Follow-up on CL 629715.
For #60725.
Change-Id: I1b980ad44f73550b633c74fc881c70255e7d8565
Reviewed-on: https://go-review.googlesource.com/c/go/+/630335
Auto-Submit: Robert Griesemer <gri@google.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Reviewed-by: Robert Griesemer <gri@google.com>
TryBot-Bypass: Robert Griesemer <gri@google.com>
runtime.hmap never directly refers to the bucket type (it uses an
unsafe.Pointer), thus it shouldn't be possible to have infinite
recursion here.
Cq-Include-Trybots: luci.golang.try:gotip-linux-amd64-longtest,gotip-linux-amd64-longtest-race,gotip-linux-amd64-longtest-aliastypeparams
Change-Id: I457885e48bbc352acedae1c0c389078f39ed9d65
Reviewed-on: https://go-review.googlesource.com/c/go/+/619037
Reviewed-by: David Chase <drchase@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Michael Pratt <mpratt@google.com>
If Be and Le stand for big-endian and little-endian,
then they should be BE and LE.
Change-Id: I723e3962b8918da84791783d3c547638f1c9e8a9
Reviewed-on: https://go-review.googlesource.com/c/go/+/627376
Reviewed-by: Robert Griesemer <gri@google.com>
Auto-Submit: Russ Cox <rsc@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
This CL first removes the base.ShortPathConservative function. It had
two classes of uses. The first was in opening files where the paths end
up in error messages. In all those cases, the non-shortened paths are
used to open the files, and ShortPath is only used for the error
messages. The second is in base.RelPaths. RelPaths will now call
ShortPath for each of the paths passed in instead of calling
RelConservative and then doing the same check as ShortPath to see if the
path is shorter.
To avoid the possibility of incorrect relative paths ending up in error
messages (that might have command lines suggested for users to run), and
to avoid the possibility of incorrect relative paths appearing in the
output of base.RelPaths, base.ShortPaths always does an os.SameFile
check to make sure that the relative path its providing is actually
correct. Since this makes ShortPath slower than just manipulating paths
(because we need to stat the files), we need to be continue to enforce
that ShortPath is only called for error messages (with the exception of
base.RelPaths and its callers).
This is a simpler way of solving the problem that base.ShortPaths
intended to solve.
For #68383
Change-Id: I474f464f51a9acb2250069dea3054b55d95a4ab4
Reviewed-on: https://go-review.googlesource.com/c/go/+/630276
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Sam Thanawalla <samthanawalla@google.com>
Now that crypto/internal/fips140deps has been checked in,
we can enforce the full restrictions in the go command:
crypto/internal/fips can only import crypto/internal, not internal/...
Change-Id: I035470dbd478a5997c37ffabd268117969ed00a5
Reviewed-on: https://go-review.googlesource.com/c/go/+/630135
Reviewed-by: Sam Thanawalla <samthanawalla@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Michael Matloob <matloob@golang.org>
Auto-Submit: Russ Cox <rsc@golang.org>
Sometimes we've used the 140 suffix (GOFIPS140, crypto/fips140)
and sometimes not (crypto/internal/fips, cmd/go/internal/fips).
Use it always, to avoid having to remember which is which.
Also, there are other FIPS standards, like AES (FIPS 197), SHA-2 (FIPS 180),
and so on, which have nothing to do with FIPS 140. Best to be clear.
For #70123.
Change-Id: I33b29dabd9e8b2703d2af25e428f88bc81c7c307
Reviewed-on: https://go-review.googlesource.com/c/go/+/630115
Reviewed-by: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Russ Cox <rsc@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Some systems don't have permissions to run setarch, for example
when running in a docker container without the --privileged flag.
This change makes the tests skip the setarch command if it fails.
Fixes#70463
Cq-Include-Trybots: luci.golang.try:gotip-linux-amd64-asan-clang15
Change-Id: I02fbd423ba809f5229b8639c9abe6fd275f32558
Reviewed-on: https://go-review.googlesource.com/c/go/+/630096
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
This makes methods on aliases of cgo-generated types a new compiler error.
That is ok because cgo-behavior is not covered by the G1 compatibility
guarantee.
Background: In 2023 we fixed a gopls issue related to this by actually
enabling methods on cgo-generated types in the first place (#59944).
See the discussion in #60725 and this CL for why we believe it is ok
to make this an error now.
Based on a variation of CL 503596 (by Xie Cui).
Fixes#60725.
For #59944.
Change-Id: I7e9e6e1a76447167483a282b268f5183214027c9
Reviewed-on: https://go-review.googlesource.com/c/go/+/629715
Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Robert Griesemer <gri@google.com>
Reviewed-by: Robert Findley <rfindley@google.com>
Reviewed-by: Robert Griesemer <gri@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
If the receiver is an alias declaring type parameters, report
an error and ensure that the receiver type remains invalid.
Collect type parameters etc. as before but do not attempt to
find their constraints or instantiate the receiver type.
The constraints of the type parameters will be invalid by
default. The receiver type will not be (lazily) instantiated
which causes problems with existing invariants.
If a receiver denotes an instantiated (alias or defined) type,
report an error and ensure that the receiver type remains invalid.
While at it, add more comments and bring go/types and types2
closer together where there were differences.
Fixes#70417.
Change-Id: I87ef0b42d2f70464664cacc410f4b7eb1c994241
Reviewed-on: https://go-review.googlesource.com/c/go/+/629080
Reviewed-by: Robert Findley <rfindley@google.com>
Auto-Submit: Robert Griesemer <gri@google.com>
Reviewed-by: Robert Griesemer <gri@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
This is similar to the weak handle bug in #70455. In short, there's a
window where a heap-allocated value is only visible through a special
that has not been made visible to the GC yet.
For #70455.
Change-Id: Ic2bb2c60d422a5bc5dab8d971cfc26ff6d7622bc
Reviewed-on: https://go-review.googlesource.com/c/go/+/630277
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Michael Knyszek <mknyszek@google.com>
Reviewed-by: Carlos Amedee <carlos@golang.org>
getOrAddWeakHandle is very careful about keeping its input alive across
the operation, but not very careful about keeping the heap-allocated
handle it creates alive. In fact, there's a window in this function
where it is *only* visible via the special. Specifically, the window of
time between when the handle is stored in the special and when the
special actually becomes visible to the GC.
(If we fail to add the special because it already exists, that case is
fine. We don't even use the same handle value, but the one we obtain
from the attached GC-visible special, *and* we return that value, so it
remains live.)
Fixes#70455.
Change-Id: Iadaff0cfb93bcaf61ba2b05be7fa0519c481de82
Reviewed-on: https://go-review.googlesource.com/c/go/+/630315
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Michael Knyszek <mknyszek@google.com>
Reviewed-by: Cherry Mui <cherryyz@google.com>
Reviewed-by: Carlos Amedee <carlos@golang.org>
For #70417.
Change-Id: I5e6b3011f356c7ecd8f64f5dcf0a6a77dcb21bbf
Reviewed-on: https://go-review.googlesource.com/c/go/+/629577
Auto-Submit: Robert Griesemer <gri@google.com>
TryBot-Bypass: Robert Griesemer <gri@google.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Reviewed-by: Robert Griesemer <gri@google.com>
Change-Id: I4a4ff0b9e0d3584b96e414d60b889d68fa8660c0
Reviewed-on: https://go-review.googlesource.com/c/go/+/630236
Auto-Submit: Roland Shoemaker <roland@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
GenerateKey(nil) is documented to use crypto/rand.Reader, but we didn't
have a test.
While at it, since it's documented to be equivalent to NewKeyFromSeed,
actually implement it that way. This has the probably good side effect
of making it deterministic in FIPS mode. The other GenerateKey use
MaybeReadByte, so can change, but this one is probably worth keeping
deterministic. It's just slightly less compliant, but ok as long as
crypto/rand.Reader is the default one.
Intentionally leaving crypto/internal/fips/ed25519.GenerateKey in, in
case we need to switch to it during the life of the module.
Change-Id: Ic203436ff452bb9740291b9ca17f85aa6ae20b6e
Reviewed-on: https://go-review.googlesource.com/c/go/+/630099
Auto-Submit: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Avoid test failures caused by 'v2' in user environment paths.
Modify the test to check only the output executable name and ensure it is not 'v2', rather than inspecting the entire path.
Fixes#67989
Change-Id: Ida2131f6c9b41724df1b6b5e31413252c5009d25
Reviewed-on: https://go-review.googlesource.com/c/go/+/621315
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Sam Thanawalla <samthanawalla@google.com>
Reviewed-by: Michael Matloob <matloob@golang.org>
Reviewed-by: Cherry Mui <cherryyz@google.com>
Reviewed-by: Sam Thanawalla <samthanawalla@google.com>
Make sure we only run the --push-state logic when -Wl,--push-state is a
prefix of the argument, not just present in the argument string.
Thanks to Juho Forsén of Mattermost for reporting this issue.
Change-Id: I799f7854ff680674fd84cf2136fadf70817fc7e2
Reviewed-on: https://go-review.googlesource.com/c/go/+/628415
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Not sure how this ever worked; the module cache is read-only.
Change-Id: I22e4945fa0bac101995ab9101d22dcfdcee40776
Reviewed-on: https://go-review.googlesource.com/c/go/+/629976
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Running `go tool` with no arguments will now list built in tools
followed by module defined tools.
Running `go tool X` where X matches either the full package path,
or the last segment of the package path, of a defined tool will
build the tool to a known location and immediately execute it.
For golang/go#48429
Change-Id: I02249df8dad12fb74aa244002f82a81af20e732f
Reviewed-on: https://go-review.googlesource.com/c/go/+/534817
Reviewed-by: Michael Matloob <matloob@golang.org>
Reviewed-by: Sam Thanawalla <samthanawalla@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Key generation is still missing and will come in a follow-up CL.
For #69536
Change-Id: Ia17754fe31a39a48710673b51e30ca3125b19a20
Reviewed-on: https://go-review.googlesource.com/c/go/+/629937
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Russ Cox <rsc@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
They are both from PKCS#1 v2.2, so it makes sense to keep them in the
same file, and to only have common RSA stuff in rsa.go.
This should make it easier to follow the changes in the following CLs.
Change-Id: I1982e679f54eefa9babb5eeea34fa23792cf340a
Reviewed-on: https://go-review.googlesource.com/c/go/+/629936
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Russ Cox <rsc@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
OpenBSD already enables DIT on arm64 in both kernel and userland.
As such, if DIT is already enabled, do not expect that it can be
disabled.
Change-Id: If7aae2ace40d97109beefa71c03e0c138a0995ce
Reviewed-on: https://go-review.googlesource.com/c/go/+/629995
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Run-TryBot: Joel Sing <joel@sing.id.au>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Michael Knyszek <mknyszek@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
We have a single-instruction x+y*z op. Unfortunately x can't be
a constant, so the rule that builds them doesn't apply in that case.
This CL handles x+(c+y*z) by reordering to c+(x+y*z) so x is
in the right place.
Change-Id: Ibed621607d49da70474128e20991e0c4630ebfad
Reviewed-on: https://go-review.googlesource.com/c/go/+/629858
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: David Chase <drchase@google.com>
Reviewed-by: Keith Randall <khr@google.com>
Optimize them away if we can.
If not, be more careful about splicing them out after scheduling.
Change-Id: I660e54649d753dc456d2e25d389d375a16d76940
Reviewed-on: https://go-review.googlesource.com/c/go/+/627418
Reviewed-by: Shengwei Zhao <wingrez@126.com>
Reviewed-by: David Chase <drchase@google.com>
Reviewed-by: Keith Randall <khr@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
The testing/synctest package is experimental,
subject to change or removal,
and only present when GOEXPERIMENT=synctest.
Fixes#69687
Change-Id: I6c79e7d1479a54bebcd2de754854c87bfd0a5fa1
Reviewed-on: https://go-review.googlesource.com/c/go/+/629735
Reviewed-by: Michael Pratt <mpratt@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
This directory will hold the fips140 snapshots.
Add a README, helpful Makefile, and a test that
the checksums are correct (once we have zip files).
Change-Id: I735540ad1ce7da9a24c3a0b57b054c8340708da1
Reviewed-on: https://go-review.googlesource.com/c/go/+/629955
Reviewed-by: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Michael Matloob <matloob@golang.org>
If cmd/compile is in an unhappy state, the testdir test can
fail with an unhelpful 'exit code 1' log message if
'go list' fails while gathering stdlib import config
When running individual files, such as:
go test cmd/internal/testdir -run='Test/escape.*.go'
This might also happen in other uses, or it might be
that a more expansive set of tests such as run.bash
might first trigger a more useful error.
This change prints stderr and states that it is 'go list'
that is having problems to help someone track down the
proper issue.
Change-Id: Iba658ea139bb9087ab8adb00c9f65080a1b6ee76
Reviewed-on: https://go-review.googlesource.com/c/go/+/524941
Reviewed-by: Matthew Dempsky <mdempsky@google.com>
Reviewed-by: Than McIntosh <thanm@google.com>
Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org>
Reviewed-by: Russ Cox <rsc@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Currently on Windows, commands like:
go test cmd/internal/testdir -run=foo -update_errors
will fail to update the errors because the parsing is
currently confused by the ':' in filepaths that
start with 'C:\', and wrongly thinks that ':' marks
the end of the Go filename.
Instead of finding the first ':', use a regexp
to find what looks to be the end of the Go filename.
Change-Id: I091106da55b8e9e9cf421814abf26a6f8b821af9
Reviewed-on: https://go-review.googlesource.com/c/go/+/524942
Reviewed-by: Russ Cox <rsc@golang.org>
Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org>
Reviewed-by: Matthew Dempsky <mdempsky@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Than McIntosh <thanm@google.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Also re-sort the various lists. (All lists should be sorted.)
The linked page https://go.dev/security/fips140 has yet
to be written, but soon.
For #70123.
Change-Id: Ica5bbf5bd29e9136c2a49d3099d6e0e018c36145
Reviewed-on: https://go-review.googlesource.com/c/go/+/629816
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Russ Cox <rsc@golang.org>
Reviewed-by: Ian Lance Taylor <iant@google.com>
GOFIPS140 does two things: (1) control whether to build binaries that
run in FIPS-140 mode by default, and (2) control which version of the
crypto/internal/fips source tree to use during a build.
This CL implements part (2). The older snapshot source trees are
stored in GOROOT/lib/fips140 in module-formatted zip files,
even though crypto/internal/fips is not technically a module.
(Reusing the module packing and unpacking code avoids reinventing it.)
See cmd/go/internal/fips/fips.go for an overview.
The documentation for GOFIPS140 is in a follow-up CL.
For #70200.
Change-Id: I73a610fd2c9ff66d0cced37d51acd8053497238e
Reviewed-on: https://go-review.googlesource.com/c/go/+/629201
Reviewed-by: Michael Matloob <matloob@golang.org>
Auto-Submit: Russ Cox <rsc@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
In Loongson's new microstructure LA664 (Loongson-3A6000) and later, the atomic
instruction AMSWAP[DB]{B,H} [1] is supported. Therefore, the implementation of
the atomic operation exchange can be selected according to the CPUCFG flag LAM_BH:
AMSWAPDBB(full barrier) instruction is used on new microstructures, and traditional
LL-SC is used on LA464 (Loongson-3A5000) and older microstructures. This can
significantly improve the performance of Go programs on new microstructures.
Because Xchg8 implemented using traditional LL-SC uses too many temporary
registers, it is not suitable for intrinsics.
goos: linux
goarch: loong64
pkg: internal/runtime/atomic
cpu: Loongson-3A6000 @ 2500.00MHz
BenchmarkXchg8 100000000 10.41 ns/op
BenchmarkXchg8-2 100000000 10.41 ns/op
BenchmarkXchg8-4 100000000 10.41 ns/op
BenchmarkXchg8Parallel 96647592 12.41 ns/op
BenchmarkXchg8Parallel-2 58376136 20.60 ns/op
BenchmarkXchg8Parallel-4 78458899 17.97 ns/op
goos: linux
goarch: loong64
pkg: internal/runtime/atomic
cpu: Loongson-3A5000-HV @ 2500.00MHz
BenchmarkXchg8 38323825 31.23 ns/op
BenchmarkXchg8-2 38368219 31.23 ns/op
BenchmarkXchg8-4 37154156 31.26 ns/op
BenchmarkXchg8Parallel 37908301 31.63 ns/op
BenchmarkXchg8Parallel-2 30413440 39.42 ns/op
BenchmarkXchg8Parallel-4 30737626 39.03 ns/op
For #69735
[1]: https://loongson.github.io/LoongArch-Documentation/LoongArch-ELF-ABI-EN.html
Change-Id: I02ba68f66a2210b6902344fdc9975eb62de728ab
Reviewed-on: https://go-review.googlesource.com/c/go/+/623058
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: sophie zhao <zhaoxiaolin@loongson.cn>
Reviewed-by: Meidan Li <limeidan@loongson.cn>
Reviewed-by: Cherry Mui <cherryyz@google.com>
Reviewed-by: Mauri de Souza Meneguzzo <mauri870@gmail.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
It's not been autogenerated since CL 627937.
Change-Id: I2d2e249c2bab673342ee42a48582b082c6958cdd
Reviewed-on: https://go-review.googlesource.com/c/go/+/629836
Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
The module must do the integrity self-check before any other operation
in FIPS mode.
For #69536
Change-Id: I8db52ea94e867812008a6e7a86ca2c648a0018c6
Reviewed-on: https://go-review.googlesource.com/c/go/+/629056
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Russ Cox <rsc@golang.org>
Left most of the tests in for now as they are almost all internal and
hard to externalize.
String initialization in the FIPS module has some issues, so switched
field.TestSqrtRatio to storing decoded byte slices instead.
For #69536
Change-Id: If9e4a2bb780a37a8d102a22ffd13c5293d11a8a6
Reviewed-on: https://go-review.googlesource.com/c/go/+/628776
Reviewed-by: Russ Cox <rsc@golang.org>
TryBot-Bypass: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Since ECDSA private keys are irredeemably malleable, an application
could construct one where the public key doesn't match the private key.
They'd be very much on their own, but crashing the program feels a bit
harsh.
Add this one to the list of issues caused by exposing the ECDSA (and
RSA) key values as big.Ints.
For #69536
Change-Id: Iaa65c73d7145e74f860ca097fa9641448442fbf9
Reviewed-on: https://go-review.googlesource.com/c/go/+/628855
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Russ Cox <rsc@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
This has the important advantage of using the system GOMODCACHE when it
exists, avoiding the download on every "go test".
While at it, also consistently use testenv.Command.
Change-Id: Ic999ffa281f6da73fe601b0feba29e60982cce3d
Reviewed-on: https://go-review.googlesource.com/c/go/+/628755
Reviewed-by: Russ Cox <rsc@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
TryBot-Bypass: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
For the future, some test vectors we should generate and then share
through Wycheproof or CCTV:
- A private key with a leading zero byte.
- A hash longer than the modulus.
- A hash longer than the P-521 modulus by a few bits.
- Reductions happening in hashToNat and bits2octets.
Fixes#64802
Change-Id: Ia0f89781b2c78eedd5103cf0e9720630711c37ad
Reviewed-on: https://go-review.googlesource.com/c/go/+/628681
TryBot-Bypass: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Russ Cox <rsc@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
We'll use this for deterministic and hedged ECDSA.
For #69536
Change-Id: Ifb3d963a084fb4914536826250589ff8862add9f
Reviewed-on: https://go-review.googlesource.com/c/go/+/628680
Reviewed-by: Russ Cox <rsc@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
The previous CL focused on moving the implementation as-is, while this
makes it FIPS-compliant.
For #69536
Change-Id: I75fa56c7e13ba20246bacf9fda4599c9f25a1c63
Reviewed-on: https://go-review.googlesource.com/c/go/+/628678
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Russ Cox <rsc@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
