From fd349103e87b020545868d2537eda6188b79ecc1 Mon Sep 17 00:00:00 2001 From: Harshavardhana Date: Mon, 1 Aug 2022 09:27:16 -0700 Subject: [PATCH] fix: allow P-384/P-512 constant time implementation (#15445) since go1.18.x P-384/P-512 are now constant time implementations, enable them. --- docs/tls/README.md | 2 -- internal/config/certs.go | 15 --------------- 2 files changed, 17 deletions(-) diff --git a/docs/tls/README.md b/docs/tls/README.md index b2c7e14a3..fd1490532 100644 --- a/docs/tls/README.md +++ b/docs/tls/README.md @@ -86,8 +86,6 @@ Alternatively, use the following command to generate a private ECDSA key protect openssl ecparam -genkey -name prime256v1 | openssl ec -aes256 -out private.key -passout pass:PASSWORD ``` -**Note:** NIST curves P-384 and P-521 are not currently supported. - #### 3.2.2 Generate a private key with RSA Use the following command to generate a private key with RSA: diff --git a/internal/config/certs.go b/internal/config/certs.go index 713b19111..41b7ed22c 100644 --- a/internal/config/certs.go +++ b/internal/config/certs.go @@ -19,8 +19,6 @@ package config import ( "bytes" - "crypto" - "crypto/ecdsa" "crypto/tls" "crypto/x509" "encoding/pem" @@ -103,19 +101,6 @@ func LoadX509KeyPair(certFile, keyFile string) (tls.Certificate, error) { if err != nil { return tls.Certificate{}, ErrSSLUnexpectedData(nil).Msg(err.Error()) } - // Ensure that the private key is not a P-384 or P-521 EC key. - // The Go TLS stack does not provide constant-time implementations of P-384 and P-521. - if priv, ok := cert.PrivateKey.(crypto.Signer); ok { - if pub, ok := priv.Public().(*ecdsa.PublicKey); ok { - switch pub.Params().Name { - case "P-384": - fallthrough - case "P-521": - // unfortunately there is no cleaner way to check - return tls.Certificate{}, ErrSSLUnexpectedData(nil).Msg("tls: the ECDSA curve '%s' is not supported", pub.Params().Name) - } - } - } return cert, nil }