boring.go

     1  // Copyright 2017 The Go Authors. All rights reserved.
     2  // Use of this source code is governed by a BSD-style
     3  // license that can be found in the LICENSE file.
     4  
     5  //go:build boringcrypto
     6  
     7  package tls
     8  
     9  import (
    10  	"crypto/internal/boring/fipstls"
    11  )
    12  
    13  // needFIPS returns fipstls.Required(); it avoids a new import in common.go.
    14  func needFIPS() bool {
    15  	return fipstls.Required()
    16  }
    17  
    18  // fipsMinVersion replaces c.minVersion in FIPS-only mode.
    19  func fipsMinVersion(c *Config) uint16 {
    20  	// FIPS requires TLS 1.2.
    21  	return VersionTLS12
    22  }
    23  
    24  // fipsMaxVersion replaces c.maxVersion in FIPS-only mode.
    25  func fipsMaxVersion(c *Config) uint16 {
    26  	// FIPS requires TLS 1.2.
    27  	return VersionTLS12
    28  }
    29  
    30  // default defaultFIPSCurvePreferences is the FIPS-allowed curves,
    31  // in preference order (most preferable first).
    32  var defaultFIPSCurvePreferences = []CurveID{CurveP256, CurveP384, CurveP521}
    33  
    34  // fipsCurvePreferences replaces c.curvePreferences in FIPS-only mode.
    35  func fipsCurvePreferences(c *Config) []CurveID {
    36  	if c == nil || len(c.CurvePreferences) == 0 {
    37  		return defaultFIPSCurvePreferences
    38  	}
    39  	var list []CurveID
    40  	for _, id := range c.CurvePreferences {
    41  		for _, allowed := range defaultFIPSCurvePreferences {
    42  			if id == allowed {
    43  				list = append(list, id)
    44  				break
    45  			}
    46  		}
    47  	}
    48  	return list
    49  }
    50  
    51  // defaultCipherSuitesFIPS are the FIPS-allowed cipher suites.
    52  var defaultCipherSuitesFIPS = []uint16{
    53  	TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
    54  	TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
    55  	TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
    56  	TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
    57  	TLS_RSA_WITH_AES_128_GCM_SHA256,
    58  	TLS_RSA_WITH_AES_256_GCM_SHA384,
    59  }
    60  
    61  // fipsCipherSuites replaces c.cipherSuites in FIPS-only mode.
    62  func fipsCipherSuites(c *Config) []uint16 {
    63  	if c == nil || c.CipherSuites == nil {
    64  		return defaultCipherSuitesFIPS
    65  	}
    66  	list := make([]uint16, 0, len(defaultCipherSuitesFIPS))
    67  	for _, id := range c.CipherSuites {
    68  		for _, allowed := range defaultCipherSuitesFIPS {
    69  			if id == allowed {
    70  				list = append(list, id)
    71  				break
    72  			}
    73  		}
    74  	}
    75  	return list
    76  }
    77  
    78  // fipsSupportedSignatureAlgorithms currently are a subset of
    79  // defaultSupportedSignatureAlgorithms without Ed25519 and SHA-1.
    80  var fipsSupportedSignatureAlgorithms = []SignatureScheme{
    81  	PSSWithSHA256,
    82  	PSSWithSHA384,
    83  	PSSWithSHA512,
    84  	PKCS1WithSHA256,
    85  	ECDSAWithP256AndSHA256,
    86  	PKCS1WithSHA384,
    87  	ECDSAWithP384AndSHA384,
    88  	PKCS1WithSHA512,
    89  	ECDSAWithP521AndSHA512,
    90  }
    91  
    92  // supportedSignatureAlgorithms returns the supported signature algorithms.
    93  func supportedSignatureAlgorithms() []SignatureScheme {
    94  	if !needFIPS() {
    95  		return defaultSupportedSignatureAlgorithms
    96  	}
    97  	return fipsSupportedSignatureAlgorithms
    98  }
    99
View as plain text