wgengine/magicsock: replace deprecated poly1305 (#13184)

Signed-off-by: tomholford <tomholford@users.noreply.github.com>
2025-02-18 02:48:40 +00:00 · 2024-08-19 11:45:39 -07:00 · 2024-08-19 11:45:39 -07:00 · 16bb541adb
commit 16bb541adb
parent f95785f22b
3 changed files with 8 additions and 4 deletions
--- a/cmd/k8s-operator/depaware.txt
+++ b/cmd/k8s-operator/depaware.txt
@ -846,7 +846,7 @@ tailscale.com/cmd/k8s-operator dependencies: (generated by github.com/tailscale/
        golang.org/x/crypto/hkdf                                     from crypto/tls+
        golang.org/x/crypto/nacl/box                                 from tailscale.com/types/key
        golang.org/x/crypto/nacl/secretbox                           from golang.org/x/crypto/nacl/box
-        golang.org/x/crypto/poly1305                                 from github.com/tailscale/wireguard-go/device+
+        golang.org/x/crypto/poly1305                                 from github.com/tailscale/wireguard-go/device
        golang.org/x/crypto/salsa20/salsa                            from golang.org/x/crypto/nacl/box+
        golang.org/x/exp/constraints                                 from github.com/dblohm7/wingoes/pe+
        golang.org/x/exp/maps                                        from sigs.k8s.io/controller-runtime/pkg/cache+
--- a/cmd/tailscaled/depaware.txt
+++ b/cmd/tailscaled/depaware.txt
@ -438,7 +438,7 @@ tailscale.com/cmd/tailscaled dependencies: (generated by github.com/tailscale/de
        golang.org/x/crypto/hkdf                                     from crypto/tls+
        golang.org/x/crypto/nacl/box                                 from tailscale.com/types/key
        golang.org/x/crypto/nacl/secretbox                           from golang.org/x/crypto/nacl/box
-        golang.org/x/crypto/poly1305                                 from github.com/tailscale/wireguard-go/device+
+        golang.org/x/crypto/poly1305                                 from github.com/tailscale/wireguard-go/device
        golang.org/x/crypto/salsa20/salsa                            from golang.org/x/crypto/nacl/box+
  LD    golang.org/x/crypto/ssh                                      from github.com/pkg/sftp+
        golang.org/x/exp/constraints                                 from github.com/dblohm7/wingoes/pe+
--- a/wgengine/magicsock/endpoint.go
+++ b/wgengine/magicsock/endpoint.go
@ -20,7 +20,6 @@ import (
 	"sync/atomic"
 	"time"

-	"golang.org/x/crypto/poly1305"
 	xmaps "golang.org/x/exp/maps"
 	"golang.org/x/net/ipv4"
 	"golang.org/x/net/ipv6"
@ -1067,9 +1066,14 @@ func (de *endpoint) removeSentDiscoPingLocked(txid stun.TxID, sp sentPing, resul
 	delete(de.sentPing, txid)
 }

+// poly1305AuthenticatorSize is the size, in bytes, of a poly1305 authenticator.
+// It's the same as golang.org/x/crypto/poly1305.TagSize, but that
+// page is deprecated and we only need this one constant, so we copy it.
+const poly1305AuthenticatorSize = 16
+
 // discoPingSize is the size of a complete disco ping packet, without any padding.
 const discoPingSize = len(disco.Magic) + key.DiscoPublicRawLen + disco.NonceLen +
-	poly1305.TagSize + disco.MessageHeaderLen + disco.PingLen
+	poly1305AuthenticatorSize + disco.MessageHeaderLen + disco.PingLen

 // sendDiscoPing sends a ping with the provided txid to ep using de's discoKey. size
 // is the desired disco message size, including all disco headers but excluding IP/UDP