Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

cryto/tls: Implement kemtls with mutual auth #66 #71

Open
wants to merge 70 commits into
base: cf
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from 24 commits
Commits
Show all changes
70 commits
Select commit Hold shift + click to select a range
3e06467
[release-branch.go1.16] go1.16rc1
toothrot Jan 27, 2021
e34168e
[release-branch.go1.16] all: merge master into release-branch.go1.16
toothrot Feb 16, 2021
f21be2f
[release-branch.go1.16] go1.16
toothrot Feb 16, 2021
3649d83
Add support for CIRCL
bwesterb Jul 22, 2020
19e3fdf
Add cfgo build tag
bwesterb Jul 22, 2020
3ed7bfb
Add cf tag to VERSION
bwesterb Jul 22, 2020
36f08d3
circl: Update
bwesterb Aug 19, 2020
23f9e99
crypto: Add support for CIRCL signature schemes
bwesterb Aug 19, 2020
4e0683c
circl: Update and vendor golang.org/x/crypto/sha3
bwesterb Oct 16, 2020
ab27ad1
crypto/tls: Implement draft-ietf-tls-esni-08
cjpatton Sep 24, 2020
dfd7871
circl: Update to ebd10dd620d197162cf0a94b823b79c711a1c717
cjpatton Nov 24, 2020
b4d61d5
crypto/tls: Add experimental intra-handshake timing support
Dec 10, 2020
7440849
crypto/tls: Fix the testingTriggerHRR condition
cjpatton Dec 16, 2020
f14336e
circl: Update to be899c60a098f3946df5e31f11250a6ffa93cd90
cjpatton Dec 14, 2020
486fc4f
crypto/tls: Move draft-ietf-tls-esni-08 to -09
cjpatton Dec 23, 2020
222153b
crypto/tls: Consolidate CF-specific logic
cjpatton Feb 20, 2021
d8a24ba
Add CODEOWNERS file
cjpatton Mar 2, 2021
3323b85
crypto/tls: Implement draft-ietf-tls-subcerts-10
claucece Aug 19, 2020
2a17ea3
circl: Update to 8bfb091bcab9c351e21bc14a263f0bdaa79c4863
cjpatton Mar 3, 2021
33dbd35
crypto/tls: fixes individual testing by adding insecure verify #62
claucece Mar 15, 2021
76b537c
circl: Update to 3977848c88c641772e447c63a0ec29c8f4085e58
cjpatton Mar 18, 2021
7c96cb6
crypto/tls: Move draft-ietf-tls-esni-09 to 10
Mar 15, 2021
5ef1b90
crypto/tls: define api for delegated credentials so they are fetched …
claucece Mar 23, 2021
ea852b3
cryto/tls: Implement kemtls with mutual auth #66
claucece Mar 30, 2021
6b2790d
Address comments from review 1
claucece Apr 13, 2021
c951661
Address comments from review 2
claucece Apr 17, 2021
1c629c9
Some fixes
claucece Apr 18, 2021
574b29b
Add timings for kemtls
claucece Apr 18, 2021
b3cfe3b
Address comments from review 3
claucece Apr 18, 2021
5f70419
Change oid
claucece Apr 18, 2021
bf39098
Add pqtls: server auth
claucece Apr 19, 2021
57079e0
Add pqtls: mutual auth
claucece Apr 19, 2021
8cc3f96
Implement ed448
claucece Apr 20, 2021
63e9b07
Add a field to check for client auth
claucece Apr 21, 2021
4996072
Check if pqtls has been completed
claucece Apr 21, 2021
5d770f8
Debugging
claucece Apr 23, 2021
8bfc9e5
Other debugging
claucece Apr 23, 2021
9d7f443
Solve potential bug
claucece Apr 23, 2021
a700c72
Small check
claucece Apr 23, 2021
6b21740
Remove the insane debugging
claucece Apr 23, 2021
4af113d
Ignore if a cert was not found
claucece Apr 27, 2021
65043c4
Implemented cached information extension
claucece May 4, 2021
76558dd
Allow saving the certificate or certificate request message
claucece May 5, 2021
1086039
Solve issues with key logger and extensions
claucece May 10, 2021
66b36a9
Test cached info extension
claucece May 10, 2021
6357446
Add kemtls cached extension
claucece May 10, 2021
4f842bb
Adds stringer function for SignatureAlgorithm.
armfazh May 10, 2021
80c8ef9
Add pdk kemtls
claucece May 10, 2021
0cd8a4c
Small fix
claucece May 11, 2021
1cb0132
Add these fixes as well
claucece May 11, 2021
fe124d1
Printing to check
claucece May 11, 2021
21b5491
More printing
claucece May 11, 2021
f785ff6
Use the cert itself
claucece May 11, 2021
09b1727
Includes the experiment name based on connection. (#81)
armfazh May 11, 2021
7bb782c
Debugging
claucece May 11, 2021
f0b889f
Remove all debugging
claucece May 12, 2021
acd4fed
Correctly send the messages in pdk kemtls
claucece May 12, 2021
cf50d22
adds default case to switch
armfazh May 12, 2021
8f403ad
Reseting timer at each round. (#82)
armfazh May 13, 2021
231c034
Timing fixes
claucece May 13, 2021
a7bdd1c
Other fixes
claucece May 13, 2021
67a4639
Timings
claucece May 13, 2021
4c16d33
Debugging
claucece May 16, 2021
4865474
Back to normal
claucece May 16, 2021
eba51c1
Other debugging
claucece May 16, 2021
fe4c069
Other debugging 2
claucece May 16, 2021
4f0dc63
Other debugging
claucece May 17, 2021
4adcbf3
Remove all checks
claucece May 26, 2021
9dd05cf
Remove printing lines
claucece Jul 20, 2021
29e977d
Add debugging
claucece Jul 21, 2021
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
6 changes: 6 additions & 0 deletions CODEOWNERS
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
* @armfazh @cjpatton @claucece @Lekensteyn @wbl
src/circl @armfazh
src/crypto/tls @claucece @Lekensteyn
src/crypto/x509 @wbl @cjpatton
src/internal/cpu @armfazh
src/net/http @Lekensteyn
1 change: 1 addition & 0 deletions VERSION
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
go1.16-devel-cf
83 changes: 83 additions & 0 deletions cf-copy-from-circle.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,83 @@
# Temporary file: copies Dilithium from Cloudflare's circl library into crypto.

import os
import sys
import tempfile
import subprocess

base = os.path.dirname(os.path.abspath(sys.argv[0]))

REPO = 'https://github.com/cloudflare/circl'
BRANCH = 'master'

circl = os.path.join(base, 'src/circl')

if os.path.exists(circl):
print("Removing old circl ...")
subprocess.check_call(['rm', '-r', '-f', circl])

with tempfile.TemporaryDirectory() as d:
print(f"Cloning {REPO} branch {BRANCH} ...")
subprocess.check_call(['git', 'clone', REPO, '--branch', BRANCH],
cwd=d)

print("Copying ...")
subprocess.check_call(['cp', '-r',
os.path.join(d, 'circl'),
circl,
])

print("Removing avo sourcecode (for now) ...")
# XXX figure out a way to prevent ./src/all.sh from trying to build the
# asm folders that require avo.
subprocess.check_call(['rm', '-r',
os.path.join(circl, 'simd/keccakf1600/internal/asm'),
os.path.join(circl, 'sign/dilithium/internal/common/asm'),
os.path.join(circl, 'pke/kyber/internal/common/asm'),
])

print("Removing templates (for now) ...")
# XXX figure out a way to prevent build/deps_test.go from trying to pase
# the templates.
subprocess.check_call(['rm', '-r',
os.path.join(circl, 'sign/dilithium/templates'),
os.path.join(circl, 'sign/dilithium/gen.go'),
])

#print("Removing unused packages ...")
#subprocess.check_call(['rm', '-r', '-f',
# os.path.join(circl, 'group'),
#])

print("Removing misc cruft ...")
subprocess.check_call(['rm', '-r', '-f',
os.path.join(circl, '.git'),
os.path.join(circl, 'go.mod'),
os.path.join(circl, 'go.sum'),
os.path.join(circl, '.etc'),
os.path.join(circl, 'Makefile'),
os.path.join(circl, 'codecov.yml'),
])

print("Correcting import paths ...")

def correct(fn):
with open(fn, 'rb') as f:
s = f.read()
s = s.replace(
b'github.com/cloudflare/circl',
b'circl',
).replace(
b'golang.org/x/sys/cpu',
b'internal/cpu',
)
with open(fn, 'wb') as f:
f.write(s)

for subdir, _, files in os.walk(circl):
for fn in files:
correct(os.path.join(subdir, fn))


print("Formatting ....")
subprocess.check_call(['go', 'fmt', './...'], cwd=circl)
73 changes: 73 additions & 0 deletions src/circl/.github/workflows/ci-actions.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,73 @@
name: CIRCL
on:
push:
branches:
- master
pull_request:
branches:
- master
jobs:
amd64_job:
name: Go-${{matrix.GOVER}}/amd64
runs-on: ubuntu-18.04
strategy:
matrix:
GOVER: ['1.16', '1.15', '1.14', '1.13', '1.12']
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Linting
uses: golangci/golangci-lint-action@v2
with:
version: v1.29
args: --config=./.etc/golangci.yml ./...
- name: Setup Go-${{ matrix.GOVER }}
uses: actions/setup-go@v2
with:
go-version: ${{ matrix.GOVER }}
- name: Verifying Code
run: |
go generate -v ./... && test -z "$(git status --porcelain)"
go vet ./...
- name: Building
run: go build -v ./...
- name: Testing
run: go test -v -count=1 ./...
exotic_job:
name: Go-${{matrix.CFG[2]}}/${{matrix.CFG[0]}}
runs-on: ubuntu-18.04
strategy:
matrix:
CFG: [ [arm64,arm64v8,1.16] ]
steps:
- uses: actions/checkout@v2
- name: Enabling Docker Experimental
run: |
echo $'{\n "experimental": true\n}' | sudo tee /etc/docker/daemon.json
sudo service docker restart
- name: Pulling Images
run: |
docker pull -q multiarch/qemu-user-static
docker pull -q --platform linux/${{matrix.CFG[0]}} ${{matrix.CFG[1]}}/golang:${{matrix.CFG[2]}}
docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
- name: Testing
run: |
docker run --rm -v `pwd`:`pwd` -w `pwd` ${{matrix.CFG[1]}}/golang:${{matrix.CFG[2]}} go test -v ./...
coverage_amd64_job:
needs: [ amd64_job ]
if: github.event_name == 'push'
runs-on: ubuntu-18.04
name: amd64/coverage
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Setup Go
uses: actions/setup-go@v2
with:
go-version: '1.16'
- name: Produce Coverage
run: go test -race -coverprofile=./coverage.txt -covermode=atomic ./...
- name: Upload Codecov
uses: codecov/codecov-action@v1
with:
file: ./coverage.txt
2 changes: 2 additions & 0 deletions src/circl/.gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
build/
go.mod
57 changes: 57 additions & 0 deletions src/circl/LICENSE
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
Copyright (c) 2019 Cloudflare. All rights reserved.

Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are
met:

* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above
copyright notice, this list of conditions and the following disclaimer
in the documentation and/or other materials provided with the
distribution.
* Neither the name of Cloudflare nor the names of its
contributors may be used to endorse or promote products derived from
this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

========================================================================

Copyright (c) 2009 The Go Authors. All rights reserved.

Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are
met:

* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above
copyright notice, this list of conditions and the following disclaimer
in the documentation and/or other materials provided with the
distribution.
* Neither the name of Google Inc. nor the names of its
contributors may be used to endorse or promote products derived from
this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
105 changes: 105 additions & 0 deletions src/circl/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,105 @@
<img src=".etc/icon.png" align="right" height="300" width="300"/>

# CIRCL

[![CIRCL](https://circl/workflows/CIRCL/badge.svg)](https://circl/actions)
[![GoDoc](https://godoc.org/circl?status.svg)](https://pkg.go.dev/circl?tab=overview)
[![Go Report Card](https://goreportcard.com/badge/circl)](https://goreportcard.com/report/circl)
[![codecov](https://codecov.io/gh/cloudflare/circl/branch/master/graph/badge.svg)](https://codecov.io/gh/cloudflare/circl)

**CIRCL** (Cloudflare Interoperable, Reusable Cryptographic Library) is a collection
of cryptographic primitives written in Go. The goal of this library is to be used as a tool for
experimental deployment of cryptographic algorithms targeting Post-Quantum (PQ) and Elliptic
Curve Cryptography (ECC).

## Security Disclaimer

🚨 This library is offered as-is, and without a guarantee. Therefore, it is expected that changes in the code, repository, and API occur in the future. We recommend to take caution before using this library in a production application since part of its content is experimental.

## Installation

You can get it by typing:

```sh
go get -u circl
```

## Versioning

Version numbers are [Semvers](https://semver.org/). We release a minor version for new functionality, a major version for breaking API changes, and increment the patchlevel for bugfixes.

## Implemented Primitives

| Category | Algorithms | Description | Applications |
|-----------|------------|-------------|--------------|
| PQ Key Exchange | SIDH | SIDH provide key exchange mechanisms using ephemeral keys. | Post-quantum key exchange in TLS |
| PQ Key Exchange | cSIDH | Isogeny based drop-in replacement for Diffie–Hellman | Post-Quantum Key exchange. |
| PQ KEM | SIKE | SIKE is a key encapsulation mechanism (KEM). | Post-quantum key exchange in TLS |
| Key Exchange | X25519, X448 | RFC-7748 provides new key exchange mechanisms based on Montgomery elliptic curves. | TLS 1.3. Secure Shell. |
| Key Exchange | FourQ | One of the fastest elliptic curves at 128-bit security level. | Experimental for key agreement and digital signatures. |
| Key Exchange / Digital signatures | P-384 | Our optimizations reduce the burden when moving from P-256 to P-384. | ECDSA and ECDH using Suite B at top secret level. |
| Digital Signatures | Ed25519, Ed448 | RFC-8032 provides new signature schemes based on Edwards curves. | Digital certificates and authentication. |
| Key Encapsulation | P-256, P-384, P-521, X25519 and X448 | Key encapsulation methods based on Diffie-Hellman. | HPKE |
| Hybrid Public-Key Encryption | Base, Auth, PSK, AuthPSK | [HPKE](https://www.ietf.org/archive/id/draft-irtf-cfrg-hpke-07.html) is a combination of KEM and AEAD. | TLS |
| PQ KEM/PKE | Kyber | Lattice (M-LWE) based IND-CCA2 secure key encapsulation mechanism and IND-CPA secure public key encryption | Post-Quantum Key exchange |
| PQ Digital Signatures | Dilithium, Hybrid modes | Lattice (Module LWE) based signature scheme | Post-Quantum PKI |

### Work in Progress

| Category | Algorithms | Description | Applications |
|----------|------------|-------------|--------------|
| Hashing to Elliptic Curve Groups | Several algorithms: Elligator2, Ristretto, SWU, Icart. | Protocols based on elliptic curves require hash functions that map bit strings to points on an elliptic curve. | VOPRF. OPAQUE. PAKE. Verifiable random functions. |
| Bilinear Pairings | Plans for moving BN256 to stronger pairing curves. | A bilineal pairing is a mathematical operation that enables the implementation of advanced cryptographic protocols, such as identity-based encryption (IBE), short digital signatures (BLS), and attribute-based encryption (ABE). | Geo Key Manager, Randomness Beacon, Ethereum and other blockchain applications. |
| PQ KEM | HRSS-SXY | Lattice (NTRU) based key encapsulation mechanism. | Key exchange for low-latency environments |
| PQ Digital Signatures | SPHINCS+ | Stateless hash-based signature scheme | Post-Quantum PKI |

## Testing and Benchmarking

Library comes with number of make targets which can be used for testing and
benchmarking:

- ``test`` performs testing of the binary.
- ``bench`` runs benchmarks.
- ``cover`` produces coverage.
- ``lint`` runs set of linters on the code base.

## Contributing

To contribute, fork this repository and make your changes, and then make a Pull
Request. A Pull Request requires approval of the admin team and a successful
CI build.

## How to Cite

To cite CIRCL, use one of the following formats and update with the date
you accessed this project.

APA Style

```
Faz-Hernández, A. and Kwiatkowski, K. (2019). Introducing CIRCL:
An Advanced Cryptographic Library. Cloudflare. Available at
https://circl. Accessed Feb 2021.
```

Bibtex Source

```bibtex
@manual{circl,
title = {Introducing CIRCL: An Advanced Cryptographic Library},
author = {Armando Faz-Hern\'{a}ndez and Kris Kwiatkowski},
organization = {Cloudflare},
abstract = {{CIRCL (Cloudflare Interoperable, Reusable Cryptographic Library) is
a collection of cryptographic primitives written in Go. The goal
of this library is to be used as a tool for experimental
deployment of cryptographic algorithms targeting Post-Quantum (PQ)
and Elliptic Curve Cryptography (ECC).}},
note = {Available at \url{https://circl}. Accessed Feb 2021},
month = jun,
year = {2019}
}
```

## License

The project is licensed under the [BSD-3-Clause License](./LICENSE).
Loading