-
Notifications
You must be signed in to change notification settings - Fork 26
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add xcryptobackendswap, implement x/crypto SHA3 using backend #1043
Draft
dagood
wants to merge
10
commits into
microsoft/main
Choose a base branch
from
dev/dagood/xcryptoswap
base: microsoft/main
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This was referenced Sep 15, 2023
dagood
force-pushed
the
dev/dagood/xcryptoswap
branch
from
September 26, 2023 23:51
943b145
to
9c4f30a
Compare
@dagood - needs a rebase if we are keeping |
Indeed. But to be clear, not planning to do that now: IMO, it's been long enough since I wrote this that it would be better to wait to fix it until we truly start working on it again. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Updates OpenSSL and CNG patches to add SHA3 APIs and SupportsHash. Include these funcs in
nobackend.go
because that's being used to determine how the proxy is generated in the x/crypto fork.Adds the
xcryptobackendswap
experiment, which uses-modfile
plus some internal patching to replace any x/crypto usage with a fork of x/crypto contained in GOROOT/ms_mod.The fork is generated by a tool that applies patches onto an x/crypto submodule, copies it to the specified dir, then generates "proxies" by parsing the crypto backends and nobackend then using
go:linkname
to access the internal funcs. This tool as well as the submodule and patches can live in microsoft/go-infra for now. The idea is that the patches are toolset- and version-agnostic and we define a common API innobackend.go
that the patched x/crypto uses. For the most part, we control what our backend API looks like (and we can always add more functions that upstream doesn't have), so this might be good enough for compatibility.Draft things: doesn't include HKDF (will want
SupportsHKDF
from #1037), I wrote a temporary stand-in for OpenSSLSupportsHash
(until #1036 goes in), and the x/crypto fork includes some stdout-prints as a super simple way to tell that it's being reached.