Add fips and nofips implementations for allowed TLS curves

Author: ycombinator

config/configtls/configtls.go

@@ -9,8 +9,10 @@ import (
 	"crypto/x509"
 	"errors"
 	"fmt"
+	"maps"
 	"os"
 	"path/filepath"
+	"slices"
 	"sync"
 	"time"
 
@@ -268,15 +270,24 @@ func (c Config) loadTLSConfig() (*tls.Config, error) {
 	if err != nil {
 		return nil, err
 	}
+
+	allowedCurves := slices.Collect(maps.Values(tlsCurveTypes))
 	curvePreferences := make([]tls.CurveID, 0, len(c.CurvePreferences))
 	for _, curve := range c.CurvePreferences {
 		curveID, ok := tlsCurveTypes[curve]
 		if !ok {
-			return nil, fmt.Errorf("invalid curve type: %s. Expected values are [P-256, P-384, P-521, X25519, X25519MLKEM768]", curveID)
+			return nil, fmt.Errorf("invalid curve type: %s. Expected values are %s", curveID, allowedCurves)
 		}
 		curvePreferences = append(curvePreferences, curveID)
 	}
 
+	// If no curve preferences were explicitly specified in the configuration, use
+	// the ones we allow. This helps in particular with FIPS builds where not all curves
+	// are allowed.
+	if len(curvePreferences) == 0 {
+		curvePreferences = allowedCurves
+	}
+
 	return &tls.Config{
 		RootCAs:              certPool,
 		GetCertificate:       getCertificate,
@@ -501,11 +512,3 @@ var tlsVersions = map[string]uint16{
 	"1.2": tls.VersionTLS12,
 	"1.3": tls.VersionTLS13,
 }
-
-var tlsCurveTypes = map[string]tls.CurveID{
-	"P256":           tls.CurveP256,
-	"P384":           tls.CurveP384,
-	"P521":           tls.CurveP521,
-	"X25519":         tls.X25519,
-	"X25519MLKEM768": tls.X25519MLKEM768,
-}

config/configtls/configtls_test.go

@@ -12,6 +12,7 @@ import (
 	"io"
 	"os"
 	"path/filepath"
+	"strings"
 	"testing"
 	"time"
 
@@ -882,22 +883,14 @@ func TestSystemCertPool_loadCert(t *testing.T) {
 }
 
 func TestCurvePreferences(t *testing.T) {
-	tests := []struct {
+	type testCase struct {
 		name             string
 		preferences      []string
 		expectedCurveIDs []tls.CurveID
 		expectedErr      string
-	}{
-		{
-			name:             "X25519MLKEM768",
-			preferences:      []string{"X25519MLKEM768"},
-			expectedCurveIDs: []tls.CurveID{tls.X25519MLKEM768},
-		},
-		{
-			name:             "X25519",
-			preferences:      []string{"X25519"},
-			expectedCurveIDs: []tls.CurveID{tls.X25519},
-		},
+	}
+
+	tests := []testCase{
 		{
 			name:             "P521",
 			preferences:      []string{"P521"},
@@ -910,8 +903,8 @@ func TestCurvePreferences(t *testing.T) {
 		},
 		{
 			name:             "multiple",
-			preferences:      []string{"P256", "P521", "X25519"},
-			expectedCurveIDs: []tls.CurveID{tls.CurveP256, tls.CurveP521, tls.X25519},
+			preferences:      []string{"P256", "P521"},
+			expectedCurveIDs: []tls.CurveID{tls.CurveP256, tls.CurveP521},
 		},
 		{
 			name:             "invalid-curve",
@@ -920,6 +913,24 @@ func TestCurvePreferences(t *testing.T) {
 			expectedErr:      "invalid curve type",
 		},
 	}
+
+	// X25519 curves are not supported when GODEBUG=fips140=only is set, so we
+	// detect if it is and conditionally add test cases for those curves.
+	if !strings.Contains(os.Getenv("GODEBUG"), "fips140=only") {
+		tests = append(tests,
+			testCase{
+				name:             "X25519MLKEM768",
+				preferences:      []string{"X25519MLKEM768"},
+				expectedCurveIDs: []tls.CurveID{tls.X25519MLKEM768},
+			},
+			testCase{
+				name:             "X25519",
+				preferences:      []string{"X25519"},
+				expectedCurveIDs: []tls.CurveID{tls.X25519},
+			},
+		)
+	}
+
 	for _, test := range tests {
 		tlsSetting := ClientConfig{
 			Config: Config{

config/configtls/curves_fips.go

@@ -0,0 +1,19 @@
+// Copyright The OpenTelemetry Authors
+// SPDX-License-Identifier: Apache-2.0
+
+//go:build requirefips
+
+package configtls
+
+import "crypto/tls"
+
+var tlsCurveTypes = map[string]tls.CurveID{
+	"P256": tls.CurveP256,
+	"P384": tls.CurveP384,
+	"P521": tls.CurveP521,
+
+	// The following X25519 curves are not available in FIPS mode, so we remove them from the map.
+	// See also https://cs.opensource.google/go/go/+/refs/tags/go1.24.6:src/crypto/ecdh/x25519.go
+	//"X25519": tls.X25519,
+	//"X25519MLKEM768": tls.X25519MLKEM768,
+}

config/configtls/curves_nofips.go

@@ -0,0 +1,13 @@
+//go:build !requirefips
+
+package configtls
+
+import "crypto/tls"
+
+var tlsCurveTypes = map[string]tls.CurveID{
+	"P256":           tls.CurveP256,
+	"P384":           tls.CurveP384,
+	"P521":           tls.CurveP521,
+	"X25519":         tls.X25519,
+	"X25519MLKEM768": tls.X25519MLKEM768,
+}