diff options
Diffstat (limited to 'src/crypto/internal/boring')
-rw-r--r-- | src/crypto/internal/boring/bbig/big.go | 33 | ||||
-rw-r--r-- | src/crypto/internal/boring/boring.go | 18 | ||||
-rw-r--r-- | src/crypto/internal/boring/doc.go | 5 | ||||
-rw-r--r-- | src/crypto/internal/boring/ecdsa.go | 37 | ||||
-rw-r--r-- | src/crypto/internal/boring/notboring.go | 18 | ||||
-rw-r--r-- | src/crypto/internal/boring/rsa.go | 9 |
6 files changed, 63 insertions, 57 deletions
diff --git a/src/crypto/internal/boring/bbig/big.go b/src/crypto/internal/boring/bbig/big.go new file mode 100644 index 00000000000..5ce46972b31 --- /dev/null +++ b/src/crypto/internal/boring/bbig/big.go @@ -0,0 +1,33 @@ +// Copyright 2022 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package bbig + +import ( + "crypto/internal/boring" + "math/big" + "unsafe" +) + +func Enc(b *big.Int) boring.BigInt { + if b == nil { + return nil + } + x := b.Bits() + if len(x) == 0 { + return boring.BigInt{} + } + return unsafe.Slice((*uint)(&x[0]), len(x)) +} + +func Dec(b boring.BigInt) *big.Int { + if b == nil { + return nil + } + if len(b) == 0 { + return new(big.Int) + } + x := unsafe.Slice((*big.Word)(&b[0]), len(b)) + return new(big.Int).SetBits(x) +} diff --git a/src/crypto/internal/boring/boring.go b/src/crypto/internal/boring/boring.go index dd9eac569b8..d46166e4e16 100644 --- a/src/crypto/internal/boring/boring.go +++ b/src/crypto/internal/boring/boring.go @@ -17,7 +17,6 @@ import "C" import ( "crypto/internal/boring/sig" _ "crypto/internal/boring/syso" - "math/big" "math/bits" "unsafe" ) @@ -60,7 +59,7 @@ type fail string func (e fail) Error() string { return "boringcrypto: " + string(e) + " failed" } -func wbase(b []big.Word) *C.uint8_t { +func wbase(b BigInt) *C.uint8_t { if len(b) == 0 { return nil } @@ -69,20 +68,19 @@ func wbase(b []big.Word) *C.uint8_t { const wordBytes = bits.UintSize / 8 -func bigToBN(x *big.Int) *C.GO_BIGNUM { - raw := x.Bits() - return C._goboringcrypto_BN_le2bn(wbase(raw), C.size_t(len(raw)*wordBytes), nil) +func bigToBN(x BigInt) *C.GO_BIGNUM { + return C._goboringcrypto_BN_le2bn(wbase(x), C.size_t(len(x)*wordBytes), nil) } -func bnToBig(bn *C.GO_BIGNUM) *big.Int { - raw := make([]big.Word, (C._goboringcrypto_BN_num_bytes(bn)+wordBytes-1)/wordBytes) - if C._goboringcrypto_BN_bn2le_padded(wbase(raw), C.size_t(len(raw)*wordBytes), bn) == 0 { +func bnToBig(bn *C.GO_BIGNUM) BigInt { + x := make(BigInt, (C._goboringcrypto_BN_num_bytes(bn)+wordBytes-1)/wordBytes) + if C._goboringcrypto_BN_bn2le_padded(wbase(x), C.size_t(len(x)*wordBytes), bn) == 0 { panic("boringcrypto: bignum conversion failed") } - return new(big.Int).SetBits(raw) + return x } -func bigToBn(bnp **C.GO_BIGNUM, b *big.Int) bool { +func bigToBn(bnp **C.GO_BIGNUM, b BigInt) bool { if *bnp != nil { C._goboringcrypto_BN_free(*bnp) *bnp = nil diff --git a/src/crypto/internal/boring/doc.go b/src/crypto/internal/boring/doc.go index 64f41e3c823..6060fe5951a 100644 --- a/src/crypto/internal/boring/doc.go +++ b/src/crypto/internal/boring/doc.go @@ -12,3 +12,8 @@ package boring // // BoringCrypto is only available on linux/amd64 systems. const Enabled = available + +// A BigInt is the raw words from a BigInt. +// This definition allows us to avoid importing math/big. +// Conversion between BigInt and *big.Int is in crypto/internal/boring/bbig. +type BigInt []uint diff --git a/src/crypto/internal/boring/ecdsa.go b/src/crypto/internal/boring/ecdsa.go index 20612e6a2c0..884c4b746d2 100644 --- a/src/crypto/internal/boring/ecdsa.go +++ b/src/crypto/internal/boring/ecdsa.go @@ -10,15 +10,13 @@ package boring // #include "goboringcrypto.h" import "C" import ( - "encoding/asn1" "errors" - "math/big" "runtime" "unsafe" ) type ecdsaSignature struct { - R, S *big.Int + R, S BigInt } type PrivateKeyECDSA struct { @@ -53,7 +51,7 @@ func curveNID(curve string) (C.int, error) { return 0, errUnknownCurve } -func NewPublicKeyECDSA(curve string, X, Y *big.Int) (*PublicKeyECDSA, error) { +func NewPublicKeyECDSA(curve string, X, Y BigInt) (*PublicKeyECDSA, error) { key, err := newECKey(curve, X, Y) if err != nil { return nil, err @@ -67,7 +65,7 @@ func NewPublicKeyECDSA(curve string, X, Y *big.Int) (*PublicKeyECDSA, error) { return k, nil } -func newECKey(curve string, X, Y *big.Int) (*C.GO_EC_KEY, error) { +func newECKey(curve string, X, Y BigInt) (*C.GO_EC_KEY, error) { nid, err := curveNID(curve) if err != nil { return nil, err @@ -100,7 +98,7 @@ func newECKey(curve string, X, Y *big.Int) (*C.GO_EC_KEY, error) { return key, nil } -func NewPrivateKeyECDSA(curve string, X, Y *big.Int, D *big.Int) (*PrivateKeyECDSA, error) { +func NewPrivateKeyECDSA(curve string, X, Y BigInt, D BigInt) (*PrivateKeyECDSA, error) { key, err := newECKey(curve, X, Y) if err != nil { return nil, err @@ -123,22 +121,6 @@ func NewPrivateKeyECDSA(curve string, X, Y *big.Int, D *big.Int) (*PrivateKeyECD return k, nil } -func SignECDSA(priv *PrivateKeyECDSA, hash []byte) (r, s *big.Int, err error) { - // We could use ECDSA_do_sign instead but would need to convert - // the resulting BIGNUMs to *big.Int form. If we're going to do a - // conversion, converting the ASN.1 form is more convenient and - // likely not much more expensive. - sig, err := SignMarshalECDSA(priv, hash) - if err != nil { - return nil, nil, err - } - var esig ecdsaSignature - if _, err := asn1.Unmarshal(sig, &esig); err != nil { - return nil, nil, err - } - return esig.R, esig.S, nil -} - func SignMarshalECDSA(priv *PrivateKeyECDSA, hash []byte) ([]byte, error) { size := C._goboringcrypto_ECDSA_size(priv.key) sig := make([]byte, size) @@ -150,20 +132,13 @@ func SignMarshalECDSA(priv *PrivateKeyECDSA, hash []byte) ([]byte, error) { return sig[:sigLen], nil } -func VerifyECDSA(pub *PublicKeyECDSA, hash []byte, r, s *big.Int) bool { - // We could use ECDSA_do_verify instead but would need to convert - // r and s to BIGNUM form. If we're going to do a conversion, marshaling - // to ASN.1 is more convenient and likely not much more expensive. - sig, err := asn1.Marshal(ecdsaSignature{r, s}) - if err != nil { - return false - } +func VerifyECDSA(pub *PublicKeyECDSA, hash []byte, sig []byte) bool { ok := C._goboringcrypto_ECDSA_verify(0, base(hash), C.size_t(len(hash)), (*C.uint8_t)(unsafe.Pointer(&sig[0])), C.size_t(len(sig)), pub.key) != 0 runtime.KeepAlive(pub) return ok } -func GenerateKeyECDSA(curve string) (X, Y, D *big.Int, err error) { +func GenerateKeyECDSA(curve string) (X, Y, D BigInt, err error) { nid, err := curveNID(curve) if err != nil { return nil, nil, nil, err diff --git a/src/crypto/internal/boring/notboring.go b/src/crypto/internal/boring/notboring.go index df165885849..bb88fb00048 100644 --- a/src/crypto/internal/boring/notboring.go +++ b/src/crypto/internal/boring/notboring.go @@ -12,7 +12,6 @@ import ( "crypto/cipher" "crypto/internal/boring/sig" "hash" - "math/big" ) const available = false @@ -55,22 +54,19 @@ func NewAESCipher(key []byte) (cipher.Block, error) { panic("boringcrypto: not a type PublicKeyECDSA struct{ _ int } type PrivateKeyECDSA struct{ _ int } -func GenerateKeyECDSA(curve string) (X, Y, D *big.Int, err error) { +func GenerateKeyECDSA(curve string) (X, Y, D BigInt, err error) { panic("boringcrypto: not available") } -func NewPrivateKeyECDSA(curve string, X, Y, D *big.Int) (*PrivateKeyECDSA, error) { +func NewPrivateKeyECDSA(curve string, X, Y, D BigInt) (*PrivateKeyECDSA, error) { panic("boringcrypto: not available") } -func NewPublicKeyECDSA(curve string, X, Y *big.Int) (*PublicKeyECDSA, error) { - panic("boringcrypto: not available") -} -func SignECDSA(priv *PrivateKeyECDSA, hash []byte) (r, s *big.Int, err error) { +func NewPublicKeyECDSA(curve string, X, Y BigInt) (*PublicKeyECDSA, error) { panic("boringcrypto: not available") } func SignMarshalECDSA(priv *PrivateKeyECDSA, hash []byte) ([]byte, error) { panic("boringcrypto: not available") } -func VerifyECDSA(pub *PublicKeyECDSA, hash []byte, r, s *big.Int) bool { +func VerifyECDSA(pub *PublicKeyECDSA, hash []byte, sig []byte) bool { panic("boringcrypto: not available") } @@ -95,13 +91,13 @@ func EncryptRSAPKCS1(pub *PublicKeyRSA, msg []byte) ([]byte, error) { func EncryptRSANoPadding(pub *PublicKeyRSA, msg []byte) ([]byte, error) { panic("boringcrypto: not available") } -func GenerateKeyRSA(bits int) (N, E, D, P, Q, Dp, Dq, Qinv *big.Int, err error) { +func GenerateKeyRSA(bits int) (N, E, D, P, Q, Dp, Dq, Qinv BigInt, err error) { panic("boringcrypto: not available") } -func NewPrivateKeyRSA(N, E, D, P, Q, Dp, Dq, Qinv *big.Int) (*PrivateKeyRSA, error) { +func NewPrivateKeyRSA(N, E, D, P, Q, Dp, Dq, Qinv BigInt) (*PrivateKeyRSA, error) { panic("boringcrypto: not available") } -func NewPublicKeyRSA(N, E *big.Int) (*PublicKeyRSA, error) { panic("boringcrypto: not available") } +func NewPublicKeyRSA(N, E BigInt) (*PublicKeyRSA, error) { panic("boringcrypto: not available") } func SignRSAPKCS1v15(priv *PrivateKeyRSA, h crypto.Hash, hashed []byte) ([]byte, error) { panic("boringcrypto: not available") } diff --git a/src/crypto/internal/boring/rsa.go b/src/crypto/internal/boring/rsa.go index 642287709e5..64c83c21c5b 100644 --- a/src/crypto/internal/boring/rsa.go +++ b/src/crypto/internal/boring/rsa.go @@ -14,14 +14,13 @@ import ( "crypto/subtle" "errors" "hash" - "math/big" "runtime" "strconv" "unsafe" ) -func GenerateKeyRSA(bits int) (N, E, D, P, Q, Dp, Dq, Qinv *big.Int, err error) { - bad := func(e error) (N, E, D, P, Q, Dp, Dq, Qinv *big.Int, err error) { +func GenerateKeyRSA(bits int) (N, E, D, P, Q, Dp, Dq, Qinv BigInt, err error) { + bad := func(e error) (N, E, D, P, Q, Dp, Dq, Qinv BigInt, err error) { return nil, nil, nil, nil, nil, nil, nil, nil, e } @@ -47,7 +46,7 @@ type PublicKeyRSA struct { _key *C.GO_RSA } -func NewPublicKeyRSA(N, E *big.Int) (*PublicKeyRSA, error) { +func NewPublicKeyRSA(N, E BigInt) (*PublicKeyRSA, error) { key := C._goboringcrypto_RSA_new() if key == nil { return nil, fail("RSA_new") @@ -78,7 +77,7 @@ type PrivateKeyRSA struct { _key *C.GO_RSA } -func NewPrivateKeyRSA(N, E, D, P, Q, Dp, Dq, Qinv *big.Int) (*PrivateKeyRSA, error) { +func NewPrivateKeyRSA(N, E, D, P, Q, Dp, Dq, Qinv BigInt) (*PrivateKeyRSA, error) { key := C._goboringcrypto_RSA_new() if key == nil { return nil, fail("RSA_new") |