Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cryto/tls: Implement kemtls with mutual auth #66 #71

Open
wants to merge 70 commits into
base: cf
Choose a base branch
from
Open

cryto/tls: Implement kemtls with mutual auth #66 #71

wants to merge 70 commits into from

Conversation

claucece
Copy link
Contributor

@claucece claucece commented Mar 30, 2021
edited
Loading

Ready for review.

toothrot and others added 23 commits January 27, 2021 22:19
@toothrot
[release-branch.go1.16] go1.16rc1
3e06467 
Change-Id: I978f6df491a19a9c45ab906dbc5194b8665bf4a5
Reviewed-on: https://go-review.googlesource.com/c/go/+/287352
Run-TryBot: Alexander Rakoczy <[email protected]>
Trust: Alexander Rakoczy <[email protected]>
TryBot-Result: Go Bot <[email protected]>
Reviewed-by: Dmitri Shuralyov <[email protected]>
@toothrot
[release-branch.go1.16] all: merge master into release-branch.go1.16
e34168e 
1004a7c runtime/metrics: update documentation to current interface
6530f26 doc/go1.16: remove draft notice
353e111 doc/go1.16: fix mismatched id attribute
f0d23c9 internal/poll: netpollcheckerr before sendfile
0cb3415 doc: remove all docs not tied to distribution
626ef08 doc: remove install.html and install-source.html
30641e3 internal/poll: if copy_file_range returns 0, assume it failed
33d72fd doc/faq: update generics entry to reflect accepted proposal
852ce7c cmd/go: provide a more helpful suggestion for "go vet -?"
66c2709 cmd/link: fix typo in link_test.go
ff0e93e doc/go1.16: note that package path elements beginning with '.' are disallowed
249da7e CONTRIBUTORS: update for the Go 1.16 release
864d4f1 cmd/go: multiple small 'go help' fixes
26ceae8 spec: More precise wording in section on function calls.
930c2c9 cmd/go: reject embedded files that can't be packed into modules
e5b08e6 io/fs: allow backslash in ValidPath, reject in os.DirFS.Open
ed80790 cmd/compile: mark concrete call of reflect.(*rtype).Method as REFLECTMETHOD
e9c9683 cmd/go: suppress errors from 'go get -d' for packages that only conditionally exist
e0ac989 archive/tar: detect out of bounds accesses in PAX records resulting from padded lengths
c9d6f45 runtime/metrics: fix a couple of documentation typpos
cea4e21 io/fs: backslash is always a glob meta character
dc725bf doc/go1.16: mention new vet check for asn1.Unmarshal
1901853 runtime/metrics: fix panic in readingAllMetric example
ed3e4af syscall/plan9: remove spooky fd action at a distance
724d072 doc/go1.16: add missed heading tag in vet section
b54cd94 embed, io/fs: clarify that leading and trailing slashes are disallowed
4516afe testing/fstest: avoid symlink-induced failures in tester
8869086 runtime: fix typo in histogram.go
e491c6e math/big: fix comment in divRecursiveStep
fca94ab spec: improve the example in Type assertions section
98f8454 cmd/link: don't decode type symbol in shared library in deadcode
1426a57 cmd/link: fix off-by-1 error in findShlibSection
32e789f test: fix incorrectly laid out instructions in issue11656.go
0b6cfea doc/go1.16: document that on OpenBSD syscalls are now made through libc
26e29aa cmd/link: disable TestPIESize if CGO isn't enabled
6ac91e4 doc/go1.16: minor markup fixes
4436114 embed: update docs for proposal tweaks
68058ed runtime: document pointer write atomicity for memclrNoHeapPointers
c8bd801 syscall: generate readlen/writelen for openbsd libc
41bb49b cmd/go: revert TestScript/build_trimpath to use ioutil.ReadFile
725a642 runtime: correct syscall10/syscall10X on openbsd/amd64
4b068ca doc/go1.16: document go/build/constraint package
376518d runtime,syscall: convert syscall on openbsd/arm64 to libc

Change-Id: Icfe3d849f459eda48d7d786d0cd7b082c9c2c325
@toothrot
[release-branch.go1.16] go1.16
f21be2f 
Change-Id: I4c1350e0cb74ebfde5832973979e02997476d16c
Reviewed-on: https://go-review.googlesource.com/c/go/+/292609
TryBot-Result: Go Bot <[email protected]>
Trust: Alexander Rakoczy <[email protected]>
Run-TryBot: Alexander Rakoczy <[email protected]>
Reviewed-by: Dmitri Shuralyov <[email protected]>
Reviewed-by: Carlos Amedee <[email protected]>
@bwesterb @cjpatton
Add support for CIRCL
3649d83
@bwesterb @cjpatton
Add cfgo build tag
19e3fdf
@bwesterb @cjpatton
Add cf tag to VERSION
3ed7bfb
@bwesterb @cjpatton
circl: Update
36f08d3
@bwesterb @cjpatton
crypto: Add support for CIRCL signature schemes
23f9e99 
Co-authored-by: Christopher Patton <[email protected]>
@bwesterb @cjpatton
circl: Update and vendor golang.org/x/crypto/sha3
4e0683c
@cjpatton
crypto/tls: Implement draft-ietf-tls-esni-08
ab27ad1 
Adds initial support for the Encrypted ClientHello (ECH) extension, as
specified by draft-ietf-tls-esni-08. A few features are not implemented,
including client- and server-side padding.

This commit also adds basic support for handshake metrics:

* Adds a callback `EventHandler()` to `Config`, which can be called at
various points during the handshake to respond to various events. For
example, this callback can be used to record metrics.
* Adds calls to `EventHandler()` just before closing the TLS connection
for resolving ECH usage: whether the client offered, greased, or
bypassed ECH; and whether the server accepted, rejected, or bypassed
ECH.
@cjpatton
circl: Update to ebd10dd620d197162cf0a94b823b79c711a1c717
dfd7871 
- Update cf-copy-from-circle.py to exclude some unused packages that
  were breaking the build.
- Fix some API changes.
@cjpatton
crypto/tls: Add experimental intra-handshake timing support
b4d61d5 
Extend the experimental Event API with two new event instances:
one for client and server intra-handshake state machine durations,
respectively. Each event records elapsed timestamps (durations)
for relevant events during the course of a connection, such as
reading and writing handshake messages of interest. This will be
useful for recording intra-stack costs of TLS extensions such as
ECH and KEMTLS.
@cjpatton
crypto/tls: Fix the testingTriggerHRR condition
7440849 
The server sends an HRR if the client does not offer a key share for a
key exchange algorithm the server doesn't support. For testing purposes,
it's useful to trigger this codepath manually. If testingTriggerHRR is
set, then the server only advertises support for algorithms that the
client supports, but did not provide a key share for.

This change fixes a bug in the trigger logic. It seemed to work for the
existing algorithm preferences, but could break if the preferences
change.
@cjpatton
circl: Update to be899c60a098f3946df5e31f11250a6ffa93cd90
f14336e 
This adds an implementation of HPKE-07, which is required for ECH-09.
@cjpatton
crypto/tls: Move draft-ietf-tls-esni-08 to -09
486fc4f 
Most significant spec changes include:
* Bump HPKE-05 to -07.
* Derive acceptance confirmation from handshake secret.
* Reuse HPKE context across HRR.
* Use a new codepoint to distinguish between CHI/CHO.
* Bind context handle to AEAD encryption.

Other changes:
* Remove hrrPsk from ECHProvider.Context (breaks API).
* Prune retry configs of unknown version returned by the ECH provider.
* Add EXP_ECHKeySet, a default implementation of the ECH provider. (This
  will be useful for interop testing.)
* Require that the ECH extension not appear in OuterExtensions.
* Add event handler for outer SNI / public name mismatch.
* Remove implementation of HPKE-05
@cjpatton
crypto/tls: Consolidate CF-specific logic
222153b 
* Rename EXP_Event to CFEvent.
* Move CFEvent implementations to tls_cf.go.
* Add CFControl parameter to Config. This value will be used to
propagate Cloudflare-internal logic from the TLS configuration to HTTP
requests.
@cjpatton
Add CODEOWNERS file
d8a24ba
@claucece @cjpatton
crypto/tls: Implement draft-ietf-tls-subcerts-10
3323b85
@cjpatton
circl: Update to 8bfb091bcab9c351e21bc14a263f0bdaa79c4863
2a17ea3 
Manually removed Ristretto code because it has external dependencies.
@claucece
crypto/tls: fixes individual testing by adding insecure verify #62
33dbd35
@cjpatton
circl: Update to 3977848c88c641772e447c63a0ec29c8f4085e58
76b537c 
This change upgrades CIRCL's implementation of draft-irtf-cfrg-hpke-07
to 08. This breaks unit tests for ECH in crypto/tls, which currently
expects HPKE-07. It also modifies the implementation of OPRF.

Manually removed Ristretto code, which includes external dependencies
that break ./all.bash.
@cjpatton
crypto/tls: Move draft-ietf-tls-esni-09 to 10
7c96cb6 
This change adds support for ECH-10 and removes support for ECH-09. The
primary changes are moving to HPKE-08 and changing the ECHConfig
identifier from a client-computed value to a server-chosen value.
ECHProviders MUST use rejection sampling in choosing the configuration
identifier so as to not introduce conflicts.
@claucece
crypto/tls: define api for delegated credentials so they are fetched …
5ef1b90 
…using the same mechanisms used to fetch certificates #67 (#69)

Refactor new API

Address comments from review

Address comments from review 2

Address comments from review 3
@claucece claucece marked this pull request as draft March 30, 2021 22:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cjpatton cjpatton cjpatton left review comments

@wbl wbl wbl requested changes

@Lekensteyn Lekensteyn Awaiting requested review from Lekensteyn

@lukevalenta lukevalenta Awaiting requested review from lukevalenta

@armfazh armfazh Awaiting requested review from armfazh

At least 2 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
6 participants
@claucece @wbl @cjpatton @toothrot @bwesterb @armfazh