Skip to content

crypto/rsa: 4096 bit keys are not generated with BoringCrypto #58803

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
FiloSottile opened this issue Mar 1, 2023 · 4 comments
Closed

crypto/rsa: 4096 bit keys are not generated with BoringCrypto #58803

FiloSottile opened this issue Mar 1, 2023 · 4 comments
Labels
FrozenDueToAge NeedsFix The path to resolution is known, but the work has not been done. Security
Milestone
Go1.21

Comments

@FiloSottile
Copy link
Contributor

https://go.dev/cl/423362 updated the BoringCrypto module to one that supports RSA 4096 bit keys, and #41147 removed the limitation in crypto/x509, but crypto/rsa still has a check that only uses BoringCrypto for 2048 and 3078 bit keys, so 4096 bit keys are generated with the pure Go implementation.

/cc @golang/security @rsc
@FiloSottile FiloSottile added this to the Go1.21 milestone Mar 1, 2023
@bcmills bcmills added Security NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. labels Mar 1, 2023
@FiloSottile
Copy link
Contributor Author

@gopherbot please open a Go 1.20 backport issue for this.

Go 1.20 updated the BoringCrypto module and started using BoringCrypto for RSA 4096 bit keys in crypto/x509, but not in GenerateKey. The two are not necessarily correlated (most X.509 keys are loaded from disk, not generated) but using unverified crypto unexpectedly is not great, and the fix is simple.

/cc @rsc @golang/security

@gopherbot gopherbot mentioned this issue Mar 8, 2023
Closed
@gopherbot
Copy link
Contributor

Backport issue(s) opened: #58927 (for 1.20).

Remember to create the cherry-pick CL(s) as soon as the patch is submitted to master, according to https://go.dev/wiki/MinorReleases.

@gopherbot
Copy link
Contributor

Change https://go.dev/cl/474515 mentions this issue: crypto/rsa: use BoringCrypto for 4096 bit keys

@dmitshur dmitshur added NeedsFix The path to resolution is known, but the work has not been done. and removed NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. labels May 15, 2023
@FiloSottile FiloSottile mentioned this issue May 17, 2023
Open
@gopherbot
Copy link
Contributor

Change https://go.dev/cl/495735 mentions this issue: [release-branch.go1.20] crypto/rsa: use BoringCrypto for 4096 bit keys

gopherbot pushed a commit that referenced this issue May 17, 2023
@FiloSottile @heschi
[release-branch.go1.20] crypto/rsa: use BoringCrypto for 4096 bit keys
600636e 
Updates #58803
Fixes #58927

Change-Id: I097938ff61dae2b65214f8d0126d68de63525f5b
Reviewed-on: https://go-review.googlesource.com/c/go/+/474515
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
(cherry picked from commit 7bc3281)
Reviewed-on: https://go-review.googlesource.com/c/go/+/495735
Reviewed-by: Heschi Kreinick <heschi@google.com>
bradfitz pushed a commit to tailscale/go that referenced this issue May 25, 2023
@FiloSottile @bradfitz
[release-branch.go1.20] crypto/rsa: use BoringCrypto for 4096 bit keys
b83e5ce 
Updates golang#58803
Fixes golang#58927

Change-Id: I097938ff61dae2b65214f8d0126d68de63525f5b
Reviewed-on: https://go-review.googlesource.com/c/go/+/474515
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
(cherry picked from commit 7bc3281)
Reviewed-on: https://go-review.googlesource.com/c/go/+/495735
Reviewed-by: Heschi Kreinick <heschi@google.com>
bradfitz pushed a commit to tailscale/go that referenced this issue May 25, 2023
@FiloSottile @bradfitz
[release-branch.go1.20] crypto/rsa: use BoringCrypto for 4096 bit keys
b23cce7 
Updates golang#58803
Fixes golang#58927

Change-Id: I097938ff61dae2b65214f8d0126d68de63525f5b
Reviewed-on: https://go-review.googlesource.com/c/go/+/474515
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
(cherry picked from commit 7bc3281)
Reviewed-on: https://go-review.googlesource.com/c/go/+/495735
Reviewed-by: Heschi Kreinick <heschi@google.com>
@golang golang locked and limited conversation to collaborators May 16, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
FrozenDueToAge NeedsFix The path to resolution is known, but the work has not been done. Security
Projects
None yet
Milestone
Go1.21
Development

No branches or pull requests
4 participants
@FiloSottile @dmitshur @bcmills @gopherbot