diff --git a/config/versions.json b/config/versions.json index d7be8369d6..899ac22cf8 100644 --- a/config/versions.json +++ b/config/versions.json @@ -1,5 +1,5 @@ { - "github.com/golang-fips/go": "go1.20-fips-release", - "github.com/golang-fips/openssl-fips": "972af39412e2517625d69b4d79c439eab52ba6c9", - "github.com/golang/go": "go1.20.12" + "github.com/golang-fips/go": "go1.20-fips-release", + "github.com/golang-fips/openssl-fips": "8c1c6aa53546d5c09f3a29de021e168dafa5d4f0", + "github.com/golang/go": "go1.20.12" } diff --git a/patches/001-initial-openssl-for-fips.patch b/patches/001-initial-openssl-for-fips.patch index cb2d636758..174f126e6b 100644 --- a/patches/001-initial-openssl-for-fips.patch +++ b/patches/001-initial-openssl-for-fips.patch @@ -5,15 +5,15 @@ index f0e3575637..a4139169b8 100644 @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. - + -//go:build boringcrypto +//go:build !no_openssl - + package main - + @@ -12,6 +12,6 @@ import ( ) - + func init() { - fmt.Printf("SKIP with boringcrypto enabled\n") + fmt.Printf("SKIP with !no_openssl enabled\n") @@ -31,7 +31,7 @@ index 183c1697c8..abe85b5ad3 100644 + boring "crypto/internal/backend" "strconv" ) - + @@ -38,7 +38,7 @@ func NewCipher(key []byte) (cipher.Block, error) { case 16, 24, 32: break @@ -61,10 +61,10 @@ index 097c37e343..47618fe3c6 100644 @@ -13,9 +13,9 @@ // is satisfied, so that applications can tag files that use this package. package boring - + -import "crypto/internal/boring" +import boring "crypto/internal/backend" - + // Enabled reports whether BoringCrypto handles supported crypto operations. func Enabled() bool { - return boring.Enabled @@ -123,7 +123,7 @@ index 74420559b5..acf71ba580 100644 --- a/src/crypto/ecdh/ecdh.go +++ b/src/crypto/ecdh/ecdh.go @@ -8,7 +8,7 @@ package ecdh - + import ( "crypto" - "crypto/internal/boring" @@ -190,7 +190,7 @@ index 01354fa2cf..a7f1d9eced 100644 +++ b/src/crypto/ecdh/nist.go @@ -5,7 +5,7 @@ package ecdh - + import ( - "crypto/internal/boring" + boring "crypto/internal/backend" @@ -199,7 +199,7 @@ index 01354fa2cf..a7f1d9eced 100644 "encoding/binary" @@ -36,7 +36,7 @@ func (c *nistCurve[Point]) String() string { var errInvalidPrivateKey = errors.New("crypto/ecdh: invalid private key") - + func (c *nistCurve[Point]) GenerateKey(rand io.Reader) (*PrivateKey, error) { - if boring.Enabled && rand == boring.RandReader { + if boring.Enabled() && rand == boring.RandReader { @@ -227,12 +227,12 @@ index 01354fa2cf..a7f1d9eced 100644 @@ -196,7 +196,7 @@ func (c *nistCurve[Point]) ecdh(local *PrivateKey, remote *PublicKey) ([]byte, e // only be the result of a scalar multiplication if one of the inputs is the // zero scalar or the point at infinity. - + - if boring.Enabled { + if boring.Enabled() { return boring.ECDH(local.boring, remote.boring) } - + diff --git a/src/crypto/ecdsa/boring.go b/src/crypto/ecdsa/boring.go index 275c60b4de..58f0034b18 100644 --- a/src/crypto/ecdsa/boring.go @@ -240,12 +240,12 @@ index 275c60b4de..58f0034b18 100644 @@ -2,13 +2,13 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. - + -//go:build boringcrypto +//go:build !no_openssl - + package ecdsa - + import ( - "crypto/internal/boring" - "crypto/internal/boring/bbig" @@ -272,7 +272,7 @@ index 03a9a72ddd..4bf497f9cc 100644 @@ -154,7 +154,7 @@ func (priv *PrivateKey) Sign(rand io.Reader, digest []byte, opts crypto.SignerOp func GenerateKey(c elliptic.Curve, rand io.Reader) (*PrivateKey, error) { randutil.MaybeReadByte(rand) - + - if boring.Enabled && rand == boring.RandReader { + if boring.Enabled() && rand == boring.RandReader { x, y, d, err := boring.GenerateKeyECDSA(c.Params().Name) @@ -281,7 +281,7 @@ index 03a9a72ddd..4bf497f9cc 100644 @@ -248,7 +248,7 @@ var errNoAsm = errors.New("no assembly implementation available") func SignASN1(rand io.Reader, priv *PrivateKey, hash []byte) ([]byte, error) { randutil.MaybeReadByte(rand) - + - if boring.Enabled && rand == boring.RandReader { + if boring.Enabled() && rand == boring.RandReader { b, err := boringPrivateKey(priv) @@ -301,7 +301,7 @@ index 37f3a18223..51e3b49cdc 100644 --- a/src/crypto/ecdsa/ecdsa_hashsignverify.go +++ b/src/crypto/ecdsa/ecdsa_hashsignverify.go @@ -2,7 +2,7 @@ package ecdsa - + import ( "crypto" - "crypto/internal/boring" @@ -312,7 +312,7 @@ index 37f3a18223..51e3b49cdc 100644 @@ -11,7 +11,7 @@ import ( func HashSign(rand io.Reader, priv *PrivateKey, msg []byte, h crypto.Hash) (*big.Int, *big.Int, error) { randutil.MaybeReadByte(rand) - + - if boring.Enabled { + if boring.Enabled() { b, err := boringPrivateKey(priv) @@ -320,7 +320,7 @@ index 37f3a18223..51e3b49cdc 100644 return nil, nil, err @@ -28,7 +28,7 @@ func HashSign(rand io.Reader, priv *PrivateKey, msg []byte, h crypto.Hash) (*big } - + func HashVerify(pub *PublicKey, msg []byte, r, s *big.Int, h crypto.Hash) bool { - if boring.Enabled { + if boring.Enabled() { @@ -332,7 +332,7 @@ index d12ba2f441..6334a56496 100644 --- a/src/crypto/ecdsa/ecdsa_hashsignverify_test.go +++ b/src/crypto/ecdsa/ecdsa_hashsignverify_test.go @@ -2,7 +2,7 @@ package ecdsa - + import ( "crypto" - "crypto/internal/boring" @@ -343,7 +343,7 @@ index d12ba2f441..6334a56496 100644 @@ -34,7 +34,7 @@ func testHashSignAndHashVerify(t *testing.T, c elliptic.Curve, tag string) { func TestHashSignAndHashVerify(t *testing.T) { testHashSignAndHashVerify(t, elliptic.P256(), "p256") - + - if testing.Short() && !boring.Enabled { + if testing.Short() && !boring.Enabled() { return @@ -381,7 +381,7 @@ index 61a4662036..80e484842b 100644 } curve := test.curve @@ -246,7 +246,7 @@ func TestVectors(t *testing.T) { - + switch curve { case "P-224": - if !boring.Enabled || boringtest.Supports(t, "CurveP224") { @@ -418,15 +418,15 @@ index 039bd82ed2..21a35b760c 100644 @@ -2,15 +2,15 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. - + -//go:build !boringcrypto +//go:build no_openssl - + package ecdsa - + -import "crypto/internal/boring" +import boring "crypto/internal/backend" - + func boringPublicKey(*PublicKey) (*boring.PublicKeyECDSA, error) { - panic("boringcrypto: not available") + panic("!no_openssl: not available") @@ -449,7 +449,7 @@ index 8b5c2cc9af..ebbb1c0c07 100644 "crypto/sha512" "encoding/hex" @@ -322,7 +322,7 @@ func TestMalleability(t *testing.T) { - + func TestAllocations(t *testing.T) { t.Skip("Allocations test broken with openssl linkage") - if boring.Enabled { @@ -463,7 +463,7 @@ index ed3ebc0602..9941228156 100644 +++ b/src/crypto/hmac/hmac.go @@ -22,7 +22,7 @@ timing side-channels: package hmac - + import ( - "crypto/internal/boring" + boring "crypto/internal/backend" @@ -484,7 +484,7 @@ index 55415abf02..0edd7a6003 100644 --- a/src/crypto/hmac/hmac_test.go +++ b/src/crypto/hmac/hmac_test.go @@ -6,7 +6,7 @@ package hmac - + import ( "bytes" - "crypto/internal/boring" @@ -494,7 +494,7 @@ index 55415abf02..0edd7a6003 100644 "crypto/sha256" @@ -584,8 +584,8 @@ func TestHMAC(t *testing.T) { } - + func TestNonUniqueHash(t *testing.T) { - if boring.Enabled { - t.Skip("hash.Hash provided by boringcrypto are not comparable") @@ -1367,10 +1367,10 @@ index f2e5a503ea..65918a480e 100644 @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. - + -//go:build boringcrypto +//go:build !no_openssl - + // runtime_arg0 is declared in tls.go without a body. // It's provided by package runtime, diff --git a/src/crypto/internal/boring/fipstls/tls.go b/src/crypto/internal/boring/fipstls/tls.go @@ -1380,23 +1380,23 @@ index 3bf1471fb0..d6c5ca736d 100644 @@ -2,10 +2,10 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. - + -//go:build boringcrypto +//go:build !no_openssl - + // Package fipstls allows control over whether crypto/tls requires FIPS-approved settings. -// This package only exists with GOEXPERIMENT=boringcrypto, but the effects are independent +// This package only exists with GOEXPERIMENT=!no_openssl, but the effects are independent // of the use of BoringCrypto. package fipstls - + diff --git a/src/crypto/rand/rand_unix.go b/src/crypto/rand/rand_unix.go index 40fce36314..c30be35635 100644 --- a/src/crypto/rand/rand_unix.go +++ b/src/crypto/rand/rand_unix.go @@ -10,7 +10,7 @@ package rand - + import ( - "crypto/internal/boring" + boring "crypto/internal/backend" @@ -1405,7 +1405,7 @@ index 40fce36314..c30be35635 100644 "os" @@ -23,7 +23,7 @@ import ( const urandomDevice = "/dev/urandom" - + func init() { - if boring.Enabled { + if boring.Enabled() { @@ -1419,12 +1419,12 @@ index b9f9d3154f..85c2a45848 100644 @@ -2,13 +2,13 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. - + -//go:build boringcrypto +//go:build !no_openssl - + package rsa - + import ( - "crypto/internal/boring" - "crypto/internal/boring/bbig" @@ -1440,10 +1440,10 @@ index 2234d079f0..4e7fd9de4a 100644 @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. - + -//go:build boringcrypto +//go:build !no_openssl - + // Note: Can run these tests against the non-BoringCrypto // version of the code by using "CGO_ENABLED=0 go test". diff --git a/src/crypto/rsa/notboring.go b/src/crypto/rsa/notboring.go @@ -1453,15 +1453,15 @@ index 2abc043640..a83be6dfdb 100644 @@ -2,15 +2,15 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. - + -//go:build !boringcrypto +//go:build no_openssl - + package rsa - + -import "crypto/internal/boring" +import boring "crypto/internal/backend" - + func boringPublicKey(*PublicKey) (*boring.PublicKeyRSA, error) { - panic("boringcrypto: not available") + panic("!no_openssl: not available") @@ -1475,7 +1475,7 @@ index e51b9d2ca7..2d5f6b5ea9 100644 --- a/src/crypto/rsa/pkcs1v15.go +++ b/src/crypto/rsa/pkcs1v15.go @@ -6,7 +6,7 @@ package rsa - + import ( "crypto" - "crypto/internal/boring" @@ -1486,7 +1486,7 @@ index e51b9d2ca7..2d5f6b5ea9 100644 @@ -46,7 +46,7 @@ func EncryptPKCS1v15(random io.Reader, pub *PublicKey, msg []byte) ([]byte, erro return nil, ErrMessageTooLong } - + - if boring.Enabled && random == boring.RandReader { + if boring.Enabled() && random == boring.RandReader { bkey, err := boringPublicKey(pub) @@ -1495,7 +1495,7 @@ index e51b9d2ca7..2d5f6b5ea9 100644 @@ -66,7 +66,7 @@ func EncryptPKCS1v15(random io.Reader, pub *PublicKey, msg []byte) ([]byte, erro em[len(em)-len(msg)-1] = 0 copy(mm, msg) - + - if boring.Enabled { + if boring.Enabled() { var bkey *boring.PublicKeyRSA @@ -1504,7 +1504,7 @@ index e51b9d2ca7..2d5f6b5ea9 100644 @@ -91,7 +91,7 @@ func DecryptPKCS1v15(random io.Reader, priv *PrivateKey, ciphertext []byte) ([]b return nil, err } - + - if boring.Enabled { + if boring.Enabled() { bkey, err := boringPrivateKey(priv) @@ -1513,7 +1513,7 @@ index e51b9d2ca7..2d5f6b5ea9 100644 @@ -170,7 +170,7 @@ func decryptPKCS1v15(priv *PrivateKey, ciphertext []byte) (valid int, em []byte, return } - + - if boring.Enabled { + if boring.Enabled() { var bkey *boring.PrivateKeyRSA @@ -1522,7 +1522,7 @@ index e51b9d2ca7..2d5f6b5ea9 100644 @@ -278,12 +278,12 @@ func SignPKCS1v15(random io.Reader, priv *PrivateKey, hash crypto.Hash, hashed [ return nil, ErrMessageTooLong } - + - if boring.Enabled { + if boring.Enabled() { bkey, err := boringPrivateKey(priv) @@ -1532,7 +1532,7 @@ index e51b9d2ca7..2d5f6b5ea9 100644 - return boring.SignRSAPKCS1v15(bkey, hash, hashed) + return boring.SignRSAPKCS1v15(bkey, hash, hashed, true) } - + // EM = 0x00 || 0x01 || PS || 0x00 || T @@ -304,12 +304,12 @@ func SignPKCS1v15(random io.Reader, priv *PrivateKey, hash crypto.Hash, hashed [ // returning a nil error. If hash is zero then hashed is used directly. This @@ -1564,49 +1564,49 @@ index 39a4fc184a..0853178e3a 100644 . "crypto/rsa" @@ -56,7 +56,7 @@ var decryptPKCS1v15Tests = []DecryptPKCS1v15Test{ } - + func TestDecryptPKCS1v15(t *testing.T) { - if boring.Enabled && !boringtest.Supports(t, "PKCSv1.5") { + if boring.Enabled() && !boringtest.Supports(t, "PKCSv1.5") { t.Skip("skipping PKCS#1 v1.5 encryption test with BoringCrypto") } - + @@ -84,7 +84,7 @@ func TestDecryptPKCS1v15(t *testing.T) { } - + func TestEncryptPKCS1v15(t *testing.T) { - if boring.Enabled && !boringtest.Supports(t, "PKCSv1.5") { + if boring.Enabled() && !boringtest.Supports(t, "PKCSv1.5") { t.Skip("skipping PKCS#1 v1.5 encryption test with BoringCrypto") } - + @@ -149,7 +149,7 @@ var decryptPKCS1v15SessionKeyTests = []DecryptPKCS1v15Test{ } - + func TestEncryptPKCS1v15SessionKey(t *testing.T) { - if boring.Enabled && !boringtest.Supports(t, "PKCSv1.5") { + if boring.Enabled() && !boringtest.Supports(t, "PKCSv1.5") { t.Skip("skipping PKCS#1 v1.5 encryption test with BoringCrypto") } - + @@ -167,7 +167,7 @@ func TestEncryptPKCS1v15SessionKey(t *testing.T) { } - + func TestEncryptPKCS1v15DecrypterSessionKey(t *testing.T) { - if boring.Enabled && !boringtest.Supports(t, "PKCSv1.5") { + if boring.Enabled() && !boringtest.Supports(t, "PKCSv1.5") { t.Skip("skipping PKCS#1 v1.5 encryption test with BoringCrypto") } - + @@ -277,7 +277,7 @@ func TestUnpaddedSignature(t *testing.T) { } - + func TestShortSessionKey(t *testing.T) { - if boring.Enabled && !boringtest.Supports(t, "PKCSv1.5") { + if boring.Enabled() && !boringtest.Supports(t, "PKCSv1.5") { t.Skip("skipping PKCS#1 v1.5 encryption test with BoringCrypto") } - + diff --git a/src/crypto/rsa/pss.go b/src/crypto/rsa/pss.go index f7d23b55ef..3c822aa587 100644 --- a/src/crypto/rsa/pss.go @@ -1623,7 +1623,7 @@ index f7d23b55ef..3c822aa587 100644 @@ -214,7 +214,7 @@ func signPSSWithSalt(priv *PrivateKey, hash crypto.Hash, hashed, salt []byte) ([ return nil, err } - + - if boring.Enabled { + if boring.Enabled() { bkey, err := boringPrivateKey(priv) @@ -1668,16 +1668,16 @@ index 1226149321..befd1612b5 100644 + if boring.Enabled() { t.Skip("skipping PSS test with BoringCrypto: too short key") } - + @@ -209,7 +209,7 @@ func TestPSSNilOpts(t *testing.T) { } - + func TestPSSSigning(t *testing.T) { - if boring.Enabled && !boringtest.Supports(t, "SHA1") { + if boring.Enabled() && !boringtest.Supports(t, "SHA1") { t.Skip("skipping PSS test with BoringCrypto: too short key") } - + diff --git a/src/crypto/rsa/rsa.go b/src/crypto/rsa/rsa.go index ab56ccd1ed..dd79dc5439 100644 --- a/src/crypto/rsa/rsa.go @@ -1696,7 +1696,7 @@ index ab56ccd1ed..dd79dc5439 100644 @@ -286,7 +286,7 @@ func GenerateKey(random io.Reader, bits int) (*PrivateKey, error) { func GenerateMultiPrimeKey(random io.Reader, nprimes int, bits int) (*PrivateKey, error) { randutil.MaybeReadByte(random) - + - if boring.Enabled && random == boring.RandReader && nprimes == 2 && + if boring.Enabled() && random == boring.RandReader && nprimes == 2 && (bits == 2048 || bits == 3072 || bits == 4096) { @@ -1705,7 +1705,7 @@ index ab56ccd1ed..dd79dc5439 100644 @@ -504,7 +504,7 @@ func EncryptOAEP(hash hash.Hash, random io.Reader, pub *PublicKey, msg []byte, l return nil, ErrMessageTooLong } - + - if boring.Enabled && random == boring.RandReader { + if boring.Enabled() && random == boring.RandReader { bkey, err := boringPublicKey(pub) @@ -1714,7 +1714,7 @@ index ab56ccd1ed..dd79dc5439 100644 @@ -533,7 +533,7 @@ func EncryptOAEP(hash hash.Hash, random io.Reader, pub *PublicKey, msg []byte, l mgf1XOR(db, hash, seed) mgf1XOR(seed, hash, db) - + - if boring.Enabled { + if boring.Enabled() { var bkey *boring.PublicKeyRSA @@ -1723,7 +1723,7 @@ index ab56ccd1ed..dd79dc5439 100644 @@ -675,7 +675,7 @@ func decryptOAEP(hash, mgfHash hash.Hash, random io.Reader, priv *PrivateKey, ci return nil, ErrDecryption } - + - if boring.Enabled { + if boring.Enabled() { bkey, err := boringPrivateKey(priv) @@ -1754,7 +1754,7 @@ index b994daec19..4b7427e1ae 100644 @@ -120,12 +120,12 @@ func testKeyBasics(t *testing.T, priv *PrivateKey) { t.Errorf("private exponent too large") } - + - if boring.Enabled { + if boring.Enabled() { // Cannot call encrypt/decrypt with raw RSA. PKCSv1.5 @@ -1768,7 +1768,7 @@ index b994daec19..4b7427e1ae 100644 } @@ -167,7 +167,7 @@ func testKeyBasics(t *testing.T, priv *PrivateKey) { } - + func TestAllocations(t *testing.T) { - if boring.Enabled { + if boring.Enabled() { @@ -1805,12 +1805,12 @@ index b994daec19..4b7427e1ae 100644 @@ -741,7 +741,7 @@ func Test2DecryptOAEP(t *testing.T) { sha1 := crypto.SHA1 sha256 := crypto.SHA256 - + - if boring.Enabled && n.BitLen() < 2048 { + if boring.Enabled() && n.BitLen() < 2048 { t.Skipf("skipping encryption tests with BoringCrypto: too short key: %d", n.BitLen()) } - + @@ -760,7 +760,7 @@ func TestEncryptDecryptOAEP(t *testing.T) { d := new(big.Int) for i, test := range testEncryptOAEPData { @@ -1826,18 +1826,18 @@ index b5786d1bf4..9bd03f3940 100644 +++ b/src/crypto/sha1/boring.go @@ -12,11 +12,11 @@ package sha1 - + import ( - "crypto/internal/boring" + boring "crypto/internal/backend" "hash" ) - + -const boringEnabled = boring.Enabled +var boringEnabled = boring.Enabled() - + func boringNewSHA1() hash.Hash { return boring.NewSHA1() } - + diff --git a/src/crypto/sha1/notboring.go b/src/crypto/sha1/notboring.go index 42ef87937f..c1a3205539 100644 --- a/src/crypto/sha1/notboring.go @@ -1845,15 +1845,15 @@ index 42ef87937f..c1a3205539 100644 @@ -11,10 +11,10 @@ import ( "hash" ) - + -const boringEnabled = false +var boringEnabled = false - + -func boringNewSHA1() hash.Hash { panic("boringcrypto: not available") } +func boringNewSHA1() hash.Hash { panic("!no_openssl: not available") } - + func boringUnreachable() {} - + -func boringSHA1([]byte) [20]byte { panic("boringcrypto: not available") } +func boringSHA1([]byte) [20]byte { panic("!no_openssl: not available") } diff --git a/src/crypto/sha1/sha1_test.go b/src/crypto/sha1/sha1_test.go @@ -1861,7 +1861,7 @@ index 85ed126091..71f4b46663 100644 --- a/src/crypto/sha1/sha1_test.go +++ b/src/crypto/sha1/sha1_test.go @@ -8,7 +8,7 @@ package sha1 - + import ( "bytes" - "crypto/internal/boring" @@ -1879,7 +1879,7 @@ index 85ed126091..71f4b46663 100644 } io.WriteString(c, g.in[0:len(g.in)/2]) @@ -145,7 +145,7 @@ func TestBlockSize(t *testing.T) { - + // Tests that blockGeneric (pure Go) and block (in assembly for some architectures) match. func TestBlockGeneric(t *testing.T) { - if boring.Enabled { @@ -1889,7 +1889,7 @@ index 85ed126091..71f4b46663 100644 for i := 1; i < 30; i++ { // arbitrary factor @@ -218,7 +218,7 @@ func TestLargeHashes(t *testing.T) { } - + func TestAllocations(t *testing.T) { - if boring.Enabled { + if boring.Enabled() { @@ -1901,7 +1901,7 @@ index 2deafbc9fc..282c326b32 100644 --- a/src/crypto/sha256/sha256.go +++ b/src/crypto/sha256/sha256.go @@ -8,7 +8,7 @@ package sha256 - + import ( "crypto" - "crypto/internal/boring" @@ -1919,7 +1919,7 @@ index 2deafbc9fc..282c326b32 100644 } d := new(digest) @@ -158,7 +158,7 @@ func New() hash.Hash { - + // New224 returns a new hash.Hash computing the SHA224 checksum. func New224() hash.Hash { - if boring.Enabled { @@ -1928,7 +1928,7 @@ index 2deafbc9fc..282c326b32 100644 } d := new(digest) @@ -251,7 +251,7 @@ func (d *digest) checkSum() [Size]byte { - + // Sum256 returns the SHA256 checksum of the data. func Sum256(data []byte) [Size]byte { - if boring.Enabled { @@ -1937,7 +1937,7 @@ index 2deafbc9fc..282c326b32 100644 } var d digest @@ -262,7 +262,7 @@ func Sum256(data []byte) [Size]byte { - + // Sum224 returns the SHA224 checksum of the data. func Sum224(data []byte) [Size224]byte { - if boring.Enabled { @@ -1950,7 +1950,7 @@ index 7304678346..a073d31119 100644 --- a/src/crypto/sha256/sha256_test.go +++ b/src/crypto/sha256/sha256_test.go @@ -8,7 +8,7 @@ package sha256 - + import ( "bytes" - "crypto/internal/boring" @@ -1959,7 +1959,7 @@ index 7304678346..a073d31119 100644 "encoding" "fmt" @@ -217,7 +217,7 @@ func TestBlockSize(t *testing.T) { - + // Tests that blockGeneric (pure Go) and block (in assembly for some architectures) match. func TestBlockGeneric(t *testing.T) { - if boring.Enabled { @@ -1969,7 +1969,7 @@ index 7304678346..a073d31119 100644 gen, asm := New().(*digest), New().(*digest) @@ -294,7 +294,7 @@ func TestLargeHashes(t *testing.T) { } - + func TestAllocations(t *testing.T) { - if boring.Enabled { + if boring.Enabled() { @@ -1981,7 +1981,7 @@ index 9ae1b3aae2..e56eedb201 100644 --- a/src/crypto/sha512/sha512.go +++ b/src/crypto/sha512/sha512.go @@ -12,7 +12,7 @@ package sha512 - + import ( "crypto" - "crypto/internal/boring" @@ -1990,7 +1990,7 @@ index 9ae1b3aae2..e56eedb201 100644 "errors" "hash" @@ -206,7 +206,7 @@ func consumeUint64(b []byte) ([]byte, uint64) { - + // New returns a new hash.Hash computing the SHA-512 checksum. func New() hash.Hash { - if boring.Enabled { @@ -1999,7 +1999,7 @@ index 9ae1b3aae2..e56eedb201 100644 } d := &digest{function: crypto.SHA512} @@ -230,7 +230,7 @@ func New512_256() hash.Hash { - + // New384 returns a new hash.Hash computing the SHA-384 checksum. func New384() hash.Hash { - if boring.Enabled { @@ -2008,7 +2008,7 @@ index 9ae1b3aae2..e56eedb201 100644 } d := &digest{function: crypto.SHA384} @@ -341,7 +341,7 @@ func (d *digest) checkSum() [Size]byte { - + // Sum512 returns the SHA512 checksum of the data. func Sum512(data []byte) [Size]byte { - if boring.Enabled { @@ -2017,7 +2017,7 @@ index 9ae1b3aae2..e56eedb201 100644 } d := digest{function: crypto.SHA512} @@ -352,7 +352,7 @@ func Sum512(data []byte) [Size]byte { - + // Sum384 returns the SHA384 checksum of the data. func Sum384(data []byte) [Size384]byte { - if boring.Enabled { @@ -2030,7 +2030,7 @@ index 921cdbb7bb..a35165bcbf 100644 --- a/src/crypto/sha512/sha512_test.go +++ b/src/crypto/sha512/sha512_test.go @@ -8,7 +8,7 @@ package sha512 - + import ( "bytes" - "crypto/internal/boring" @@ -2039,7 +2039,7 @@ index 921cdbb7bb..a35165bcbf 100644 "encoding" "encoding/hex" @@ -823,7 +823,7 @@ func TestBlockSize(t *testing.T) { - + // Tests that blockGeneric (pure Go) and block (in assembly for some architectures) match. func TestBlockGeneric(t *testing.T) { - if boring.Enabled { @@ -2049,7 +2049,7 @@ index 921cdbb7bb..a35165bcbf 100644 gen, asm := New().(*digest), New().(*digest) @@ -893,7 +893,7 @@ func TestLargeHashes(t *testing.T) { } - + func TestAllocations(t *testing.T) { - if boring.Enabled { + if boring.Enabled() { @@ -2063,15 +2063,15 @@ index 140b1a3dd8..fe6fa96d28 100644 @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. - + -//go:build boringcrypto +//go:build !no_openssl - + package tls - + @@ -12,7 +12,7 @@ import ( ) - + func init() { - if boring.Enabled && !boring.ExecutingTest() { + if boring.Enabled() && !boring.ExecutingTest() { @@ -2085,12 +2085,12 @@ index 7bfe3f9417..49702f59ba 100644 @@ -2,14 +2,14 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. - + -//go:build boringcrypto +//go:build !no_openssl - + package tls - + import ( "crypto/ecdsa" "crypto/elliptic" @@ -2109,9 +2109,9 @@ index 7bfe3f9417..49702f59ba 100644 } else { test("VersionTLS13", VersionTLS13, "") @@ -238,7 +238,7 @@ func TestBoringServerSignatureAndHash(t *testing.T) { - + clientConfig := testConfig.Clone() - + - if boring.Enabled { + if boring.Enabled() { serverConfig.Rand = boring.RandReader @@ -2120,7 +2120,7 @@ index 7bfe3f9417..49702f59ba 100644 @@ -369,7 +369,7 @@ func TestBoringCertAlgs(t *testing.T) { serverConfig.Certificates = []Certificate{{Certificate: list, PrivateKey: key}} serverConfig.BuildNameToCertificate() - + - if boring.Enabled { + if boring.Enabled() { serverConfig.Rand = boring.RandReader @@ -2136,7 +2136,7 @@ index 7bfe3f9417..49702f59ba 100644 serverConfig.Certificates[0].PrivateKey = testRSA2048PrivateKey serverConfig.BuildNameToCertificate() } - + - if boring.Enabled { + if boring.Enabled() { serverConfig.Rand = boring.RandReader @@ -2271,12 +2271,12 @@ index 7d85b39c59..fe2719485b 100644 @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. - + -//go:build !boringcrypto +//go:build no_openssl - + package tls - + diff --git a/src/crypto/x509/boring.go b/src/crypto/x509/boring.go index 095b58c315..ac06591ea8 100644 --- a/src/crypto/x509/boring.go @@ -2284,12 +2284,12 @@ index 095b58c315..ac06591ea8 100644 @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. - + -//go:build boringcrypto +//go:build !no_openssl - + package x509 - + diff --git a/src/crypto/x509/boring_test.go b/src/crypto/x509/boring_test.go index 102acda578..07b3c7095e 100644 --- a/src/crypto/x509/boring_test.go @@ -2297,12 +2297,12 @@ index 102acda578..07b3c7095e 100644 @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. - + -//go:build boringcrypto +//go:build !no_openssl - + package x509 - + diff --git a/src/crypto/x509/notboring.go b/src/crypto/x509/notboring.go index c83a7272c9..0c7dea2f1f 100644 --- a/src/crypto/x509/notboring.go @@ -2310,12 +2310,12 @@ index c83a7272c9..0c7dea2f1f 100644 @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. - + -//go:build !boringcrypto +//go:build no_openssl - + package x509 - + diff --git a/src/crypto/x509/x509_test.go b/src/crypto/x509/x509_test.go index 8734dd03c1..22a104f338 100644 --- a/src/crypto/x509/x509_test.go @@ -2331,7 +2331,7 @@ index 8734dd03c1..22a104f338 100644 "crypto/rsa" @@ -653,7 +653,7 @@ func TestCreateSelfSignedCertificate(t *testing.T) { extraExtensionData := []byte("extra extension") - + for _, test := range tests { - if boring.Enabled && test.sigAlgo.isRSAPSS() { + if boring.Enabled() && test.sigAlgo.isRSAPSS() { @@ -2348,24 +2348,24 @@ index 8734dd03c1..22a104f338 100644 } else { testCurve = elliptic.P384() diff --git a/src/go.mod b/src/go.mod -index 7a15940c88..72423978b3 100644 +index 7a15940c88..4ef3903950 100644 --- a/src/go.mod +++ b/src/go.mod @@ -3,6 +3,7 @@ module std go 1.20 - + require ( -+ github.com/golang-fips/openssl v0.0.0-20240830121749-972af39412e2 ++ github.com/golang-fips/openssl v0.0.0-20241001010402-8c1c6aa53546 golang.org/x/crypto v0.3.1-0.20221117191849-2c476679df9a golang.org/x/net v0.4.1-0.20231027154331-b8c2abfc1559 ) diff --git a/src/go.sum b/src/go.sum -index 3ab018e39e..2537db007e 100644 +index 3ab018e39e..c8474a4814 100644 --- a/src/go.sum +++ b/src/go.sum @@ -1,3 +1,5 @@ -+github.com/golang-fips/openssl v0.0.0-20240830121749-972af39412e2 h1:YcC2OtDNGCcn2qTnNhGb2Zl4lUwOgTMVAc42hPaf7hk= -+github.com/golang-fips/openssl v0.0.0-20240830121749-972af39412e2/go.mod h1:LBziBt5PA8FeliZ0KnhnWMrrHzvAsMWZUlYWOYKkpBI= ++github.com/golang-fips/openssl v0.0.0-20241001010402-8c1c6aa53546 h1:ji9DKOcO2q26wofiA4O7aJFd/bb4CX7E2SOh8gYXB/0= ++github.com/golang-fips/openssl v0.0.0-20241001010402-8c1c6aa53546/go.mod h1:LBziBt5PA8FeliZ0KnhnWMrrHzvAsMWZUlYWOYKkpBI= golang.org/x/crypto v0.3.1-0.20221117191849-2c476679df9a h1:diz9pEYuTIuLMJLs3rGDkeaTsNyRs6duYdFyPAxzE/U= golang.org/x/crypto v0.3.1-0.20221117191849-2c476679df9a/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= golang.org/x/net v0.4.1-0.20231027154331-b8c2abfc1559 h1:ZYA0bvgfxBB+JecyQpRCT/HUR/bSwdk6OJUhJ3CNLxg= @@ -3166,14 +3166,14 @@ index e15f3682c7..9f46388865 100644 @@ -2,19 +2,24 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. - + -//go:build boringcrypto && linux && (amd64 || arm64) && !android && !cmd_go_bootstrap && !msan +//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl +// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl - + -package boring +package openssl - + -// #include "goboringcrypto.h" +// #include "goopenssl.h" import "C" @@ -3185,19 +3185,19 @@ index e15f3682c7..9f46388865 100644 "runtime" + "unsafe" ) - + type ecdsaSignature struct { - R, S BigInt + R, S *big.Int } - + type PrivateKeyECDSA struct { @@ -34,11 +39,15 @@ func (k *PublicKeyECDSA) finalize() { } - + var errUnknownCurve = errors.New("boringcrypto: unknown elliptic curve") +var errUnsupportedCurve = errors.New("boringcrypto: unsupported elliptic curve") - + func curveNID(curve string) (C.int, error) { switch curve { case "P-224": @@ -3246,7 +3246,7 @@ index e15f3682c7..9f46388865 100644 @@ -119,19 +128,57 @@ func NewPrivateKeyECDSA(curve string, X, Y BigInt, D BigInt) (*PrivateKeyECDSA, return k, nil } - + +func HashSignECDSA(priv *PrivateKeyECDSA, hash []byte, h crypto.Hash) (*big.Int, *big.Int, error) { + size := C._goboringcrypto_ECDSA_size(priv.key) + sig := make([]byte, size) @@ -3283,7 +3283,7 @@ index e15f3682c7..9f46388865 100644 runtime.KeepAlive(priv) return sig[:sigLen], nil } - + func VerifyECDSA(pub *PublicKeyECDSA, hash []byte, sig []byte) bool { - ok := C._goboringcrypto_ECDSA_verify(0, base(hash), C.size_t(len(hash)), base(sig), C.size_t(len(sig)), pub.key) != 0 + ok := C._goboringcrypto_ECDSA_verify_raw(nil, base(hash), C.size_t(len(hash)), @@ -3403,10 +3403,10 @@ index 0000000000..46d2bdd068 +} diff --git a/src/vendor/github.com/golang-fips/openssl/openssl/goopenssl.h b/src/vendor/github.com/golang-fips/openssl/openssl/goopenssl.h new file mode 100644 -index 0000000000..ac6c64f86d +index 0000000000..1e2d8465b8 --- /dev/null +++ b/src/vendor/github.com/golang-fips/openssl/openssl/goopenssl.h -@@ -0,0 +1,1054 @@ +@@ -0,0 +1,1058 @@ +// Copyright 2017 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. @@ -3418,13 +3418,17 @@ index 0000000000..ac6c64f86d + +// This header file describes the OpenSSL ABI as built for use in Go. + ++#define OPENSSL_VERSION_3_0_0 0x30000000L ++#define OPENSSL_VERSION_1_1_0 0x10100000L ++#define OPENSSL_VERSION_1_1_1 0x10101000L ++ +#include // size_t +#include // uint8_t +#include // memset + +#include + -+#if OPENSSL_VERSION_NUMBER < 0x30000000 ++#if OPENSSL_VERSION_NUMBER < OPENSSL_VERSION_3_0_0 +#define OPENSSL_DLSYM_CALL(handle, func) dlsym(handle, func) +#else +#define __USE_GNU @@ -3473,9 +3477,9 @@ index 0000000000..ac6c64f86d + { + return handle; + } -+#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < OPENSSL_VERSION_1_1_0 + handle = dlopen("libcrypto.so.10", RTLD_NOW | RTLD_GLOBAL); -+#elif OPENSSL_VERSION_NUMBER < 0x30000000L ++#elif OPENSSL_VERSION_NUMBER < OPENSSL_VERSION_3_0_0 + handle = dlopen("libcrypto.so.1.1", RTLD_NOW | RTLD_GLOBAL); +#else + handle = dlopen("libcrypto.so.3", RTLD_NOW | RTLD_GLOBAL); @@ -3499,7 +3503,7 @@ index 0000000000..ac6c64f86d + +#include +DEFINEFUNCINTERNAL(void, ERR_print_errors_fp, (FILE* fp), (fp)) -+#if OPENSSL_VERSION_NUMBER < 0x30000000 ++#if OPENSSL_VERSION_NUMBER < OPENSSL_VERSION_3_0_0 +DEFINEFUNCINTERNAL(unsigned long, ERR_get_error_line_data, + (const char **file, int *line, const char **data, int *flags), + (file, line, data, flags)) @@ -3521,7 +3525,7 @@ index 0000000000..ac6c64f86d + +#include + -+#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < OPENSSL_VERSION_1_1_0 +DEFINEFUNC(int, CRYPTO_num_locks, (void), ()) +#else +static inline int @@ -3529,7 +3533,7 @@ index 0000000000..ac6c64f86d + return CRYPTO_num_locks(); /* defined as macro */ +} +#endif -+#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < OPENSSL_VERSION_1_1_0 +DEFINEFUNC(void, CRYPTO_set_id_callback, (unsigned long (*id_function)(void)), (id_function)) +#else +static inline void @@ -3537,9 +3541,9 @@ index 0000000000..ac6c64f86d + CRYPTO_set_id_callback(id_function); /* defined as macro */ +} +#endif -+#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < OPENSSL_VERSION_1_1_0 +DEFINEFUNC(void, CRYPTO_set_locking_callback, -+ (void (*locking_function)(int mode, int n, const char *file, int line)), ++ (void (*locking_function)(int mode, int n, const char *file, int line)), + (locking_function)) +#else +static inline void @@ -3550,7 +3554,7 @@ index 0000000000..ac6c64f86d + +int _goboringcrypto_OPENSSL_thread_setup(void); + -+#if OPENSSL_VERSION_NUMBER < 0x30000000L ++#if OPENSSL_VERSION_NUMBER < OPENSSL_VERSION_3_0_0 +DEFINEFUNC(int, FIPS_mode, (void), ()) +DEFINEFUNC(int, FIPS_mode_set, (int r), (r)) +#else @@ -3626,7 +3630,7 @@ index 0000000000..ac6c64f86d +DEFINEFUNC(const GO_EVP_MD *, EVP_sha384, (void), ()) +DEFINEFUNC(const GO_EVP_MD *, EVP_sha512, (void), ()) +DEFINEFUNC(const GO_EVP_MD *, EVP_md_null, (void), ()) -+#if OPENSSL_VERSION_NUMBER < 0x30000000L ++#if OPENSSL_VERSION_NUMBER < OPENSSL_VERSION_3_0_0 +DEFINEFUNCINTERNAL(int, EVP_MD_type, (const GO_EVP_MD *arg0), (arg0)) +DEFINEFUNCINTERNAL(int, EVP_MD_size, (const GO_EVP_MD *arg0), (arg0)) +static inline int @@ -3647,7 +3651,7 @@ index 0000000000..ac6c64f86d + +static inline int +_goboringcrypto_EVP_MD_type(const GO_EVP_MD *md) { -+#if OPENSSL_VERSION_NUMBER < 0x30000000L ++#if OPENSSL_VERSION_NUMBER < OPENSSL_VERSION_3_0_0 + return _goboringcrypto_internal_EVP_MD_type(md); +#else + return _goboringcrypto_internal_EVP_MD_get_type(md); @@ -3657,7 +3661,7 @@ index 0000000000..ac6c64f86d +const GO_EVP_MD* _goboringcrypto_backport_EVP_md5_sha1(void); +static inline const GO_EVP_MD* +_goboringcrypto_EVP_md5_sha1(void) { -+#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < OPENSSL_VERSION_1_1_0 + return _goboringcrypto_backport_EVP_md5_sha1(); +#else + return _goboringcrypto_internal_EVP_md5_sha1(); @@ -3673,7 +3677,7 @@ index 0000000000..ac6c64f86d +int _goboringcrypto_HMAC_CTX_reset(GO_HMAC_CTX *ctx); +void _goboringcrypto_HMAC_CTX_free(GO_HMAC_CTX *ctx); +int _goboringcrypto_HMAC_Final(GO_HMAC_CTX *ctx, -+ unsigned char *md, unsigned int *len); ++ unsigned char *md, unsigned int len); + +#include +#include @@ -3727,7 +3731,7 @@ index 0000000000..ac6c64f86d + return ((_goboringcrypto_BN_num_bits(a)+7)/8); +} + -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++#if OPENSSL_VERSION_NUMBER >= OPENSSL_VERSION_1_1_0 +DEFINEFUNC(GO_BIGNUM *, BN_lebin2bn, (const unsigned char *s, int len, GO_BIGNUM *ret), (s, len, ret)) +DEFINEFUNC(int, BN_bn2lebinpad, (const GO_BIGNUM *a, unsigned char *to, int tolen), (a, to, tolen)) +DEFINEFUNC(int, BN_bn2binpad, (const GO_BIGNUM *a, unsigned char *to, int tolen), (a, to, tolen)) @@ -3827,7 +3831,7 @@ index 0000000000..ac6c64f86d +DEFINEFUNC(size_t, EC_POINT_point2oct, (const GO_EC_GROUP *group, const GO_EC_POINT *p, point_conversion_form_t form, unsigned char *buf, size_t len, GO_BN_CTX *ctx), (group, p, form, buf, len, ctx)) +DEFINEFUNC(int, EC_POINT_oct2point, (const GO_EC_GROUP *group, GO_EC_POINT *p, const unsigned char *buf, size_t len, GO_BN_CTX *ctx), (group, p, buf, len, ctx)) + -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++#if OPENSSL_VERSION_NUMBER >= OPENSSL_VERSION_1_1_0 +DEFINEFUNC(int, EC_KEY_oct2key, (GO_EC_KEY *arg0, const unsigned char *arg1, size_t arg2, BN_CTX *arg3), (arg0, arg1, arg2, arg3)) +#else +static inline int @@ -3856,7 +3860,7 @@ index 0000000000..ac6c64f86d + +DEFINEFUNC(size_t, ECDSA_size, (const GO_EC_KEY *arg0), (arg0)) + -+#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < OPENSSL_VERSION_1_1_0 +DEFINEFUNC(EVP_MD_CTX*, EVP_MD_CTX_create, (void), ()) +#else +DEFINEFUNCINTERNAL(EVP_MD_CTX*, EVP_MD_CTX_new, (void), ()) @@ -3902,7 +3906,7 @@ index 0000000000..ac6c64f86d +int _goboringcrypto_EVP_sign(EVP_MD* md, EVP_PKEY_CTX *ctx, const uint8_t *msg, size_t msgLen, uint8_t *sig, size_t *slen, EVP_PKEY *eckey); +int _goboringcrypto_EVP_verify(EVP_MD* md, EVP_PKEY_CTX *ctx, const uint8_t *msg, size_t msgLen, const uint8_t *sig, unsigned int slen, EVP_PKEY *key); + -+#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < OPENSSL_VERSION_1_1_0 +DEFINEFUNCINTERNAL(void, EVP_MD_CTX_destroy, (EVP_MD_CTX *ctx), (ctx)) +static inline void _goboringcrypto_EVP_MD_CTX_free(EVP_MD_CTX *ctx) { + return _goboringcrypto_internal_EVP_MD_CTX_destroy(ctx); @@ -3942,7 +3946,7 @@ index 0000000000..ac6c64f86d + +static inline int +_goboringcrypto_RSA_set0_factors(GO_RSA * r, GO_BIGNUM *p, GO_BIGNUM *q) { -+#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < OPENSSL_VERSION_1_1_0 + /* If the fields p and q in r are NULL, the corresponding input + * parameters MUST be non-NULL. + */ @@ -3971,7 +3975,7 @@ index 0000000000..ac6c64f86d + +static inline int +_goboringcrypto_RSA_set0_crt_params(GO_RSA * r, GO_BIGNUM *dmp1, GO_BIGNUM *dmq1, GO_BIGNUM *iqmp) { -+#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < OPENSSL_VERSION_1_1_0 + /* If the fields dmp1, dmq1 and iqmp in r are NULL, the corresponding input + * parameters MUST be non-NULL. + */ @@ -4004,7 +4008,7 @@ index 0000000000..ac6c64f86d + (r, dmp1, dmq1, iqmp)) +static inline void +_goboringcrypto_RSA_get0_crt_params(const GO_RSA *r, const GO_BIGNUM **dmp1, const GO_BIGNUM **dmq1, const GO_BIGNUM **iqmp) { -+#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < OPENSSL_VERSION_1_1_0 + if (dmp1 != NULL) + *dmp1 = r->dmp1; + if (dmq1 != NULL) @@ -4022,7 +4026,7 @@ index 0000000000..ac6c64f86d + (r, n, e, d)) +static inline int +_goboringcrypto_RSA_set0_key(GO_RSA * r, GO_BIGNUM *n, GO_BIGNUM *e, GO_BIGNUM *d) { -+#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < OPENSSL_VERSION_1_1_0 + /* If the fields n and e in r are NULL, the corresponding input + * parameters MUST be non-NULL for n and e. d may be + * left NULL (in case only the public key is used). @@ -4053,9 +4057,9 @@ index 0000000000..ac6c64f86d +DEFINEFUNCINTERNAL(void, RSA_get0_factors, + (const GO_RSA *rsa, const GO_BIGNUM **p, const GO_BIGNUM **q), + (rsa, p, q)) -+static inline void ++static inline void +_goboringcrypto_RSA_get0_factors(const GO_RSA *rsa, const GO_BIGNUM **p, const GO_BIGNUM **q) { -+#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < OPENSSL_VERSION_1_1_0 + if (p) + *p = rsa->p; + if (q) @@ -4068,9 +4072,9 @@ index 0000000000..ac6c64f86d +DEFINEFUNCINTERNAL(void, RSA_get0_key, + (const GO_RSA *rsa, const GO_BIGNUM **n, const GO_BIGNUM **e, const GO_BIGNUM **d), + (rsa, n, e, d)) -+static inline void ++static inline void +_goboringcrypto_RSA_get0_key(const GO_RSA *rsa, const GO_BIGNUM **n, const GO_BIGNUM **e, const GO_BIGNUM **d) { -+#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < OPENSSL_VERSION_1_1_0 + if (n) + *n = rsa->n; + if (e) @@ -4181,14 +4185,14 @@ index 0000000000..ac6c64f86d + +static inline int +_goboringcrypto_EVP_PKEY_CTX_set_rsa_padding(GO_EVP_PKEY_CTX* ctx, int pad) { -+#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < OPENSSL_VERSION_1_1_0 + return _goboringcrypto_EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, EVP_PKEY_CTRL_RSA_PADDING, pad, NULL); +#else + return _goboringcrypto_internal_RSA_pkey_ctx_ctrl(ctx, -1, EVP_PKEY_CTRL_RSA_PADDING, pad, NULL); +#endif +} + -+#if OPENSSL_VERSION_NUMBER < 0x30000000 ++#if OPENSSL_VERSION_NUMBER < OPENSSL_VERSION_3_0_0 +static inline int +_goboringcrypto_EVP_PKEY_CTX_set0_rsa_oaep_label(GO_EVP_PKEY_CTX *ctx, uint8_t *l, int llen) +{ @@ -4208,9 +4212,9 @@ index 0000000000..ac6c64f86d + +static inline int +_goboringcrypto_EVP_PKEY_CTX_set_rsa_pss_saltlen(GO_EVP_PKEY_CTX * arg0, int arg1) { -+ return _goboringcrypto_EVP_PKEY_CTX_ctrl(arg0, EVP_PKEY_RSA, -+ (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), -+ EVP_PKEY_CTRL_RSA_PSS_SALTLEN, ++ return _goboringcrypto_EVP_PKEY_CTX_ctrl(arg0, EVP_PKEY_RSA, ++ (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), ++ EVP_PKEY_CTRL_RSA_PSS_SALTLEN, + arg1, NULL); +} + @@ -4265,11 +4269,11 @@ index 0000000000..ac6c64f86d + +DEFINEFUNC(int, EVP_PKEY_derive_init, (GO_EVP_PKEY_CTX *arg0), (arg0)) +DEFINEFUNC(int, EVP_PKEY_derive, (GO_EVP_PKEY_CTX *arg0, unsigned char *arg1, size_t *arg2), (arg0, arg1, arg2)) -+#if OPENSSL_VERSION_NUMBER >= 0x30000000L ++#if OPENSSL_VERSION_NUMBER >= OPENSSL_VERSION_3_0_0 +DEFINEFUNC(int, EVP_PKEY_derive_set_peer_ex, (GO_EVP_PKEY_CTX *arg0, GO_EVP_PKEY *arg1, int arg2), (arg0, arg1, arg2)); +#else +DEFINEFUNCINTERNAL(int, EVP_PKEY_derive_set_peer, (EVP_PKEY_CTX *ctx, EVP_PKEY *peer), (ctx, peer)) -+# if OPENSSL_VERSION_NUMBER >= 0x10100000L ++# if OPENSSL_VERSION_NUMBER >= OPENSSL_VERSION_1_1_0 +DEFINEFUNC(int, EVP_PKEY_public_check, (EVP_PKEY_CTX *arg0), (arg0)) + +static inline int @@ -4297,7 +4301,7 @@ index 0000000000..ac6c64f86d +# endif +#endif + -+#if OPENSSL_VERSION_NUMBER >= 0x10101000L ++#if OPENSSL_VERSION_NUMBER >= OPENSSL_VERSION_1_1_1 +#include + +enum { @@ -4309,7 +4313,7 @@ index 0000000000..ac6c64f86d + GO_EVP_PKEY_HKDEF_MODE_EXPAND_ONLY = EVP_PKEY_HKDEF_MODE_EXPAND_ONLY, +}; + -+#if OPENSSL_VERSION_NUMBER >= 0x30000000 ++#if OPENSSL_VERSION_NUMBER >= OPENSSL_VERSION_3_0_0 +DEFINEFUNC(int, EVP_PKEY_CTX_set_hkdf_mode, (GO_EVP_PKEY_CTX *arg0, int arg1), (arg0, arg1)) +DEFINEFUNC(int, EVP_PKEY_CTX_set_hkdf_md, (GO_EVP_PKEY_CTX *arg0, const GO_EVP_MD *arg1), (arg0, arg1)) +DEFINEFUNC(int, EVP_PKEY_CTX_set1_hkdf_salt, (GO_EVP_PKEY_CTX *arg0, unsigned char *arg1, int arg2), (arg0, arg1, arg2)) @@ -4420,7 +4424,7 @@ index 0000000000..ac6c64f86d +}; + +DEFINEFUNC(int, EC_POINT_mul, (const GO_EC_GROUP *group, GO_EC_POINT *r, const GO_BIGNUM *n, const GO_EC_POINT *q, const GO_BIGNUM *m, GO_BN_CTX *ctx), (group, r, n, q, m, ctx)) -+#if OPENSSL_VERSION_NUMBER >= 0x30000000 ++#if OPENSSL_VERSION_NUMBER >= OPENSSL_VERSION_3_0_0 +DEFINEFUNC(int, EVP_PKEY_get_bits, (const GO_EVP_PKEY *pkey), (pkey)); +#else +DEFINEFUNCINTERNAL(int, EVP_PKEY_bits, (const GO_EVP_PKEY *pkey), (pkey)); @@ -4439,7 +4443,7 @@ index 0000000000..ac6c64f86d + GO_POINT_CONVERSION_UNCOMPRESSED = 4, +}; + -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++#if OPENSSL_VERSION_NUMBER >= OPENSSL_VERSION_1_1_0 +DEFINEFUNC(int, EVP_PKEY_set1_encoded_public_key, (GO_EVP_PKEY *pkey, const unsigned char *pub, size_t publen), (pkey, pub, publen)) +DEFINEFUNC(size_t, EVP_PKEY_get1_encoded_public_key, (GO_EVP_PKEY *pkey, unsigned char **ppub), (pkey, ppub)) +#endif @@ -4579,20 +4583,20 @@ diff --git a/src/crypto/internal/boring/hmac.go b/src/vendor/github.com/golang-f similarity index 65% rename from src/crypto/internal/boring/hmac.go rename to src/vendor/github.com/golang-fips/openssl/openssl/hmac.go -index 6241a65f5f..3af1924884 100644 +index 6241a65f5f..c76d6690aa 100644 --- a/src/crypto/internal/boring/hmac.go +++ b/src/vendor/github.com/golang-fips/openssl/openssl/hmac.go @@ -2,14 +2,14 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. - + -//go:build boringcrypto && linux && (amd64 || arm64) && !android && !cmd_go_bootstrap && !msan +//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl +// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl - + -package boring +package openssl - + -// #include "goboringcrypto.h" +// #include "goopenssl.h" import "C" @@ -4604,7 +4608,7 @@ index 6241a65f5f..3af1924884 100644 @@ -67,13 +67,25 @@ func NewHMAC(h func() hash.Hash, key []byte) hash.Hash { return nil } - + - // Note: Could hash down long keys here using EVP_Digest. - hkey := bytes.Clone(key) + var hkey []byte @@ -4631,7 +4635,7 @@ index 6241a65f5f..3af1924884 100644 hmac.Reset() return hmac @@ -81,19 +93,15 @@ func NewHMAC(h func() hash.Hash, key []byte) hash.Hash { - + type boringHMAC struct { md *C.GO_EVP_MD - ctx C.GO_HMAC_CTX @@ -4643,7 +4647,7 @@ index 6241a65f5f..3af1924884 100644 sum []byte needCleanup bool } - + func (h *boringHMAC) Reset() { - if h.needCleanup { - C._goboringcrypto_HMAC_CTX_cleanup(&h.ctx) @@ -4652,13 +4656,13 @@ index 6241a65f5f..3af1924884 100644 h.needCleanup = true // Note: Because of the finalizer, any time h.ctx is passed to cgo, // that call must be followed by a call to runtime.KeepAlive(h), -@@ -101,26 +109,19 @@ func (h *boringHMAC) Reset() { +@@ -101,26 +109,21 @@ func (h *boringHMAC) Reset() { // call returns. runtime.SetFinalizer(h, (*boringHMAC).finalize) } - C._goboringcrypto_HMAC_CTX_init(&h.ctx) + C._goboringcrypto_HMAC_CTX_reset(h.ctx) - + - if C._goboringcrypto_HMAC_Init(&h.ctx, unsafe.Pointer(base(h.key)), C.int(len(h.key)), h.md) == 0 { - panic("boringcrypto: HMAC_Init failed") - } @@ -4669,21 +4673,28 @@ index 6241a65f5f..3af1924884 100644 runtime.KeepAlive(h) // Next line will keep h alive too; just making doubly sure. h.sum = nil } - + func (h *boringHMAC) finalize() { - C._goboringcrypto_HMAC_CTX_cleanup(&h.ctx) + C._goboringcrypto_HMAC_CTX_free(h.ctx) } - + func (h *boringHMAC) Write(p []byte) (int, error) { if len(p) > 0 { - C._goboringcrypto_HMAC_Update(&h.ctx, (*C.uint8_t)(unsafe.Pointer(&p[0])), C.size_t(len(p))) -+ C._goboringcrypto_HMAC_Update(h.ctx, (*C.uint8_t)(unsafe.Pointer(&p[0])), C.size_t(len(p))) ++ if C._goboringcrypto_HMAC_Update(h.ctx, (*C.uint8_t)(unsafe.Pointer(&p[0])), C.size_t(len(p))) == 0 { ++ panic("boringcrypto: HMAC_Update failed") ++ } } runtime.KeepAlive(h) return len(p), nil -@@ -139,15 +140,6 @@ func (h *boringHMAC) Sum(in []byte) []byte { - size := h.Size() +@@ -135,19 +138,12 @@ func (h *boringHMAC) BlockSize() int { + } + + func (h *boringHMAC) Sum(in []byte) []byte { ++ size := h.Size() + if h.sum == nil { +- size := h.Size() h.sum = make([]byte, size) } - // Make copy of context because Go hash.Hash mandates @@ -4693,10 +4704,11 @@ index 6241a65f5f..3af1924884 100644 - C._goboringcrypto_HMAC_CTX_init(&h.ctx2) - if C._goboringcrypto_HMAC_CTX_copy_ex(&h.ctx2, &h.ctx) == 0 { - panic("boringcrypto: HMAC_CTX_copy_ex failed") -- } ++ if C._goboringcrypto_HMAC_Final(h.ctx, (*C.uint8_t)(unsafe.Pointer(&h.sum[0])), C.uint(size)) == 0 { ++ panic("boringcrypto: HMAC_Final failed") + } - C._goboringcrypto_HMAC_Final(&h.ctx2, (*C.uint8_t)(unsafe.Pointer(&h.sum[0])), nil) - C._goboringcrypto_HMAC_CTX_cleanup(&h.ctx2) -+ C._goboringcrypto_HMAC_Final(h.ctx, (*C.uint8_t)(unsafe.Pointer(&h.sum[0])), nil) return append(in, h.sum...) } diff --git a/src/crypto/internal/boring/notboring.go b/src/vendor/github.com/golang-fips/openssl/openssl/notboring.go @@ -4709,14 +4721,14 @@ index 1c5e4c742d..11878e37a0 100644 @@ -2,32 +2,35 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. - + -//go:build !(boringcrypto && linux && (amd64 || arm64) && !android && !cmd_go_bootstrap && !msan && cgo) +//go:build !linux || !cgo || android || cmd_go_bootstrap || msan || no_openssl +// +build !linux !cgo android cmd_go_bootstrap msan no_openssl - + -package boring +package openssl - + import ( "crypto" "crypto/cipher" @@ -4725,10 +4737,10 @@ index 1c5e4c742d..11878e37a0 100644 + "io" + "math/big" ) - + -const available = false +var enabled = false - + // Unreachable marks code that should be unreachable // when BoringCrypto is in use. It is a no-op without BoringCrypto. func Unreachable() { @@ -4737,23 +4749,23 @@ index 1c5e4c742d..11878e37a0 100644 - // standard Go crypto. - sig.StandardCrypto() } - + // UnreachableExceptTests marks code that should be unreachable // when BoringCrypto is in use. It is a no-op without BoringCrypto. func UnreachableExceptTests() {} - + +func ExecutingTest() bool { return false } + +// This is a noop withotu BoringCrytpo. +func PanicIfStrictFIPS(v interface{}) {} + type randReader int - + func (randReader) Read(b []byte) (int, error) { panic("boringcrypto: not available") } @@ -40,16 +43,9 @@ func NewSHA256() hash.Hash { panic("boringcrypto: not available") } func NewSHA384() hash.Hash { panic("boringcrypto: not available") } func NewSHA512() hash.Hash { panic("boringcrypto: not available") } - + -func SHA1([]byte) [20]byte { panic("boringcrypto: not available") } -func SHA224([]byte) [28]byte { panic("boringcrypto: not available") } -func SHA256([]byte) [32]byte { panic("boringcrypto: not available") } @@ -4761,10 +4773,10 @@ index 1c5e4c742d..11878e37a0 100644 -func SHA512([]byte) [64]byte { panic("boringcrypto: not available") } - func NewHMAC(h func() hash.Hash, key []byte) hash.Hash { panic("boringcrypto: not available") } - + func NewAESCipher(key []byte) (cipher.Block, error) { panic("boringcrypto: not available") } -func NewGCMTLS(cipher.Block) (cipher.AEAD, error) { panic("boringcrypto: not available") } - + type PublicKeyECDSA struct{ _ int } type PrivateKeyECDSA struct{ _ int } @@ -63,17 +59,42 @@ func NewPrivateKeyECDSA(curve string, X, Y, D BigInt) (*PrivateKeyECDSA, error) @@ -4803,10 +4815,10 @@ index 1c5e4c742d..11878e37a0 100644 +func GenerateKeyECDH(curve string) (*PrivateKeyECDH, []byte, error) { panic("boringcrypto: not available") } - + type PublicKeyRSA struct{ _ int } type PrivateKeyRSA struct{ _ int } - + -func DecryptRSAOAEP(h, mgfHash hash.Hash, priv *PrivateKeyRSA, ciphertext, label []byte) ([]byte, error) { +func DecryptRSAOAEP(h hash.Hash, priv *PrivateKeyRSA, ciphertext, label []byte) ([]byte, error) { panic("boringcrypto: not available") @@ -4839,13 +4851,13 @@ index 1c5e4c742d..11878e37a0 100644 func VerifyRSAPSS(pub *PublicKeyRSA, h crypto.Hash, hashed, sig []byte, saltLen int) error { panic("boringcrypto: not available") } - + -type PublicKeyECDH struct{} -type PrivateKeyECDH struct{} +func ExtractHKDF(h func() hash.Hash, secret, salt []byte) ([]byte, error) { + panic("boringcrypto: not available") +} - + -func ECDH(*PrivateKeyECDH, *PublicKeyECDH) ([]byte, error) { panic("boringcrypto: not available") } -func GenerateKeyECDH(string) (*PrivateKeyECDH, []byte, error) { panic("boringcrypto: not available") } -func NewPrivateKeyECDH(string, []byte) (*PrivateKeyECDH, error) { panic("boringcrypto: not available") } @@ -5310,7 +5322,7 @@ index 0000000000..7ce9833326 +} diff --git a/src/vendor/github.com/golang-fips/openssl/openssl/openssl_evp.c b/src/vendor/github.com/golang-fips/openssl/openssl/openssl_evp.c new file mode 100644 -index 0000000000..a45ed601cf +index 0000000000..ddc57f05cf --- /dev/null +++ b/src/vendor/github.com/golang-fips/openssl/openssl/openssl_evp.c @@ -0,0 +1,136 @@ @@ -5384,7 +5396,7 @@ index 0000000000..a45ed601cf + return ret; +} + -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++#if OPENSSL_VERSION_NUMBER >= OPENSSL_VERSION_1_1_0 +DEFINEFUNCINTERNAL(int, EVP_PKEY_up_ref, (GO_EVP_PKEY *pkey), (pkey)) + +GO_EVP_PKEY * @@ -5433,7 +5445,7 @@ index 0000000000..a45ed601cf +} +#endif + -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++#if OPENSSL_VERSION_NUMBER >= OPENSSL_VERSION_1_1_0 +DEFINEFUNCINTERNAL(const GO_EC_KEY *, EVP_PKEY_get0_EC_KEY, (const GO_EVP_PKEY *pkey), (pkey)); + +const GO_EC_KEY * @@ -5703,7 +5715,7 @@ index 0000000000..df4ebe3297 +} diff --git a/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_ecdh.c b/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_ecdh.c new file mode 100644 -index 0000000000..8205b040c5 +index 0000000000..d4f4d8b54b --- /dev/null +++ b/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_ecdh.c @@ -0,0 +1,342 @@ @@ -5762,7 +5774,7 @@ index 0000000000..8205b040c5 + return len; +} + -+#if OPENSSL_VERSION_NUMBER >= 0x30000000 ++#if OPENSSL_VERSION_NUMBER >= OPENSSL_VERSION_3_0_0 + +DEFINEFUNCINTERNAL(const char *, OBJ_nid2sn, (int n), (n)) +DEFINEFUNCINTERNAL(OSSL_PARAM_BLD *, OSSL_PARAM_BLD_new, (void), ()) @@ -6051,7 +6063,7 @@ index 0000000000..8205b040c5 +#endif diff --git a/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_evp_md5_sha1.c b/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_evp_md5_sha1.c new file mode 100644 -index 0000000000..2eedd5b8c6 +index 0000000000..7aa37945d7 --- /dev/null +++ b/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_evp_md5_sha1.c @@ -0,0 +1,90 @@ @@ -6068,7 +6080,7 @@ index 0000000000..2eedd5b8c6 + +#include "goopenssl.h" + -+#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < OPENSSL_VERSION_1_1_0 +// New in OpenSSL 1.1. +static inline void * +_goboringcrypto_internal_EVP_MD_CTX_md_data(EVP_MD_CTX *ctx) { @@ -6147,10 +6159,10 @@ index 0000000000..2eedd5b8c6 +#endif diff --git a/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_hmac.c b/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_hmac.c new file mode 100644 -index 0000000000..d26ce90c82 +index 0000000000..6f987320f5 --- /dev/null +++ b/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_hmac.c -@@ -0,0 +1,236 @@ +@@ -0,0 +1,237 @@ +// This file contains HMAC portability wrappers. +// +build linux +// +build !android @@ -6160,7 +6172,7 @@ index 0000000000..d26ce90c82 + +#include "goopenssl.h" + -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++#if OPENSSL_VERSION_NUMBER >= OPENSSL_VERSION_1_1_0 + +DEFINEFUNCINTERNAL(EVP_PKEY *, + EVP_PKEY_new_mac_key, @@ -6168,7 +6180,7 @@ index 0000000000..d26ce90c82 + (type, e, key, keylen)) +DEFINEFUNCINTERNAL(int, EVP_MD_CTX_reset, (EVP_MD_CTX *ctx), (ctx)) + -+#if OPENSSL_VERSION_NUMBER >= 0x30000000L ++#if OPENSSL_VERSION_NUMBER >= OPENSSL_VERSION_3_0_0 +DEFINEFUNCINTERNAL(const EVP_MD *, EVP_MD_CTX_get0_md, (const EVP_MD_CTX *ctx), (ctx)) +#else +DEFINEFUNCINTERNAL(const EVP_MD *, EVP_MD_CTX_md, (const EVP_MD_CTX *ctx), (ctx)) @@ -6176,7 +6188,7 @@ index 0000000000..d26ce90c82 +DEFINEFUNCINTERNAL(int, EVP_MD_CTX_copy_ex, (EVP_MD_CTX *out, const EVP_MD_CTX *in), (out, in)) + +/* EVP_DigestSignUpdate is converted from a macro in 3.0 */ -+#if OPENSSL_VERSION_NUMBER >= 0x30000000L ++#if OPENSSL_VERSION_NUMBER >= OPENSSL_VERSION_3_0_0 +DEFINEFUNCINTERNAL(int, EVP_DigestSignUpdate, + (EVP_MD_CTX* ctx, const void *d, size_t cnt), + (ctx, d, cnt)) @@ -6225,7 +6237,7 @@ index 0000000000..d26ce90c82 +int _goboringcrypto_HMAC_Update(GO_HMAC_CTX *ctx, + const unsigned char *data, size_t len) +{ -+#if OPENSSL_VERSION_NUMBER >= 0x30000000L ++#if OPENSSL_VERSION_NUMBER >= OPENSSL_VERSION_3_0_0 + return _goboringcrypto_internal_EVP_DigestSignUpdate(ctx->mdctx, data, len); +#else + return _goboringcrypto_EVP_DigestUpdate(ctx->mdctx, data, len); @@ -6238,7 +6250,7 @@ index 0000000000..d26ce90c82 + const EVP_MD *md; + + -+#if OPENSSL_VERSION_NUMBER >= 0x30000000L ++#if OPENSSL_VERSION_NUMBER >= OPENSSL_VERSION_3_0_0 + md = _goboringcrypto_internal_EVP_MD_CTX_get0_md(ctx->mdctx); +#else + md = _goboringcrypto_internal_EVP_MD_CTX_md(ctx->mdctx); @@ -6268,10 +6280,10 @@ index 0000000000..d26ce90c82 +} + +int _goboringcrypto_HMAC_Final(GO_HMAC_CTX *ctx, -+ unsigned char *md, unsigned int *len) ++ unsigned char *md, unsigned int len) +{ + EVP_MD_CTX *mdctx = NULL; -+ size_t slen; ++ size_t slen = len; + int ret = 0; + + mdctx = _goboringcrypto_EVP_MD_CTX_create(); @@ -6281,9 +6293,10 @@ index 0000000000..d26ce90c82 + if (_goboringcrypto_internal_EVP_MD_CTX_copy_ex(mdctx, ctx->mdctx) != 1) + goto err; + -+ ret = _goboringcrypto_EVP_DigestSignFinal(mdctx, md, &slen); -+ if (ret == 1 && len) -+ *len = slen; ++ if (_goboringcrypto_EVP_DigestSignFinal(mdctx, md, &slen) != 1) ++ goto err; ++ ++ ret = 1; + + err: + _goboringcrypto_EVP_MD_CTX_free(mdctx); @@ -6372,7 +6385,7 @@ index 0000000000..d26ce90c82 +} + +int _goboringcrypto_HMAC_Final(GO_HMAC_CTX *ctx, -+ unsigned char *md, unsigned int *len) ++ unsigned char *md, unsigned int len) +{ + HMAC_CTX hctx; + int ret; @@ -6381,7 +6394,7 @@ index 0000000000..d26ce90c82 + if (ret != 1) + return ret; + -+ ret = _goboringcrypto_internal_HMAC_Final(&hctx, md, len); ++ ret = _goboringcrypto_internal_HMAC_Final(&hctx, md, &len); + _goboringcrypto_internal_HMAC_CTX_cleanup(&hctx); + return ret; +} @@ -6784,19 +6797,19 @@ index 7639c01909..b3668b8823 100644 @@ -2,11 +2,12 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. - + -//go:build boringcrypto && linux && (amd64 || arm64) && !android && !cmd_go_bootstrap && !msan +//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl +// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl - + -package boring +package openssl - + -// #include "goboringcrypto.h" +// #include "goopenssl.h" import "C" import "unsafe" - + @@ -16,7 +17,7 @@ func (randReader) Read(b []byte) (int, error) { // Note: RAND_bytes should never fail; the return value exists only for historical reasons. // We check it even so. @@ -6816,14 +6829,14 @@ index fa693ea319..7870b934b5 100644 @@ -2,15 +2,15 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. - + -//go:build boringcrypto && linux && (amd64 || arm64) && !android && !cmd_go_bootstrap && !msan +//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl +// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl - + -package boring +package openssl - + -// #include "goboringcrypto.h" +// #include "goopenssl.h" import "C" @@ -6836,7 +6849,7 @@ index fa693ea319..7870b934b5 100644 @@ -23,16 +23,12 @@ func GenerateKeyRSA(bits int) (N, E, D, P, Q, Dp, Dq, Qinv BigInt, err error) { return nil, nil, nil, nil, nil, nil, nil, nil, e } - + - key := C._goboringcrypto_RSA_new() + key := C._goboringcrypto_RSA_generate_key_fips(C.int(bits)) if key == nil { @@ -6844,7 +6857,7 @@ index fa693ea319..7870b934b5 100644 + return bad(NewOpenSSLError("RSA_generate_key_fips failed")) } defer C._goboringcrypto_RSA_free(key) - + - if C._goboringcrypto_RSA_generate_key_fips(key, C.int(bits), nil) == 0 { - return bad(fail("RSA_generate_key_fips")) - } @@ -6875,7 +6888,8 @@ index fa693ea319..7870b934b5 100644 key := C._goboringcrypto_RSA_new() if key == nil { - return nil, fail("RSA_new") -- } ++ return nil, NewOpenSSLError("RSA_new failed") + } - if !bigToBn(&key.n, N) || - !bigToBn(&key.e, E) || - !bigToBn(&key.d, D) || @@ -6885,8 +6899,6 @@ index fa693ea319..7870b934b5 100644 - !bigToBn(&key.dmq1, Dq) || - !bigToBn(&key.iqmp, Qinv) { - return nil, fail("BN_bin2bn") -+ return nil, NewOpenSSLError("RSA_new failed") -+ } + var n, e, d, p, q, dp, dq, qinv *C.GO_BIGNUM + n = bigToBN(N) + e = bigToBN(E) @@ -6907,7 +6919,7 @@ index fa693ea319..7870b934b5 100644 runtime.SetFinalizer(k, (*PrivateKeyRSA).finalize) @@ -109,8 +111,12 @@ func (k *PrivateKeyRSA) withKey(f func(*C.GO_RSA) C.int) C.int { } - + func setupRSA(withKey func(func(*C.GO_RSA) C.int) C.int, - padding C.int, h, mgfHash hash.Hash, label []byte, saltLen int, ch crypto.Hash, - init func(*C.GO_EVP_PKEY_CTX) C.int) (pkey *C.GO_EVP_PKEY, ctx *C.GO_EVP_PKEY_CTX, err error) { @@ -6921,7 +6933,7 @@ index fa693ea319..7870b934b5 100644 if err != nil { if pkey != nil { @@ -126,7 +132,7 @@ func setupRSA(withKey func(func(*C.GO_RSA) C.int) C.int, - + pkey = C._goboringcrypto_EVP_PKEY_new() if pkey == nil { - return nil, nil, fail("EVP_PKEY_new") @@ -7004,24 +7016,24 @@ index fa693ea319..7870b934b5 100644 + return nil, nil, NewOpenSSLError("EVP_PKEY_set_rsa_mgf1_md failed") } } - + @@ -187,12 +198,12 @@ func setupRSA(withKey func(func(*C.GO_RSA) C.int) C.int, } - + func cryptRSA(withKey func(func(*C.GO_RSA) C.int) C.int, - padding C.int, h, mgfHash hash.Hash, label []byte, saltLen int, ch crypto.Hash, + padding C.int, h hash.Hash, label []byte, saltLen int, ch crypto.Hash, init func(*C.GO_EVP_PKEY_CTX) C.int, crypt func(*C.GO_EVP_PKEY_CTX, *C.uint8_t, *C.size_t, *C.uint8_t, C.size_t) C.int, in []byte) ([]byte, error) { - + - pkey, ctx, err := setupRSA(withKey, padding, h, mgfHash, label, saltLen, ch, init) + pkey, ctx, err := setupRSA(withKey, padding, h, label, saltLen, ch, init) if err != nil { return nil, err } @@ -201,37 +212,37 @@ func cryptRSA(withKey func(func(*C.GO_RSA) C.int) C.int, - + var outLen C.size_t if crypt(ctx, nil, &outLen, base(in), C.size_t(len(in))) == 0 { - return nil, fail("EVP_PKEY_decrypt/encrypt") @@ -7035,50 +7047,50 @@ index fa693ea319..7870b934b5 100644 } return out[:outLen], nil } - + -func DecryptRSAOAEP(h, mgfHash hash.Hash, priv *PrivateKeyRSA, ciphertext, label []byte) ([]byte, error) { - return cryptRSA(priv.withKey, C.GO_RSA_PKCS1_OAEP_PADDING, h, mgfHash, label, 0, 0, decryptInit, decrypt, ciphertext) +func DecryptRSAOAEP(h hash.Hash, priv *PrivateKeyRSA, ciphertext, label []byte) ([]byte, error) { + return cryptRSA(priv.withKey, C.GO_RSA_PKCS1_OAEP_PADDING, h, label, 0, 0, decryptInit, decrypt, ciphertext) } - + -func EncryptRSAOAEP(h, mgfHash hash.Hash, pub *PublicKeyRSA, msg, label []byte) ([]byte, error) { - return cryptRSA(pub.withKey, C.GO_RSA_PKCS1_OAEP_PADDING, h, mgfHash, label, 0, 0, encryptInit, encrypt, msg) +func EncryptRSAOAEP(h hash.Hash, pub *PublicKeyRSA, msg, label []byte) ([]byte, error) { + return cryptRSA(pub.withKey, C.GO_RSA_PKCS1_OAEP_PADDING, h, label, 0, 0, encryptInit, encrypt, msg) } - + func DecryptRSAPKCS1(priv *PrivateKeyRSA, ciphertext []byte) ([]byte, error) { - return cryptRSA(priv.withKey, C.GO_RSA_PKCS1_PADDING, nil, nil, nil, 0, 0, decryptInit, decrypt, ciphertext) + return cryptRSA(priv.withKey, C.GO_RSA_PKCS1_PADDING, nil, nil, 0, 0, decryptInit, decrypt, ciphertext) } - + func EncryptRSAPKCS1(pub *PublicKeyRSA, msg []byte) ([]byte, error) { - return cryptRSA(pub.withKey, C.GO_RSA_PKCS1_PADDING, nil, nil, nil, 0, 0, encryptInit, encrypt, msg) + return cryptRSA(pub.withKey, C.GO_RSA_PKCS1_PADDING, nil, nil, 0, 0, encryptInit, encrypt, msg) } - + func DecryptRSANoPadding(priv *PrivateKeyRSA, ciphertext []byte) ([]byte, error) { - return cryptRSA(priv.withKey, C.GO_RSA_NO_PADDING, nil, nil, nil, 0, 0, decryptInit, decrypt, ciphertext) + return cryptRSA(priv.withKey, C.GO_RSA_NO_PADDING, nil, nil, 0, 0, decryptInit, decrypt, ciphertext) } - + func EncryptRSANoPadding(pub *PublicKeyRSA, msg []byte) ([]byte, error) { - return cryptRSA(pub.withKey, C.GO_RSA_NO_PADDING, nil, nil, nil, 0, 0, encryptInit, encrypt, msg) + return cryptRSA(pub.withKey, C.GO_RSA_NO_PADDING, nil, nil, 0, 0, encryptInit, encrypt, msg) } - + // These dumb wrappers work around the fact that cgo functions cannot be used as values directly. @@ -252,6 +263,10 @@ func encrypt(ctx *C.GO_EVP_PKEY_CTX, out *C.uint8_t, outLen *C.size_t, in *C.uin return C._goboringcrypto_EVP_PKEY_encrypt(ctx, out, outLen, in, inLen) } - + +// These should match crypto/rsa/pss.go +const saltLengthAuto = 0 +const saltLengthEqualsHash = -1 + var invalidSaltLenErr = errors.New("crypto/rsa: PSSOptions.SaltLength cannot be negative") - + func SignRSAPSS(priv *PrivateKeyRSA, h crypto.Hash, hashed []byte, saltLen int) ([]byte, error) { @@ -259,27 +274,24 @@ func SignRSAPSS(priv *PrivateKeyRSA, h crypto.Hash, hashed []byte, saltLen int) if md == nil { @@ -7089,14 +7101,6 @@ index fa693ea319..7870b934b5 100644 - // it, and lengths < -2, before we convert to the BoringSSL sentinel values. - if saltLen <= -2 { - return nil, invalidSaltLenErr -- } -- -- // BoringSSL uses sentinel salt length values like we do, but the values don't -- // fully match what we use. We both use -1 for salt length equal to hash length, -- // but BoringSSL uses -2 to mean maximal size where we use 0. In the latter -- // case convert to the BoringSSL version. -- if saltLen == 0 { -- saltLen = -2 + switch saltLen { + case saltLengthAuto: + saltLen = C.GO_RSA_PSS_SALTLEN_AUTO @@ -7109,6 +7113,14 @@ index fa693ea319..7870b934b5 100644 + return nil, invalidSaltLenErr + } } +- +- // BoringSSL uses sentinel salt length values like we do, but the values don't +- // fully match what we use. We both use -1 for salt length equal to hash length, +- // but BoringSSL uses -2 to mean maximal size where we use 0. In the latter +- // case convert to the BoringSSL version. +- if saltLen == 0 { +- saltLen = -2 +- } - var out []byte - var outLen C.size_t @@ -7131,14 +7143,6 @@ index fa693ea319..7870b934b5 100644 - // it, and lengths < -2, before we convert to the BoringSSL sentinel values. - if saltLen <= -2 { - return invalidSaltLenErr -- } -- -- // BoringSSL uses sentinel salt length values like we do, but the values don't -- // fully match what we use. We both use -1 for salt length equal to hash length, -- // but BoringSSL uses -2 to mean maximal size where we use 0. In the latter -- // case convert to the BoringSSL version. -- if saltLen == 0 { -- saltLen = -2 + switch saltLen { + case saltLengthAuto: + saltLen = C.GO_RSA_PSS_SALTLEN_AUTO @@ -7151,6 +7155,14 @@ index fa693ea319..7870b934b5 100644 + return invalidSaltLenErr + } } +- +- // BoringSSL uses sentinel salt length values like we do, but the values don't +- // fully match what we use. We both use -1 for salt length equal to hash length, +- // but BoringSSL uses -2 to mean maximal size where we use 0. In the latter +- // case convert to the BoringSSL version. +- if saltLen == 0 { +- saltLen = -2 +- } - if pub.withKey(func(key *C.GO_RSA) C.int { - return C._goboringcrypto_RSA_verify_pss_mgf1(key, base(hashed), C.size_t(len(hashed)), @@ -7162,7 +7174,7 @@ index fa693ea319..7870b934b5 100644 } return nil } - + -func SignRSAPKCS1v15(priv *PrivateKeyRSA, h crypto.Hash, hashed []byte) ([]byte, error) { - if h == 0 { - // No hashing. @@ -7180,7 +7192,7 @@ index fa693ea319..7870b934b5 100644 + if h == 0 && ExecutingTest() { + return signRSAPKCS1v15Raw(priv, msg, nil) } - + md := cryptoHashToMD(h) if md == nil { return nil, errors.New("crypto/rsa: unsupported hash function: " + strconv.Itoa(int(h))) @@ -7191,23 +7203,40 @@ index fa693ea319..7870b934b5 100644 + return signRSAPKCS1v15Raw(priv, msg, md) + } + ++ var out []byte ++ var outLen C.size_t ++ ++ if priv.withKey(func(key *C.GO_RSA) C.int { ++ out = make([]byte, C._goboringcrypto_RSA_size(key)) ++ outLen = C.size_t(len(out)) ++ return C._goboringcrypto_RSA_sign(md, base(msg), C.uint(len(msg)), base(out), &outLen, key) ++ }) == 0 { ++ return nil, NewOpenSSLError("RSA_sign") ++ } ++ return out[:outLen], nil ++} ++ ++func signRSAPKCS1v15Raw(priv *PrivateKeyRSA, msg []byte, md *C.GO_EVP_MD) ([]byte, error) { var out []byte - var outLen C.uint + var outLen C.size_t ++ PanicIfStrictFIPS("You must provide a raw unhashed message for PKCS1v15 signing and use HashSignPKCS1v15 instead of SignPKCS1v15") + if priv.withKey(func(key *C.GO_RSA) C.int { out = make([]byte, C._goboringcrypto_RSA_size(key)) - return C._goboringcrypto_RSA_sign(nid, base(hashed), C.uint(len(hashed)), - base(out), &outLen, key) + outLen = C.size_t(len(out)) -+ return C._goboringcrypto_RSA_sign(md, base(msg), C.uint(len(msg)), base(out), &outLen, key) ++ return C._goboringcrypto_RSA_sign_raw(md, base(msg), ++ C.size_t(len(msg)), base(out), &outLen, key) }) == 0 { - return nil, fail("RSA_sign") + return nil, NewOpenSSLError("RSA_sign") } ++ runtime.KeepAlive(priv) return out[:outLen], nil } - + -func VerifyRSAPKCS1v15(pub *PublicKeyRSA, h crypto.Hash, hashed, sig []byte) error { - if h == 0 { - var out []byte @@ -7223,23 +7252,6 @@ index fa693ea319..7870b934b5 100644 - return fail("RSA_verify") - } - return nil -+func signRSAPKCS1v15Raw(priv *PrivateKeyRSA, msg []byte, md *C.GO_EVP_MD) ([]byte, error) { -+ var out []byte -+ var outLen C.size_t -+ PanicIfStrictFIPS("You must provide a raw unhashed message for PKCS1v15 signing and use HashSignPKCS1v15 instead of SignPKCS1v15") -+ -+ if priv.withKey(func(key *C.GO_RSA) C.int { -+ out = make([]byte, C._goboringcrypto_RSA_size(key)) -+ outLen = C.size_t(len(out)) -+ return C._goboringcrypto_RSA_sign_raw(md, base(msg), -+ C.size_t(len(msg)), base(out), &outLen, key) -+ }) == 0 { -+ return nil, NewOpenSSLError("RSA_sign") -+ } -+ runtime.KeepAlive(priv) -+ return out[:outLen], nil -+} -+ +func VerifyRSAPKCS1v15(pub *PublicKeyRSA, h crypto.Hash, msg, sig []byte, msgIsHashed bool) error { + if h == 0 && ExecutingTest() { + return verifyRSAPKCS1v15Raw(pub, msg, sig, nil) @@ -7305,18 +7317,18 @@ index cf82f3f64f..0b55cedc91 100644 @@ -2,12 +2,13 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. - + -//go:build boringcrypto && linux && (amd64 || arm64) && !android && !cmd_go_bootstrap && !msan +//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl +// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl - + -package boring +package openssl - + /* -#include "goboringcrypto.h" +#include "goopenssl.h" - + int _goboringcrypto_gosha1(void *p, size_t n, void *out) @@ -17,7 +18,6 @@ _goboringcrypto_gosha1(void *p, size_t n, void *out) @@ -7362,7 +7374,7 @@ index cf82f3f64f..0b55cedc91 100644 @@ -126,31 +122,24 @@ type sha1Ctx struct { nx uint32 } - + -func (h *sha1Hash) noescapeCtx() *C.GO_SHA_CTX { - return (*C.GO_SHA_CTX)(noescape(unsafe.Pointer(&h.ctx))) -} @@ -7378,7 +7390,7 @@ index cf82f3f64f..0b55cedc91 100644 +func (h *sha1Hash) Size() int { return 20 } +func (h *sha1Hash) BlockSize() int { return 64 } +func (h *sha1Hash) Sum(in []byte) []byte { return append(in, h.sum()...) } - + func (h *sha1Hash) Write(p []byte) (int, error) { - if len(p) > 0 && C._goboringcrypto_SHA1_Update(h.noescapeCtx(), unsafe.Pointer(&*addr(p)), C.size_t(len(p))) == 0 { + if len(p) > 0 && C._goboringcrypto_SHA1_Update(&h.ctx, unsafe.Pointer(&p[0]), C.size_t(len(p))) == 0 { @@ -7386,7 +7398,7 @@ index cf82f3f64f..0b55cedc91 100644 } return len(p), nil } - + -func (h0 *sha1Hash) sum(dst []byte) []byte { +func (h0 *sha1Hash) sum() []byte { h := *h0 // make copy so future Write+Sum is valid @@ -7397,12 +7409,12 @@ index cf82f3f64f..0b55cedc91 100644 - return append(dst, h.out[:]...) + return h.out[:] } - + const ( @@ -207,30 +196,24 @@ type sha224Hash struct { out [224 / 8]byte } - + -func (h *sha224Hash) noescapeCtx() *C.GO_SHA256_CTX { - return (*C.GO_SHA256_CTX)(noescape(unsafe.Pointer(&h.ctx))) -} @@ -7417,7 +7429,7 @@ index cf82f3f64f..0b55cedc91 100644 +func (h *sha224Hash) Size() int { return 224 / 8 } +func (h *sha224Hash) BlockSize() int { return 64 } +func (h *sha224Hash) Sum(in []byte) []byte { return append(in, h.sum()...) } - + func (h *sha224Hash) Write(p []byte) (int, error) { - if len(p) > 0 && C._goboringcrypto_SHA224_Update(h.noescapeCtx(), unsafe.Pointer(&*addr(p)), C.size_t(len(p))) == 0 { + if len(p) > 0 && C._goboringcrypto_SHA224_Update(&h.ctx, unsafe.Pointer(&p[0]), C.size_t(len(p))) == 0 { @@ -7425,7 +7437,7 @@ index cf82f3f64f..0b55cedc91 100644 } return len(p), nil } - + -func (h0 *sha224Hash) sum(dst []byte) []byte { +func (h0 *sha224Hash) sum() []byte { h := *h0 // make copy so future Write+Sum is valid @@ -7436,12 +7448,12 @@ index cf82f3f64f..0b55cedc91 100644 - return append(dst, h.out[:]...) + return h.out[:] } - + // NewSHA256 returns a new SHA256 hash. @@ -245,30 +228,24 @@ type sha256Hash struct { out [256 / 8]byte } - + -func (h *sha256Hash) noescapeCtx() *C.GO_SHA256_CTX { - return (*C.GO_SHA256_CTX)(noescape(unsafe.Pointer(&h.ctx))) -} @@ -7456,7 +7468,7 @@ index cf82f3f64f..0b55cedc91 100644 +func (h *sha256Hash) Size() int { return 256 / 8 } +func (h *sha256Hash) BlockSize() int { return 64 } +func (h *sha256Hash) Sum(in []byte) []byte { return append(in, h.sum()...) } - + func (h *sha256Hash) Write(p []byte) (int, error) { - if len(p) > 0 && C._goboringcrypto_SHA256_Update(h.noescapeCtx(), unsafe.Pointer(&*addr(p)), C.size_t(len(p))) == 0 { + if len(p) > 0 && C._goboringcrypto_SHA256_Update(&h.ctx, unsafe.Pointer(&p[0]), C.size_t(len(p))) == 0 { @@ -7464,7 +7476,7 @@ index cf82f3f64f..0b55cedc91 100644 } return len(p), nil } - + -func (h0 *sha256Hash) sum(dst []byte) []byte { +func (h0 *sha256Hash) sum() []byte { h := *h0 // make copy so future Write+Sum is valid @@ -7475,12 +7487,12 @@ index cf82f3f64f..0b55cedc91 100644 - return append(dst, h.out[:]...) + return h.out[:] } - + const ( @@ -382,30 +359,24 @@ type sha384Hash struct { out [384 / 8]byte } - + -func (h *sha384Hash) noescapeCtx() *C.GO_SHA512_CTX { - return (*C.GO_SHA512_CTX)(noescape(unsafe.Pointer(&h.ctx))) -} @@ -7495,7 +7507,7 @@ index cf82f3f64f..0b55cedc91 100644 +func (h *sha384Hash) Size() int { return 384 / 8 } +func (h *sha384Hash) BlockSize() int { return 128 } +func (h *sha384Hash) Sum(in []byte) []byte { return append(in, h.sum()...) } - + func (h *sha384Hash) Write(p []byte) (int, error) { - if len(p) > 0 && C._goboringcrypto_SHA384_Update(h.noescapeCtx(), unsafe.Pointer(&*addr(p)), C.size_t(len(p))) == 0 { + if len(p) > 0 && C._goboringcrypto_SHA384_Update(&h.ctx, unsafe.Pointer(&p[0]), C.size_t(len(p))) == 0 { @@ -7503,7 +7515,7 @@ index cf82f3f64f..0b55cedc91 100644 } return len(p), nil } - + -func (h0 *sha384Hash) sum(dst []byte) []byte { +func (h0 *sha384Hash) sum() []byte { h := *h0 // make copy so future Write+Sum is valid @@ -7514,12 +7526,12 @@ index cf82f3f64f..0b55cedc91 100644 - return append(dst, h.out[:]...) + return h.out[:] } - + // NewSHA512 returns a new SHA512 hash. @@ -420,30 +391,24 @@ type sha512Hash struct { out [512 / 8]byte } - + -func (h *sha512Hash) noescapeCtx() *C.GO_SHA512_CTX { - return (*C.GO_SHA512_CTX)(noescape(unsafe.Pointer(&h.ctx))) -} @@ -7534,7 +7546,7 @@ index cf82f3f64f..0b55cedc91 100644 +func (h *sha512Hash) Size() int { return 512 / 8 } +func (h *sha512Hash) BlockSize() int { return 128 } +func (h *sha512Hash) Sum(in []byte) []byte { return append(in, h.sum()...) } - + func (h *sha512Hash) Write(p []byte) (int, error) { - if len(p) > 0 && C._goboringcrypto_SHA512_Update(h.noescapeCtx(), unsafe.Pointer(&*addr(p)), C.size_t(len(p))) == 0 { + if len(p) > 0 && C._goboringcrypto_SHA512_Update(&h.ctx, unsafe.Pointer(&p[0]), C.size_t(len(p))) == 0 { @@ -7542,7 +7554,7 @@ index cf82f3f64f..0b55cedc91 100644 } return len(p), nil } - + -func (h0 *sha512Hash) sum(dst []byte) []byte { +func (h0 *sha512Hash) sum() []byte { h := *h0 // make copy so future Write+Sum is valid @@ -7553,14 +7565,14 @@ index cf82f3f64f..0b55cedc91 100644 - return append(dst, h.out[:]...) + return h.out[:] } - + type sha512Ctx struct { diff --git a/src/vendor/modules.txt b/src/vendor/modules.txt -index 7563827b22..9af8b10a82 100644 +index 7563827b22..7e40bc9bc3 100644 --- a/src/vendor/modules.txt +++ b/src/vendor/modules.txt @@ -1,3 +1,6 @@ -+# github.com/golang-fips/openssl v0.0.0-20240830121749-972af39412e2 ++# github.com/golang-fips/openssl v0.0.0-20241001010402-8c1c6aa53546 +## explicit; go 1.18 +github.com/golang-fips/openssl/openssl # golang.org/x/crypto v0.3.1-0.20221117191849-2c476679df9a