Skip to content

Commit

Permalink
deps: update /x/crypto, fix Go 1.13 test breakage. (#1081)
Browse files Browse the repository at this point in the history
* deps: update /x/crypto to 8b5121be2f68

* helpers/derhelpers: split Go 1.12/1.13 impls.

When using modern `golang.org/x/crypto/ed25519` on Go 1.13 the `x`
library is a small wrapper around the stdlib version. The helper
function needs to match on the stdlib type in this case.

To maintain backwards compat with Go 1.12 the helper code is split by
a build tag. The legacy code can use the `golang.org/x/crypto/ed25519`
import while the new code can use the `crypto/ed25519` import.

Co-authored-by: Daniel <cpu@letsencrypt.org>
  • Loading branch information
cpu and Daniel committed Mar 17, 2020
1 parent 10ed8da commit e45ead2
Show file tree
Hide file tree
Showing 9 changed files with 61 additions and 89 deletions.
2 changes: 1 addition & 1 deletion go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ require (
github.com/ziutek/mymysql v1.5.4 // indirect
github.com/zmap/zcrypto v0.0.0-20190729165852-9051775e6a2e
github.com/zmap/zlint v0.0.0-20190806154020-fd021b4cfbeb
golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4
golang.org/x/crypto v0.0.0-20200124225646-8b5121be2f68
golang.org/x/lint v0.0.0-20190930215403-16217165b5de
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3
golang.org/x/text v0.3.2 // indirect
Expand Down
2 changes: 2 additions & 0 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -82,6 +82,8 @@ golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnf
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4 h1:HuIa8hRrWRSrqYzx1qI49NNxhdi2PrY7gxVSq1JjLDc=
golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20200124225646-8b5121be2f68 h1:WPLCzSEbawp58wezcvLvLnvhiDJAai54ESbc41NdXS0=
golang.org/x/crypto v0.0.0-20200124225646-8b5121be2f68/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/lint v0.0.0-20190930215403-16217165b5de h1:5hukYrvBGR8/eNkX5mdUezrA6JiaEZDtJb9Ei+1LlBs=
golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
Expand Down
50 changes: 50 additions & 0 deletions helpers/derhelpers/derhelpers-legacy.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
// +build !go1.13

// Package derhelpers implements common functionality
// on DER encoded data
package derhelpers

import (
"crypto"
"crypto/ecdsa"
"crypto/rsa"
"crypto/x509"

cferr "github.com/cloudflare/cfssl/errors"
"golang.org/x/crypto/ed25519"
)

// ParsePrivateKeyDER parses a PKCS #1, PKCS #8, ECDSA, or Ed25519 DER-encoded
// private key. The key must not be in PEM format.
func ParsePrivateKeyDER(keyDER []byte) (key crypto.Signer, err error) {
generalKey, err := x509.ParsePKCS8PrivateKey(keyDER)
if err != nil {
generalKey, err = x509.ParsePKCS1PrivateKey(keyDER)
if err != nil {
generalKey, err = x509.ParseECPrivateKey(keyDER)
if err != nil {
generalKey, err = ParseEd25519PrivateKey(keyDER)
if err != nil {
// We don't include the actual error into
// the final error. The reason might be
// we don't want to leak any info about
// the private key.
return nil, cferr.New(cferr.PrivateKeyError,
cferr.ParseFailed)
}
}
}
}

switch generalKey.(type) {
case *rsa.PrivateKey:
return generalKey.(*rsa.PrivateKey), nil
case *ecdsa.PrivateKey:
return generalKey.(*ecdsa.PrivateKey), nil
case ed25519.PrivateKey:
return generalKey.(ed25519.PrivateKey), nil
}

// should never reach here
return nil, cferr.New(cferr.PrivateKeyError, cferr.ParseFailed)
}
4 changes: 3 additions & 1 deletion helpers/derhelpers/derhelpers.go
Original file line number Diff line number Diff line change
@@ -1,15 +1,17 @@
// +build go1.13

// Package derhelpers implements common functionality
// on DER encoded data
package derhelpers

import (
"crypto"
"crypto/ecdsa"
"crypto/ed25519"
"crypto/rsa"
"crypto/x509"

cferr "github.com/cloudflare/cfssl/errors"
"golang.org/x/crypto/ed25519"
)

// ParsePrivateKeyDER parses a PKCS #1, PKCS #8, ECDSA, or Ed25519 DER-encoded
Expand Down
5 changes: 3 additions & 2 deletions vendor/golang.org/x/crypto/cryptobyte/asn1.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

7 changes: 1 addition & 6 deletions vendor/golang.org/x/crypto/cryptobyte/string.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

5 changes: 0 additions & 5 deletions vendor/golang.org/x/crypto/ed25519/ed25519.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

73 changes: 0 additions & 73 deletions vendor/golang.org/x/crypto/ed25519/ed25519_go113.go

This file was deleted.

2 changes: 1 addition & 1 deletion vendor/modules.txt
Original file line number Diff line number Diff line change
Expand Up @@ -94,7 +94,7 @@ github.com/zmap/zcrypto/x509/pkix
github.com/zmap/zlint
github.com/zmap/zlint/lints
github.com/zmap/zlint/util
# golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4
# golang.org/x/crypto v0.0.0-20200124225646-8b5121be2f68
golang.org/x/crypto/cryptobyte
golang.org/x/crypto/cryptobyte/asn1
golang.org/x/crypto/ed25519
Expand Down

0 comments on commit e45ead2

Please sign in to comment.