIC "$@"
' >/clangbin/clang
exec clang-7 -fPIC "$@"
' >/usr/local/bin/clang
echo '#!/bin/bash
exec clang++-6.0 -fPIC "$@"
' >/clangbin/clang++
chmod +x /clangbin/clang /clangbin/clang++
exec clang++-7 -fPIC "$@"
' >/usr/local/bin/clang++
chmod +x /usr/local/bin/clang /usr/local/bin/clang++
rm -rf boringssl
tar xJf ../boringssl-*z
cd boringssl
# The BoringSSL tests use Go, and cgo would look for gcc.
export CGO_ENABLED=0
# Verbatim instructions from BoringCrypto build docs.
printf "set(CMAKE_C_COMPILER \"clang\")\nset(CMAKE_CXX_COMPILER \"clang++\")\n" >${HOME}/toolchain
cd boringssl
mkdir build && cd build && cmake -GNinja -DCMAKE_TOOLCHAIN_FILE=${HOME}/toolchain -DFIPS=1 -DCMAKE_BUILD_TYPE=Release ..
ninja
ninja run_tests
cd ../..
fi
if [ "$(./boringssl/build/tool/bssl isfips)" != 1 ]; then
echo "NOT FIPS"
exit 2
fi
# Build and run test C++ program to make sure goboringcrypto.h matches openssl/*.h.
# Also collect list of checked symbols in syms.txt
set -x
@ -134,7 +131,7 @@ cat goboringcrypto.h | awk '
/typedef struct|enum ([a-z_]+ )?{|^[ \t]/ {print;next}
{gsub(/GO_/, ""); gsub(/enum go_/, "enum "); print}
' >goboringcrypto1.h
clang++-6.0 -std=c++11 -fPIC -I../boringssl/include -O2 -o a.out goboringcrypto.cc
clang++ -std=c++11 -fPIC -I../boringssl/include -O2 -o a.out goboringcrypto.cc
./a.out || exit 2
# Prepare copy of libcrypto.a with only the checked functions renamed and exported.
@ -186,7 +183,7 @@ __umodti3:
.section .note.GNU-stack,"",@progbits
EOF
clang-6.0 -c -o umod.o umod.s
clang -c -o umod.o umod.s
ld -r -nostdlib --whole-archive -o goboringcrypto.o libcrypto.a umod.o
echo __umodti3 _goboringcrypto___umodti3 >>renames.txt

View File

@ -1,6 +0,0 @@
This is not a Go package. The directory must not contain Go sources,
to prevent it from being considered a Go package.
This directory holds the script for building ../goboringcrypto_*.syso.
Run build.sh on an Ubuntu system.
See the comment at the top of build.sh for details.

View File

@ -1,64 +0,0 @@
#!/bin/bash
# Copyright 2017 The Go Authors. All rights reserved.
# Use of this source code is governed by a BSD-style
# license that can be found in the LICENSE file.
# Run on Ubuntu system set up with:
# sudo apt-get install debootstrap
# sudo apt-get install squid-deb-proxy
# sudo /etc/init.d/squid-deb-proxy start
#
# The script sets up an Ubuntu chroot and then runs the build
# in that chroot, to make sure we know exactly what software
# is being used for the build. To repeat the script reusing the
# chroot installation, run build.sh -quick. This mode is useful
# if all you've modified is goboringcrypto.c and ../goboringcrypto.h
# (or some of the setup scripts in this directory).
# Comment this setting out if not using squid-deb-proxy,
# but it will be much slower to repeat the script.
http_proxy=http://127.0.0.1:8000
chroot=/var/tmp/boringssl
sudo umount -f $chroot/proc
sudo umount -f $chroot/sys
sudo umount -f $chroot/dev/pts
sudo umount -f $chroot/dev
set -e
if [ "$1" != "-quick" ]; then
sudo rm -rf $chroot
sudo http_proxy=$http_proxy debootstrap --variant=minbase disco $chroot
fi
sudo chown $(whoami) $chroot
sudo chmod u+w $chroot
sudo mount -t proc proc $chroot/proc
sudo mount -t sysfs sys $chroot/sys
sudo mount -o bind /dev $chroot/dev
sudo mount -t devpts devpts $chroot/dev/pts
sudo cp sources.list $chroot/etc/apt/sources.list
cp *chroot.sh $chroot
# Following https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3318.pdf page 19.
if [ ! -e $chroot/boringssl-66005f41fbc3529ffe8d007708756720529da20d.tar.xz ]; then
wget -O $chroot/boringssl-66005f41fbc3529ffe8d007708756720529da20d.tar.xz https://commondatastorage.googleapis.com/chromium-boringssl-docs/fips/boringssl-66005f41fbc3529ffe8d007708756720529da20d.tar.xz
fi
if [ "$(sha256sum $chroot/boringssl-66005f41fbc3529ffe8d007708756720529da20d.tar.xz | awk '{print $1}')" != b12ad676ee533824f698741bd127f6fbc82c46344398a6d78d25e62c6c418c73 ]; then
echo WRONG SHA256SUM
exit 2
fi
rm -rf $chroot/godriver
mkdir $chroot/godriver
cp ../goboringcrypto.h $chroot/godriver
sudo http_proxy=$http_proxy chroot $chroot /root_setup_in_chroot.sh
sudo chroot --userspec=$(id -u):$(id -g) $chroot /build_in_chroot.sh
cp $chroot/godriver/goboringcrypto_linux_amd64.syso ..
sha256sum ../goboringcrypto_linux_amd64.syso
echo DONE

View File

@ -1,13 +0,0 @@
#!/bin/bash
# Copyright 2017 The Go Authors. All rights reserved.
# Use of this source code is governed by a BSD-style
# license that can be found in the LICENSE file.
set -e
id
date
echo http_proxy=$http_proxy
export LANG=C
unset LANGUAGE
apt-get update
apt-get install --no-install-recommends -y cmake clang-6.0 golang-1.10-go ninja-build xz-utils

View File

@ -1,10 +0,0 @@
deb http://archive.ubuntu.com/ubuntu/ disco main restricted
deb http://archive.ubuntu.com/ubuntu/ disco-updates main restricted
deb http://archive.ubuntu.com/ubuntu/ disco universe
deb http://archive.ubuntu.com/ubuntu/ disco-updates universe
deb http://archive.ubuntu.com/ubuntu/ disco multiverse
deb http://archive.ubuntu.com/ubuntu/ disco-updates multiverse
deb http://archive.ubuntu.com/ubuntu/ disco-backports main restricted universe multiverse
deb http://security.ubuntu.com/ubuntu disco-security main restricted
deb http://security.ubuntu.com/ubuntu disco-security universe
deb http://security.ubuntu.com/ubuntu disco-security multiverse

View File

@ -118,7 +118,7 @@ size_t _goboringcrypto_EVP_AEAD_key_length(const GO_EVP_AEAD*);
size_t _goboringcrypto_EVP_AEAD_nonce_length(const GO_EVP_AEAD*);
size_t _goboringcrypto_EVP_AEAD_max_overhead(const GO_EVP_AEAD*);
size_t _goboringcrypto_EVP_AEAD_max_tag_len(const GO_EVP_AEAD*);
typedef struct GO_EVP_AEAD_CTX { char data[24]; } GO_EVP_AEAD_CTX;
typedef struct GO_EVP_AEAD_CTX { char data[600]; } GO_EVP_AEAD_CTX;
void _goboringcrypto_EVP_AEAD_CTX_zero(GO_EVP_AEAD_CTX*);
int _goboringcrypto_EVP_AEAD_CTX_init(GO_EVP_AEAD_CTX*, const GO_EVP_AEAD*, const uint8_t*, size_t, size_t, GO_ENGINE*);
void _goboringcrypto_EVP_AEAD_CTX_cleanup(GO_EVP_AEAD_CTX*);
@ -188,7 +188,7 @@ void _goboringcrypto_RSA_free(GO_RSA*);
void _goboringcrypto_RSA_get0_key(const GO_RSA*, const GO_BIGNUM **n, const GO_BIGNUM **e, const GO_BIGNUM **d);
void _goboringcrypto_RSA_get0_factors(const GO_RSA*, const GO_BIGNUM **p, const GO_BIGNUM **q);
void _goboringcrypto_RSA_get0_crt_params(const GO_RSA*, const GO_BIGNUM **dmp1, const GO_BIGNUM **dmp2, const GO_BIGNUM **iqmp);
int _goboringcrypto_RSA_generate_key_ex(GO_RSA*, int, GO_BIGNUM*, GO_BN_GENCB*);
int _goboringcrypto_RSA_generate_key_ex(GO_RSA*, int, const GO_BIGNUM*, GO_BN_GENCB*);
int _goboringcrypto_RSA_generate_key_fips(GO_RSA*, int, GO_BN_GENCB*);
enum {
GO_RSA_PKCS1_PADDING = 1,