aboutsummaryrefslogtreecommitdiff
path: root/src/crypto/tls/common.go
diff options
context:
space:
mode:
Diffstat (limited to 'src/crypto/tls/common.go')
-rw-r--r--src/crypto/tls/common.go22
1 files changed, 17 insertions, 5 deletions
diff --git a/src/crypto/tls/common.go b/src/crypto/tls/common.go
index ef0b385848..121c1d9d23 100644
--- a/src/crypto/tls/common.go
+++ b/src/crypto/tls/common.go
@@ -22,6 +22,8 @@ import (
"time"
)
+import "crypto/internal/boring"
+
const (
VersionTLS10 = 0x0301
VersionTLS11 = 0x0302
@@ -169,11 +171,11 @@ const (
// hash function associated with the Ed25519 signature scheme.
var directSigning crypto.Hash = 0
-// supportedSignatureAlgorithms contains the signature and hash algorithms that
+// defaultSupportedSignatureAlgorithms contains the signature and hash algorithms that
// the code advertises as supported in a TLS 1.2+ ClientHello and in a TLS 1.2+
// CertificateRequest. The two fields are merged to match with TLS 1.3.
// Note that in TLS 1.2, the ECDSA algorithms are not constrained to P-256, etc.
-var supportedSignatureAlgorithms = []SignatureScheme{
+var defaultSupportedSignatureAlgorithms = []SignatureScheme{
PSSWithSHA256,
ECDSAWithP256AndSHA256,
Ed25519,
@@ -188,10 +190,10 @@ var supportedSignatureAlgorithms = []SignatureScheme{
ECDSAWithSHA1,
}
-// supportedSignatureAlgorithmsTLS12 contains the signature and hash algorithms
+// defaultSupportedSignatureAlgorithmsTLS12 contains the signature and hash algorithms
// that are supported in TLS 1.2, where it is possible to distinguish the
// protocol version. This is temporary, see Issue 32425.
-var supportedSignatureAlgorithmsTLS12 = []SignatureScheme{
+var defaultSupportedSignatureAlgorithmsTLS12 = []SignatureScheme{
PKCS1WithSHA256,
ECDSAWithP256AndSHA256,
Ed25519,
@@ -776,6 +778,9 @@ func (c *Config) time() time.Time {
}
func (c *Config) cipherSuites() []uint16 {
+ if needFIPS() {
+ return fipsCipherSuites(c)
+ }
s := c.CipherSuites
if s == nil {
s = defaultCipherSuites()
@@ -794,6 +799,9 @@ var supportedVersions = []uint16{
func (c *Config) supportedVersions(isClient bool) []uint16 {
versions := make([]uint16, 0, len(supportedVersions))
for _, v := range supportedVersions {
+ if needFIPS() && (v < fipsMinVersion(c) || v > fipsMaxVersion(c)) {
+ continue
+ }
// TLS 1.0 is the default minimum version.
if (c == nil || c.MinVersion == 0) && v < VersionTLS10 {
continue
@@ -880,6 +888,9 @@ func supportedVersionsFromMax(maxVersion uint16) []uint16 {
var defaultCurvePreferences = []CurveID{X25519, CurveP256, CurveP384, CurveP521}
func (c *Config) curvePreferences() []CurveID {
+ if needFIPS() {
+ return fipsCurvePreferences(c)
+ }
if c == nil || len(c.CurvePreferences) == 0 {
return defaultCurvePreferences
}
@@ -1140,7 +1151,8 @@ func initDefaultCipherSuites() {
hasGCMAsm = hasGCMAsmAMD64 || hasGCMAsmARM64 || hasGCMAsmS390X
)
- if hasGCMAsm {
+ if hasGCMAsm || boring.Enabled {
+ // If BoringCrypto is enabled, always prioritize AES-GCM.
// If AES-GCM hardware is provided then prioritise AES-GCM
// cipher suites.
topCipherSuites = []uint16{
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion