diff options
Diffstat (limited to 'src/crypto/tls/common.go')
-rw-r--r-- | src/crypto/tls/common.go | 22 |
1 files changed, 17 insertions, 5 deletions
diff --git a/src/crypto/tls/common.go b/src/crypto/tls/common.go index ef0b385848..121c1d9d23 100644 --- a/src/crypto/tls/common.go +++ b/src/crypto/tls/common.go @@ -22,6 +22,8 @@ import ( "time" ) +import "crypto/internal/boring" + const ( VersionTLS10 = 0x0301 VersionTLS11 = 0x0302 @@ -169,11 +171,11 @@ const ( // hash function associated with the Ed25519 signature scheme. var directSigning crypto.Hash = 0 -// supportedSignatureAlgorithms contains the signature and hash algorithms that +// defaultSupportedSignatureAlgorithms contains the signature and hash algorithms that // the code advertises as supported in a TLS 1.2+ ClientHello and in a TLS 1.2+ // CertificateRequest. The two fields are merged to match with TLS 1.3. // Note that in TLS 1.2, the ECDSA algorithms are not constrained to P-256, etc. -var supportedSignatureAlgorithms = []SignatureScheme{ +var defaultSupportedSignatureAlgorithms = []SignatureScheme{ PSSWithSHA256, ECDSAWithP256AndSHA256, Ed25519, @@ -188,10 +190,10 @@ var supportedSignatureAlgorithms = []SignatureScheme{ ECDSAWithSHA1, } -// supportedSignatureAlgorithmsTLS12 contains the signature and hash algorithms +// defaultSupportedSignatureAlgorithmsTLS12 contains the signature and hash algorithms // that are supported in TLS 1.2, where it is possible to distinguish the // protocol version. This is temporary, see Issue 32425. -var supportedSignatureAlgorithmsTLS12 = []SignatureScheme{ +var defaultSupportedSignatureAlgorithmsTLS12 = []SignatureScheme{ PKCS1WithSHA256, ECDSAWithP256AndSHA256, Ed25519, @@ -776,6 +778,9 @@ func (c *Config) time() time.Time { } func (c *Config) cipherSuites() []uint16 { + if needFIPS() { + return fipsCipherSuites(c) + } s := c.CipherSuites if s == nil { s = defaultCipherSuites() @@ -794,6 +799,9 @@ var supportedVersions = []uint16{ func (c *Config) supportedVersions(isClient bool) []uint16 { versions := make([]uint16, 0, len(supportedVersions)) for _, v := range supportedVersions { + if needFIPS() && (v < fipsMinVersion(c) || v > fipsMaxVersion(c)) { + continue + } // TLS 1.0 is the default minimum version. if (c == nil || c.MinVersion == 0) && v < VersionTLS10 { continue @@ -880,6 +888,9 @@ func supportedVersionsFromMax(maxVersion uint16) []uint16 { var defaultCurvePreferences = []CurveID{X25519, CurveP256, CurveP384, CurveP521} func (c *Config) curvePreferences() []CurveID { + if needFIPS() { + return fipsCurvePreferences(c) + } if c == nil || len(c.CurvePreferences) == 0 { return defaultCurvePreferences } @@ -1140,7 +1151,8 @@ func initDefaultCipherSuites() { hasGCMAsm = hasGCMAsmAMD64 || hasGCMAsmARM64 || hasGCMAsmS390X ) - if hasGCMAsm { + if hasGCMAsm || boring.Enabled { + // If BoringCrypto is enabled, always prioritize AES-GCM. // If AES-GCM hardware is provided then prioritise AES-GCM // cipher suites. topCipherSuites = []uint16{ |