diff --git a/.github/workflows/go-crypto.yml b/.github/workflows/go-crypto.yml deleted file mode 100644 index 77818b529e..0000000000 --- a/.github/workflows/go-crypto.yml +++ /dev/null @@ -1,42 +0,0 @@ -# Workflow to test different crypto backends -# Don't test std go as this is already tested by the other testsuite - -on: [push, pull_request] -name: Go Crypto - -jobs: - unit: - strategy: - fail-fast: false - matrix: - os: [ "ubuntu" ] - go: [ "1.19.x" ] - backend: [ "boringcrypto", "openssl" ] - env: - COVERAGES: "" - runs-on: ${{ format('{0}-latest', matrix.os) }} - name: ${{ matrix.os }} ${{ matrix.backend }} (go ${{ matrix.go }}) - steps: - - uses: actions/checkout@v2 - with: - submodules: recursive - - uses: actions/setup-go@v2 - with: - go-version: ${{ matrix.go }} - - name: Go information - run: | - go version - go env - - name: Run repo-specific setup - uses: ./.github/actions/go-test-setup - if: hashFiles('./.github/actions/go-test-setup') != '' - - name: Run tests - run: | - if [[ "$backend" == "boringcrypto" ]]; then export GOEXPERIMENT="boringcrypto"; fi - if [[ "$backend" == "openssl" ]]; then export GOTAGS="-tags=openssl"; fi - go test $GOTAGS -v -shuffle=on ./... - cd core/crypto - # ensure that the boringcrypto build do infact contains boringcrypto symbols - if [[ "$backend" == "boringcrypto" ]]; then go test -c . && objdump -x crypto.test | grep goboringcrypto -q; fi - env: - backend: ${{ matrix.backend }} diff --git a/core/crypto/key_openssl.go b/core/crypto/key_openssl.go deleted file mode 100644 index 7a13ff69a9..0000000000 --- a/core/crypto/key_openssl.go +++ /dev/null @@ -1,101 +0,0 @@ -//go:build openssl -// +build openssl - -package crypto - -import ( - "crypto" - "crypto/ecdsa" - "crypto/ed25519" - "crypto/rsa" - "crypto/x509" - - "github.com/libp2p/go-libp2p/core/internal/catch" - - "github.com/decred/dcrd/dcrec/secp256k1/v4" - "github.com/libp2p/go-openssl" -) - -// KeyPairFromStdKey wraps standard library (and secp256k1) private keys in libp2p/go-libp2p/core/crypto keys -func KeyPairFromStdKey(priv crypto.PrivateKey) (_priv PrivKey, _pub PubKey, err error) { - if priv == nil { - return nil, nil, ErrNilPrivateKey - } - - switch p := priv.(type) { - case *rsa.PrivateKey: - defer func() { catch.HandlePanic(recover(), &err, "x509 private key marshaling") }() - pk, err := openssl.LoadPrivateKeyFromDER(x509.MarshalPKCS1PrivateKey(p)) - if err != nil { - return nil, nil, err - } - - return &opensslPrivateKey{pk}, &opensslPublicKey{key: pk}, nil - - case *ecdsa.PrivateKey: - return &ECDSAPrivateKey{p}, &ECDSAPublicKey{&p.PublicKey}, nil - - case *ed25519.PrivateKey: - pubIfc := p.Public() - pub, _ := pubIfc.(ed25519.PublicKey) - return &Ed25519PrivateKey{*p}, &Ed25519PublicKey{pub}, nil - - case *secp256k1.PrivateKey: - sPriv := Secp256k1PrivateKey(*p) - sPub := Secp256k1PublicKey(*p.PubKey()) - return &sPriv, &sPub, nil - - default: - return nil, nil, ErrBadKeyType - } -} - -// PrivKeyToStdKey converts libp2p/go-libp2p/core/crypto private keys to standard library (and secp256k1) private keys -func PrivKeyToStdKey(priv PrivKey) (_priv crypto.PrivateKey, err error) { - if priv == nil { - return nil, ErrNilPrivateKey - } - switch p := priv.(type) { - case *opensslPrivateKey: - defer func() { catch.HandlePanic(recover(), &err, "x509 private key parsing") }() - raw, err := p.Raw() - if err != nil { - return nil, err - } - return x509.ParsePKCS1PrivateKey(raw) - case *ECDSAPrivateKey: - return p.priv, nil - case *Ed25519PrivateKey: - return &p.k, nil - case *Secp256k1PrivateKey: - return p, nil - default: - return nil, ErrBadKeyType - } -} - -// PubKeyToStdKey converts libp2p/go-libp2p/core/crypto private keys to standard library (and secp256k1) public keys -func PubKeyToStdKey(pub PubKey) (key crypto.PublicKey, err error) { - if pub == nil { - return nil, ErrNilPublicKey - } - - switch p := pub.(type) { - case *opensslPublicKey: - defer func() { catch.HandlePanic(recover(), &err, "x509 public key parsing") }() - - raw, err := p.Raw() - if err != nil { - return nil, err - } - return x509.ParsePKIXPublicKey(raw) - case *ECDSAPublicKey: - return p.pub, nil - case *Ed25519PublicKey: - return p.k, nil - case *Secp256k1PublicKey: - return p, nil - default: - return nil, ErrBadKeyType - } -} diff --git a/core/crypto/key_not_openssl.go b/core/crypto/key_to_stdlib.go similarity index 97% rename from core/crypto/key_not_openssl.go rename to core/crypto/key_to_stdlib.go index 0032467528..aead1d2513 100644 --- a/core/crypto/key_not_openssl.go +++ b/core/crypto/key_to_stdlib.go @@ -1,6 +1,3 @@ -//go:build !openssl -// +build !openssl - package crypto import ( diff --git a/core/crypto/openssl_common.go b/core/crypto/openssl_common.go deleted file mode 100644 index d97eb08b84..0000000000 --- a/core/crypto/openssl_common.go +++ /dev/null @@ -1,104 +0,0 @@ -//go:build openssl -// +build openssl - -package crypto - -import ( - "sync" - - pb "github.com/libp2p/go-libp2p/core/crypto/pb" - - "github.com/libp2p/go-openssl" -) - -// define these as separate types so we can add more key types later and reuse -// code. - -type opensslPublicKey struct { - key openssl.PublicKey - - cacheLk sync.Mutex - cached []byte -} - -type opensslPrivateKey struct { - key openssl.PrivateKey -} - -func unmarshalOpensslPrivateKey(b []byte) (opensslPrivateKey, error) { - sk, err := openssl.LoadPrivateKeyFromDER(b) - if err != nil { - return opensslPrivateKey{}, err - } - return opensslPrivateKey{sk}, nil -} - -func unmarshalOpensslPublicKey(b []byte) (opensslPublicKey, error) { - sk, err := openssl.LoadPublicKeyFromDER(b) - if err != nil { - return opensslPublicKey{}, err - } - return opensslPublicKey{key: sk, cached: b}, nil -} - -// Verify compares a signature against input data -func (pk *opensslPublicKey) Verify(data, sig []byte) (bool, error) { - err := pk.key.VerifyPKCS1v15(openssl.SHA256_Method, data, sig) - return err == nil, err -} - -func (pk *opensslPublicKey) Type() pb.KeyType { - switch pk.key.KeyType() { - case openssl.KeyTypeRSA: - return pb.KeyType_RSA - default: - return -1 - } -} - -func (pk *opensslPublicKey) Raw() ([]byte, error) { - return pk.key.MarshalPKIXPublicKeyDER() -} - -// Equals checks whether this key is equal to another -func (pk *opensslPublicKey) Equals(k Key) bool { - k0, ok := k.(*RsaPublicKey) - if !ok { - return basicEquals(pk, k) - } - - return pk.key.Equal(k0.opensslPublicKey.key) -} - -// Sign returns a signature of the input data -func (sk *opensslPrivateKey) Sign(message []byte) ([]byte, error) { - return sk.key.SignPKCS1v15(openssl.SHA256_Method, message) -} - -// GetPublic returns a public key -func (sk *opensslPrivateKey) GetPublic() PubKey { - return &opensslPublicKey{key: sk.key} -} - -func (sk *opensslPrivateKey) Type() pb.KeyType { - switch sk.key.KeyType() { - case openssl.KeyTypeRSA: - return pb.KeyType_RSA - default: - return -1 - } -} - -func (sk *opensslPrivateKey) Raw() ([]byte, error) { - return sk.key.MarshalPKCS1PrivateKeyDER() -} - -// Equals checks whether this key is equal to another -func (sk *opensslPrivateKey) Equals(k Key) bool { - k0, ok := k.(*RsaPrivateKey) - if !ok { - return basicEquals(sk, k) - } - - return sk.key.Equal(k0.opensslPrivateKey.key) -} diff --git a/core/crypto/rsa_go.go b/core/crypto/rsa_go.go index 1324447d2e..7927d17d18 100644 --- a/core/crypto/rsa_go.go +++ b/core/crypto/rsa_go.go @@ -1,6 +1,3 @@ -//go:build !openssl -// +build !openssl - package crypto import ( diff --git a/core/crypto/rsa_openssl.go b/core/crypto/rsa_openssl.go deleted file mode 100644 index 4e8269ff49..0000000000 --- a/core/crypto/rsa_openssl.go +++ /dev/null @@ -1,69 +0,0 @@ -//go:build openssl -// +build openssl - -package crypto - -import ( - "errors" - "io" - - openssl "github.com/libp2p/go-openssl" -) - -// RsaPrivateKey is an rsa private key -type RsaPrivateKey struct { - opensslPrivateKey -} - -// RsaPublicKey is an rsa public key -type RsaPublicKey struct { - opensslPublicKey -} - -// GenerateRSAKeyPair generates a new rsa private and public key -func GenerateRSAKeyPair(bits int, _ io.Reader) (PrivKey, PubKey, error) { - if bits < MinRsaKeyBits { - return nil, nil, ErrRsaKeyTooSmall - } - - key, err := openssl.GenerateRSAKey(bits) - if err != nil { - return nil, nil, err - } - return &RsaPrivateKey{opensslPrivateKey{key}}, &RsaPublicKey{opensslPublicKey{key: key}}, nil -} - -// GetPublic returns a public key -func (sk *RsaPrivateKey) GetPublic() PubKey { - return &RsaPublicKey{opensslPublicKey{key: sk.opensslPrivateKey.key}} -} - -// UnmarshalRsaPrivateKey returns a private key from the input x509 bytes -func UnmarshalRsaPrivateKey(b []byte) (PrivKey, error) { - key, err := unmarshalOpensslPrivateKey(b) - if err != nil { - return nil, err - } - if 8*key.key.Size() < MinRsaKeyBits { - return nil, ErrRsaKeyTooSmall - } - if key.Type() != RSA { - return nil, errors.New("not actually an rsa public key") - } - return &RsaPrivateKey{key}, nil -} - -// UnmarshalRsaPublicKey returns a public key from the input x509 bytes -func UnmarshalRsaPublicKey(b []byte) (PubKey, error) { - key, err := unmarshalOpensslPublicKey(b) - if err != nil { - return nil, err - } - if 8*key.key.Size() < MinRsaKeyBits { - return nil, ErrRsaKeyTooSmall - } - if key.Type() != RSA { - return nil, errors.New("not actually an rsa public key") - } - return &RsaPublicKey{key}, nil -} diff --git a/go.mod b/go.mod index 941258988c..34a7023c7a 100644 --- a/go.mod +++ b/go.mod @@ -27,7 +27,6 @@ require ( github.com/libp2p/go-msgio v0.2.0 github.com/libp2p/go-nat v0.1.0 github.com/libp2p/go-netroute v0.2.1 - github.com/libp2p/go-openssl v0.1.0 github.com/libp2p/go-reuseport v0.2.0 github.com/libp2p/go-yamux/v4 v4.0.0 github.com/libp2p/zeroconf/v2 v2.2.0 @@ -89,7 +88,6 @@ require ( github.com/marten-seemann/qtls-go1-18 v0.1.3 // indirect github.com/marten-seemann/qtls-go1-19 v0.1.1 // indirect github.com/mattn/go-isatty v0.0.16 // indirect - github.com/mattn/go-pointer v0.0.1 // indirect github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect github.com/miekg/dns v1.1.50 // indirect github.com/mikioh/tcpopt v0.0.0-20190314235656-172688c1accc // indirect @@ -102,7 +100,6 @@ require ( github.com/prometheus/client_model v0.3.0 // indirect github.com/prometheus/common v0.37.0 // indirect github.com/prometheus/procfs v0.8.0 // indirect - github.com/spacemonkeygo/spacelog v0.0.0-20180420211403-2296661a0572 // indirect github.com/spaolacci/murmur3 v1.1.0 // indirect github.com/syndtr/goleveldb v1.0.0 // indirect go.uber.org/atomic v1.10.0 // indirect diff --git a/go.sum b/go.sum index 76783b2be0..ea636deca9 100644 --- a/go.sum +++ b/go.sum @@ -312,8 +312,6 @@ github.com/libp2p/go-nat v0.1.0/go.mod h1:X7teVkwRHNInVNWQiO/tAiAVRwSr5zoRz4YSTC github.com/libp2p/go-netroute v0.1.2/go.mod h1:jZLDV+1PE8y5XxBySEBgbuVAXbhtuHSdmLPL2n9MKbk= github.com/libp2p/go-netroute v0.2.1 h1:V8kVrpD8GK0Riv15/7VN6RbUQ3URNZVosw7H2v9tksU= github.com/libp2p/go-netroute v0.2.1/go.mod h1:hraioZr0fhBjG0ZRXJJ6Zj2IVEVNx6tDTFQfSmcq7mQ= -github.com/libp2p/go-openssl v0.1.0 h1:LBkKEcUv6vtZIQLVTegAil8jbNpJErQ9AnT+bWV+Ooo= -github.com/libp2p/go-openssl v0.1.0/go.mod h1:OiOxwPpL3n4xlenjx2h7AwSGaFSC/KZvf6gNdOBQMtc= github.com/libp2p/go-reuseport v0.2.0 h1:18PRvIMlpY6ZK85nIAicSBuXXvrYoSw3dsBAR7zc560= github.com/libp2p/go-reuseport v0.2.0/go.mod h1:bvVho6eLMm6Bz5hmU0LYN3ixd3nPPvtIlaURZZgOY4k= github.com/libp2p/go-sockaddr v0.0.2/go.mod h1:syPvOmNs24S3dFVGJA1/mrqdeijPxLV2Le3BRLKd68k= @@ -339,8 +337,6 @@ github.com/marten-seemann/webtransport-go v0.4.2/go.mod h1:4xcfySgZMLP4aG5GBGj1e github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= github.com/mattn/go-isatty v0.0.16 h1:bq3VjFmv/sOjHtdEhmkEV4x1AJtvUvOJ2PFAZ5+peKQ= github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= -github.com/mattn/go-pointer v0.0.1 h1:n+XhsuGeVO6MEAp7xyEukFINEa+Quek5psIR/ylA6o0= -github.com/mattn/go-pointer v0.0.1/go.mod h1:2zXcozF6qYGgmsG+SeTZz3oAbFLdD3OWqnUbNvJZAlc= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo= github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= @@ -487,8 +483,6 @@ github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrf github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= github.com/sourcegraph/annotate v0.0.0-20160123013949-f4cad6c6324d/go.mod h1:UdhH50NIW0fCiwBSr0co2m7BnFLdv4fQTgdqdJTHFeE= github.com/sourcegraph/syntaxhighlight v0.0.0-20170531221838-bd320f5d308e/go.mod h1:HuIsMU8RRBOtsCgI77wP899iHVBQpCmg4ErYMZB+2IA= -github.com/spacemonkeygo/spacelog v0.0.0-20180420211403-2296661a0572 h1:RC6RW7j+1+HkWaX/Yh71Ee5ZHaHYt7ZP4sQgUrm6cDU= -github.com/spacemonkeygo/spacelog v0.0.0-20180420211403-2296661a0572/go.mod h1:w0SWMsp6j9O/dk4/ZpIhL+3CkG8ofA2vuv7k+ltqUMc= github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= github.com/spaolacci/murmur3 v1.1.0 h1:7c1g84S4BPRrfL5Xrdp6fOJ206sU9y293DDHaoy0bLI= github.com/spaolacci/murmur3 v1.1.0/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA=