From d2794114f4b3129692fa75240a1bee09c12568bd Mon Sep 17 00:00:00 2001 From: Ryan Richard Date: Thu, 8 Feb 2024 09:43:30 -0800 Subject: [PATCH] Revert support TLS 1.3 in FIPS mode because Go reverted goboring upgrade Goboring only allows TLS 1.2. The next goboring will allow both TLS 1.2 and TLS 1.3. We got a preview of this when the Go team upgraded goboring in Go 1.21.6, but then downgraded it again in the next Go releases. When the Go team eventually upgrades goboring again, then we can revert this commit to bring back TLS 1.3 support in FIPS mode. --- internal/crypto/ptls/fips_strict.go | 29 +++++++++++++++++++---------- internal/crypto/ptls/secure.go | 2 ++ 2 files changed, 21 insertions(+), 10 deletions(-) diff --git a/internal/crypto/ptls/fips_strict.go b/internal/crypto/ptls/fips_strict.go index 6cf4bfd82..b040bb12e 100644 --- a/internal/crypto/ptls/fips_strict.go +++ b/internal/crypto/ptls/fips_strict.go @@ -1,8 +1,7 @@ // Copyright 2022-2024 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -// The configurations here override the usual ptls.Default and ptls.DefaultLDAP -// configs when Pinniped is built in fips-only mode. +// The configurations here override the usual configs when Pinniped is built in fips-only mode. //go:build fips_strict package ptls @@ -14,16 +13,15 @@ import ( "path/filepath" "runtime" + "k8s.io/apiserver/pkg/server/options" + // Cause fipsonly tls mode with this side effect import. _ "go.pinniped.dev/internal/crypto/fips" "go.pinniped.dev/internal/plog" ) -// goboring now also supports TLS 1.3 starting in Golang 1.21.6 -// (see https://github.com/golang/go/issues/64717), -// so we can use TLS 1.3 as the minimum TLS version for our "secure" configuration -// profile in both FIPS and non-FIPS compiled binaries. -// Hence, we no longer redefine the Secure() function in this file. +// Until goboring supports TLS 1.3, use TLS 1.2. +const SecureTLSConfigMinTLSVersion = tls.VersionTLS12 func init() { switch filepath.Base(os.Args[0]) { @@ -40,9 +38,8 @@ func init() { func Default(rootCAs *x509.CertPool) *tls.Config { return &tls.Config{ MinVersion: tls.VersionTLS12, - // goboring now also supports TLS 1.3 (see https://github.com/golang/go/issues/64717) - // so this default configuration can allow either 1.2 or 1.3 - MaxVersion: SecureTLSConfigMinTLSVersion, + // Until goboring supports TLS 1.3, make the max version 1.2. + MaxVersion: tls.VersionTLS12, // This is all the fips-approved TLS 1.2 ciphers. // The list is hard-coded for convenience of testing. @@ -53,6 +50,8 @@ func Default(rootCAs *x509.CertPool) *tls.Config { tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, + tls.TLS_RSA_WITH_AES_128_GCM_SHA256, + tls.TLS_RSA_WITH_AES_256_GCM_SHA384, }, // enable HTTP2 for go's 1.7 HTTP Server @@ -65,6 +64,16 @@ func Default(rootCAs *x509.CertPool) *tls.Config { } } +// Until goboring supports TLS 1.3, make the Secure profile the same as the Default profile in FIPS mode. +func Secure(rootCAs *x509.CertPool) *tls.Config { + return Default(rootCAs) +} + func DefaultLDAP(rootCAs *x509.CertPool) *tls.Config { return Default(rootCAs) } + +// Until goboring supports TLS 1.3, make secureServing use the same as the defaultServing profile in FIPS mode. +func secureServing(opts *options.SecureServingOptionsWithLoopback) { + defaultServing(opts) +} diff --git a/internal/crypto/ptls/secure.go b/internal/crypto/ptls/secure.go index 7f628f18f..d08139443 100644 --- a/internal/crypto/ptls/secure.go +++ b/internal/crypto/ptls/secure.go @@ -1,6 +1,8 @@ // Copyright 2021-2024 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 +//go:build !fips_strict + package ptls import (