Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: migrate to crypto/ecdh #178

Closed
wants to merge 2 commits into from
Closed

Conversation

shizhMSFT
Copy link
Contributor

Resolves #168 by migrating to crypto/ecdh.

Here are notable changes:

  • Since crypto/ecdh is introduced in go 1.21, the minimum go version is thus bumped to 1.21 from 1.18.
  • Since crypto/ecdh does not expose low-level elliptic curve operations, custom curves are no longer supported. Thus the related test case is removed. /cc @qmuntal

Signed-off-by: Shiwei Zhang <[email protected]>
@shizhMSFT
Copy link
Contributor Author

The CI tests are failing since go-cose is not ready for go 1.21 yet as its current support windows is go [1.18, 1.19].

Signed-off-by: Shiwei Zhang <[email protected]>
@shizhMSFT
Copy link
Contributor Author

shizhMSFT commented Dec 13, 2023

I would suggest reviewing and merging PR after the go 1.22 release (ETA: Feb 2024) so that we can move the support window to [1.21, 1.22] for crypto/ecdh.

@OR13
Copy link
Contributor

OR13 commented Dec 15, 2023

Seems like this PR is on a good track, once CI is passing, and our test coverage is recovered, this seems like a great improvement

@SteveLasker SteveLasker added this to the v1.3.0 milestone Dec 15, 2023
@SteveLasker
Copy link
Contributor

@shizhMSFT, with 1.22 released, are you ready to finalize this PR?

@qmuntal
Copy link
Contributor

qmuntal commented Feb 23, 2024

I'm not sold about this solution. x509.ParsePKCS8PrivateKey calls curve.ScalarBaseMult(d) under the hood, so all the additional work we do, namely mapping an ECDSA key to an ECDH key, then encoding a x509 and finally decoding the same key, boils down to avoiding a deprecated function call by using a higher level functions that uses the same deprecated function.

IMO, we should either remove support for ECDSA curves without public component, or assume that we have to call a deprecated function.

@shizhMSFT
Copy link
Contributor Author

I'm not sold about this solution. x509.ParsePKCS8PrivateKey calls curve.ScalarBaseMult(d) under the hood, so all the additional work we do, namely mapping an ECDSA key to an ECDH key, then encoding a x509 and finally decoding the same key, boils down to avoiding a deprecated function call by using a higher level functions that uses the same deprecated function.

I agree with that.

assume that we have to call a deprecated function

I'm afraid of being scanned as a vulnerability by some scanners in the future although it is not.

remove support for ECDSA curves without public component

Can you elaborate more on this?

@qmuntal
Copy link
Contributor

qmuntal commented Feb 29, 2024

Can you elaborate more on this?

Do what @OR13 recommended here:

I'd recommend just throwing when compressed points are passed... and not doing the point compression, and that would eliminate the warning.

@OR13
Copy link
Contributor

OR13 commented Feb 29, 2024

Unless you are parsing a key that is inside a signature or encryption, developers can translate keys with compressed points to ones with uncompressed points.

Any library that doesn't support compressed points will need to throw if it cannot translate, because operations will fail that required both points.

@shizhMSFT
Copy link
Contributor Author

Thanks for the elaboration.

remove support for ECDSA curves without public component

Do we want to go that way?

@SteveLasker
Copy link
Contributor

Based on the above, we're going to close this PR and open a new issue for guidance.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Resolve calls to deprecated crypto APIs
4 participants