wip

Dockerfile

@@ -21,6 +21,7 @@ RUN \
   export CGO_ENABLED=0 && \
   export GOOS=linux && \
   export GOARCH=amd64 && \
+  export GOEXPERIMENT=boringcrypto && \
   go build -v -trimpath -ldflags "$(hack/get-ldflags.sh) -w -s" -o /usr/local/bin/pinniped-concierge-kube-cert-agent ./cmd/pinniped-concierge-kube-cert-agent/... && \
   go build -v -trimpath -ldflags "$(hack/get-ldflags.sh) -w -s" -o /usr/local/bin/pinniped-server ./cmd/pinniped-server/... && \
   ln -s /usr/local/bin/pinniped-server /usr/local/bin/pinniped-concierge && \

ciphers.txt

@@ -0,0 +1,73 @@
+Obtaining cipher list from LibreSSL 3.3.6.
+Testing AEAD-AES256-GCM-SHA384...YES
+Testing AEAD-CHACHA20-POLY1305-SHA256...YES
+Testing AEAD-AES128-GCM-SHA256...YES
+Testing ECDHE-RSA-AES256-GCM-SHA384...YES
+Testing ECDHE-ECDSA-AES256-GCM-SHA384...YES
+Testing ECDHE-RSA-AES256-SHA384...YES
+Testing ECDHE-ECDSA-AES256-SHA384...YES
+Testing ECDHE-RSA-AES256-SHA...YES
+Testing ECDHE-ECDSA-AES256-SHA...YES
+Testing DHE-RSA-AES256-GCM-SHA384...YES
+Testing DHE-RSA-AES256-SHA256...YES
+Testing DHE-RSA-AES256-SHA...YES
+Testing ECDHE-ECDSA-CHACHA20-POLY1305...YES
+Testing ECDHE-RSA-CHACHA20-POLY1305...YES
+Testing DHE-RSA-CHACHA20-POLY1305...YES
+Testing GOST2012256-GOST89-GOST89...YES
+Testing DHE-RSA-CAMELLIA256-SHA256...YES
+Testing DHE-RSA-CAMELLIA256-SHA...YES
+Testing GOST2001-GOST89-GOST89...YES
+Testing AECDH-AES256-SHA...YES
+Testing ADH-AES256-GCM-SHA384...YES
+Testing ADH-AES256-SHA256...YES
+Testing ADH-AES256-SHA...YES
+Testing ADH-CAMELLIA256-SHA256...YES
+Testing ADH-CAMELLIA256-SHA...YES
+Testing AES256-GCM-SHA384...YES
+Testing AES256-SHA256...YES
+Testing AES256-SHA...YES
+Testing CAMELLIA256-SHA256...YES
+Testing CAMELLIA256-SHA...YES
+Testing ECDHE-RSA-AES128-GCM-SHA256...YES
+Testing ECDHE-ECDSA-AES128-GCM-SHA256...YES
+Testing ECDHE-RSA-AES128-SHA256...YES
+Testing ECDHE-ECDSA-AES128-SHA256...YES
+Testing ECDHE-RSA-AES128-SHA...YES
+Testing ECDHE-ECDSA-AES128-SHA...YES
+Testing DHE-RSA-AES128-GCM-SHA256...YES
+Testing DHE-RSA-AES128-SHA256...YES
+Testing DHE-RSA-AES128-SHA...YES
+Testing DHE-RSA-CAMELLIA128-SHA256...YES
+Testing DHE-RSA-CAMELLIA128-SHA...YES
+Testing AECDH-AES128-SHA...YES
+Testing ADH-AES128-GCM-SHA256...YES
+Testing ADH-AES128-SHA256...YES
+Testing ADH-AES128-SHA...YES
+Testing ADH-CAMELLIA128-SHA256...YES
+Testing ADH-CAMELLIA128-SHA...YES
+Testing AES128-GCM-SHA256...YES
+Testing AES128-SHA256...YES
+Testing AES128-SHA...YES
+Testing CAMELLIA128-SHA256...YES
+Testing CAMELLIA128-SHA...YES
+Testing ECDHE-RSA-RC4-SHA...YES
+Testing ECDHE-ECDSA-RC4-SHA...YES
+Testing AECDH-RC4-SHA...YES
+Testing ADH-RC4-MD5...YES
+Testing RC4-SHA...YES
+Testing RC4-MD5...YES
+Testing ECDHE-RSA-DES-CBC3-SHA...YES
+Testing ECDHE-ECDSA-DES-CBC3-SHA...YES
+Testing EDH-RSA-DES-CBC3-SHA...YES
+Testing AECDH-DES-CBC3-SHA...YES
+Testing ADH-DES-CBC3-SHA...YES
+Testing DES-CBC3-SHA...YES
+Testing ECDHE-RSA-NULL-SHA...YES
+Testing ECDHE-ECDSA-NULL-SHA...YES
+Testing GOST2012256-NULL-STREEBOG256...YES
+Testing GOST2001-NULL-GOST94...YES
+Testing AECDH-NULL-SHA...YES
+Testing NULL-SHA256...YES
+Testing NULL-SHA...YES
+Testing NULL-MD5...YES

fips-ciphers.txt

@@ -0,0 +1,73 @@
+Obtaining cipher list from LibreSSL 3.3.6.
+Testing AEAD-AES256-GCM-SHA384...NO (sslv3 alert handshake failure)
+Testing AEAD-CHACHA20-POLY1305-SHA256...NO (sslv3 alert handshake failure)
+Testing AEAD-AES128-GCM-SHA256...NO (sslv3 alert handshake failure)
+Testing ECDHE-RSA-AES256-GCM-SHA384...NO (sslv3 alert handshake failure)
+Testing ECDHE-ECDSA-AES256-GCM-SHA384...YES
+Testing ECDHE-RSA-AES256-SHA384...NO (sslv3 alert handshake failure)
+Testing ECDHE-ECDSA-AES256-SHA384...NO (sslv3 alert handshake failure)
+Testing ECDHE-RSA-AES256-SHA...NO (sslv3 alert handshake failure)
+Testing ECDHE-ECDSA-AES256-SHA...NO (sslv3 alert handshake failure)
+Testing DHE-RSA-AES256-GCM-SHA384...NO (sslv3 alert handshake failure)
+Testing DHE-RSA-AES256-SHA256...NO (sslv3 alert handshake failure)
+Testing DHE-RSA-AES256-SHA...NO (sslv3 alert handshake failure)
+Testing ECDHE-ECDSA-CHACHA20-POLY1305...NO (sslv3 alert handshake failure)
+Testing ECDHE-RSA-CHACHA20-POLY1305...NO (sslv3 alert handshake failure)
+Testing DHE-RSA-CHACHA20-POLY1305...NO (sslv3 alert handshake failure)
+Testing GOST2012256-GOST89-GOST89...NO (sslv3 alert handshake failure)
+Testing DHE-RSA-CAMELLIA256-SHA256...NO (sslv3 alert handshake failure)
+Testing DHE-RSA-CAMELLIA256-SHA...NO (sslv3 alert handshake failure)
+Testing GOST2001-GOST89-GOST89...NO (sslv3 alert handshake failure)
+Testing AECDH-AES256-SHA...NO (sslv3 alert handshake failure)
+Testing ADH-AES256-GCM-SHA384...NO (sslv3 alert handshake failure)
+Testing ADH-AES256-SHA256...NO (sslv3 alert handshake failure)
+Testing ADH-AES256-SHA...NO (sslv3 alert handshake failure)
+Testing ADH-CAMELLIA256-SHA256...NO (sslv3 alert handshake failure)
+Testing ADH-CAMELLIA256-SHA...NO (sslv3 alert handshake failure)
+Testing AES256-GCM-SHA384...NO (sslv3 alert handshake failure)
+Testing AES256-SHA256...NO (sslv3 alert handshake failure)
+Testing AES256-SHA...NO (sslv3 alert handshake failure)
+Testing CAMELLIA256-SHA256...NO (sslv3 alert handshake failure)
+Testing CAMELLIA256-SHA...NO (sslv3 alert handshake failure)
+Testing ECDHE-RSA-AES128-GCM-SHA256...NO (sslv3 alert handshake failure)
+Testing ECDHE-ECDSA-AES128-GCM-SHA256...YES
+Testing ECDHE-RSA-AES128-SHA256...NO (sslv3 alert handshake failure)
+Testing ECDHE-ECDSA-AES128-SHA256...NO (sslv3 alert handshake failure)
+Testing ECDHE-RSA-AES128-SHA...NO (sslv3 alert handshake failure)
+Testing ECDHE-ECDSA-AES128-SHA...NO (sslv3 alert handshake failure)
+Testing DHE-RSA-AES128-GCM-SHA256...NO (sslv3 alert handshake failure)
+Testing DHE-RSA-AES128-SHA256...NO (sslv3 alert handshake failure)
+Testing DHE-RSA-AES128-SHA...NO (sslv3 alert handshake failure)
+Testing DHE-RSA-CAMELLIA128-SHA256...NO (sslv3 alert handshake failure)
+Testing DHE-RSA-CAMELLIA128-SHA...NO (sslv3 alert handshake failure)
+Testing AECDH-AES128-SHA...NO (sslv3 alert handshake failure)
+Testing ADH-AES128-GCM-SHA256...NO (sslv3 alert handshake failure)
+Testing ADH-AES128-SHA256...NO (sslv3 alert handshake failure)
+Testing ADH-AES128-SHA...NO (sslv3 alert handshake failure)
+Testing ADH-CAMELLIA128-SHA256...NO (sslv3 alert handshake failure)
+Testing ADH-CAMELLIA128-SHA...NO (sslv3 alert handshake failure)
+Testing AES128-GCM-SHA256...NO (sslv3 alert handshake failure)
+Testing AES128-SHA256...NO (sslv3 alert handshake failure)
+Testing AES128-SHA...NO (sslv3 alert handshake failure)
+Testing CAMELLIA128-SHA256...NO (sslv3 alert handshake failure)
+Testing CAMELLIA128-SHA...NO (sslv3 alert handshake failure)
+Testing ECDHE-RSA-RC4-SHA...NO (sslv3 alert handshake failure)
+Testing ECDHE-ECDSA-RC4-SHA...NO (sslv3 alert handshake failure)
+Testing AECDH-RC4-SHA...NO (sslv3 alert handshake failure)
+Testing ADH-RC4-MD5...NO (sslv3 alert handshake failure)
+Testing RC4-SHA...NO (sslv3 alert handshake failure)
+Testing RC4-MD5...NO (sslv3 alert handshake failure)
+Testing ECDHE-RSA-DES-CBC3-SHA...NO (sslv3 alert handshake failure)
+Testing ECDHE-ECDSA-DES-CBC3-SHA...NO (sslv3 alert handshake failure)
+Testing EDH-RSA-DES-CBC3-SHA...NO (sslv3 alert handshake failure)
+Testing AECDH-DES-CBC3-SHA...NO (sslv3 alert handshake failure)
+Testing ADH-DES-CBC3-SHA...NO (sslv3 alert handshake failure)
+Testing DES-CBC3-SHA...NO (sslv3 alert handshake failure)
+Testing ECDHE-RSA-NULL-SHA...NO (sslv3 alert handshake failure)
+Testing ECDHE-ECDSA-NULL-SHA...NO (sslv3 alert handshake failure)
+Testing GOST2012256-NULL-STREEBOG256...NO (sslv3 alert handshake failure)
+Testing GOST2001-NULL-GOST94...NO (sslv3 alert handshake failure)
+Testing AECDH-NULL-SHA...NO (sslv3 alert handshake failure)
+Testing NULL-SHA256...NO (sslv3 alert handshake failure)
+Testing NULL-SHA...NO (sslv3 alert handshake failure)
+Testing NULL-MD5...NO (sslv3 alert handshake failure)

internal/crypto/fips/fips_strict.go

@@ -1,12 +0,0 @@
-// Copyright 2023 the Pinniped contributors. All Rights Reserved.
-// SPDX-License-Identifier: Apache-2.0
-
-//go:build goexperiment.boringcrypto
-// +build goexperiment.boringcrypto
-
-package fips
-
-import (
-	"C"                     // explicitly import cgo so that runtime/cgo gets linked into the kube-cert-agent
-	_ "crypto/tls/fipsonly" // restricts all TLS configuration to FIPS-approved settings.
-)

internal/crypto/ptls/default.go

@@ -1,8 +1,8 @@
 // Copyright 2021-2023 the Pinniped contributors. All Rights Reserved.
 // SPDX-License-Identifier: Apache-2.0
 
-//go:build !boringcrypto
+//go:build !goexperiment.boringcrypto
-// +build !boringcrypto
+// +build !goexperiment.boringcrypto
 
 package ptls
 

internal/crypto/ptls/fips_strict.go

@@ -1,80 +0,0 @@
-// Copyright 2022-2023 the Pinniped contributors. All Rights Reserved.
-// SPDX-License-Identifier: Apache-2.0
-
-// The configurations here override the usual ptls.Secure, ptls.Default, and ptls.DefaultLDAP
-// configs when Pinniped is built in fips-only mode.
-// All of these are the same because FIPs is already so limited.
-//go:build goexperiment.boringcrypto
-// +build goexperiment.boringcrypto
-
-package ptls
-
-import (
-	"crypto/tls"
-	"crypto/x509"
-	"os"
-	"path/filepath"
-	"runtime"
-
-	"k8s.io/apiserver/pkg/server/options"
-
-	// Cause fipsonly tls mode with this side effect import.
-	_ "go.pinniped.dev/internal/crypto/fips"
-	"go.pinniped.dev/internal/plog"
-)
-
-// Always use TLS 1.2 for FIPs
-const secureServingOptionsMinTLSVersion = "VersionTLS12"
-const SecureTLSConfigMinTLSVersion = tls.VersionTLS12
-
-func init() {
-	switch filepath.Base(os.Args[0]) {
-	case "pinniped-server", "pinniped-supervisor", "pinniped-concierge", "pinniped-concierge-kube-cert-agent":
-	default:
-		return // do not print FIPS logs if we cannot confirm that we are running a server binary
-	}
-
-	// this init runs before we have parsed our config to determine our log level
-	// thus we must use a log statement that will always print instead of conditionally print
-	plog.Always("using boring crypto in fips only mode", "go version", runtime.Version())
-}
-
-func Default(rootCAs *x509.CertPool) *tls.Config {
-	return &tls.Config{
-		// goboring requires TLS 1.2 and only TLS 1.2
-		MinVersion: SecureTLSConfigMinTLSVersion,
-		MaxVersion: SecureTLSConfigMinTLSVersion,
-
-		// enable HTTP2 for go's 1.7 HTTP Server
-		// setting this explicitly is only required in very specific circumstances
-		// it is simpler to just set it here than to try and determine if we need to
-		NextProtos: []string{"h2", "http/1.1"},
-
-		// optional root CAs, nil means use the host's root CA set
-		RootCAs: rootCAs,
-
-		// This is all of the fips-approved ciphers.
-		// The list is hard-coded for convenience of testing.
-		// This is kept in sync with the boring crypto compiler via TestFIPSCipherSuites.
-		CipherSuites: []uint16{
-			tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
-			tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
-			tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
-			tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
-			tls.TLS_RSA_WITH_AES_128_GCM_SHA256,
-			tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
-		},
-	}
-}
-
-func Secure(rootCAs *x509.CertPool) *tls.Config {
-	return Default(rootCAs)
-}
-
-func DefaultLDAP(rootCAs *x509.CertPool) *tls.Config {
-	return Default(rootCAs)
-}
-
-func secureServing(opts *options.SecureServingOptionsWithLoopback) {
-	defaultServing(opts)
-}

internal/crypto/ptls/secure.go

@@ -1,8 +1,8 @@
 // Copyright 2021-2023 the Pinniped contributors. All Rights Reserved.
 // SPDX-License-Identifier: Apache-2.0
 
-//go:build !boringcrypto
+//go:build !goexperiment.boringcrypto
-// +build !boringcrypto
+// +build !goexperiment.boringcrypto
 
 package ptls
 

test/testlib/securetls_preference_fips.go

@@ -1,13 +0,0 @@
-// Copyright 2022-2023 the Pinniped contributors. All Rights Reserved.
-// SPDX-License-Identifier: Apache-2.0
-
-//go:build goexperiment.boringcrypto
-// +build goexperiment.boringcrypto
-
-package testlib
-
-// Because of a bug in nmap, the cipher suite preference is
-// incorrectly shown as 'client' in some cases.
-// in fips-only mode, it correctly shows the cipher preference
-// as 'server', while in non-fips mode it shows as 'client'.
-const cipherSuitePreference = "server"

test/testlib/securetls_preference_nonfips.go

@@ -1,8 +1,8 @@
 // Copyright 2022-2023 the Pinniped contributors. All Rights Reserved.
 // SPDX-License-Identifier: Apache-2.0
 
-//go:build !boringcrypto
+//go:build !goexperiment.boringcrypto
-// +build !boringcrypto
+// +build !goexperiment.boringcrypto
 
 package testlib
 

test_ciphers.sh

@@ -0,0 +1,26 @@
+#!/usr/bin/env bash
+
+# OpenSSL requires the port number.
+SERVER=$1
+DELAY=1
+ciphers=$(openssl ciphers 'ALL:eNULL' | sed -e 's/:/ /g')
+
+echo Obtaining cipher list from $(openssl version).
+
+for cipher in ${ciphers[@]}
+do
+  echo -n Testing $cipher...
+  result=$(echo -n | openssl s_client -cipher "$cipher" -connect $SERVER 2>&1)
+  if [[ "$result" =~ ":error:" ]] ; then
+    error=$(echo -n $result | cut -d':' -f6)
+    echo NO \($error\)
+  else
+    if [[ "$result" =~ "Cipher is ${cipher}" || "$result" =~ "Cipher    :" ]] ; then
+      echo YES
+    else
+      echo UNKNOWN RESPONSE
+      echo $result
+    fi
+  fi
+  sleep $DELAY
+done