update patches

microsoft · Jan 8, 2025 · b0d5d52 · b0d5d52
1 parent d4baa7c
commit b0d5d52
Show file tree

Hide file tree

Showing 3 changed files with 32 additions and 20 deletions.
diff --git a/patches/0004-Add-OpenSSL-crypto-backend.patch b/patches/0004-Add-OpenSSL-crypto-backend.patch
@@ -506,24 +506,24 @@ index f9543d9cc89e7b..f07c75821aab13 100644
 
  	msg := []byte{0xed, 0x36, 0x90, 0x8d, 0xbe, 0xfc, 0x35, 0x40, 0x70, 0x4f, 0xf5, 0x9d, 0x6e, 0xc2, 0xeb, 0xf5, 0x27, 0xae, 0x65, 0xb0, 0x59, 0x29, 0x45, 0x25, 0x8c, 0xc1, 0x91, 0x22}
 diff --git a/src/go.mod b/src/go.mod
-index 7a1318dcac32ba..a506e2f736c10e 100644
+index 7a1318dcac32ba..1d413ae209cb31 100644
 --- a/src/go.mod
 +++ b/src/go.mod
 @@ -3,6 +3,7 @@ module std
  go 1.24
 
  require (
-+	github.com/golang-fips/openssl/v2 v2.0.4-0.20241225091133-9c8cba847a2f
++	github.com/golang-fips/openssl/v2 v2.0.4-0.20250101202634-d9e21e31a3ec
  	golang.org/x/crypto v0.30.0
  	golang.org/x/net v0.32.1-0.20241206180132-552d8ac903a1
  )
 diff --git a/src/go.sum b/src/go.sum
-index 9e661352f16e0b..210e6c90b572d6 100644
+index 9e661352f16e0b..a47f298fb2a668 100644
 --- a/src/go.sum
 +++ b/src/go.sum
 @@ -1,3 +1,5 @@
-+github.com/golang-fips/openssl/v2 v2.0.4-0.20241225091133-9c8cba847a2f h1:dKnIgZyXDis/KEKCsIfF+w84kwSJVj2aaedyaf74ywo=
-+github.com/golang-fips/openssl/v2 v2.0.4-0.20241225091133-9c8cba847a2f/go.mod h1:OYUBsoxLpFu8OFyhZHxfpN8lgcsw8JhTC3BQK7+XUc0=
++github.com/golang-fips/openssl/v2 v2.0.4-0.20250101202634-d9e21e31a3ec h1:izqCt+k+GQnVUIzgFmnP/dBCKbIyqxH2tsSA4n+eB0s=
++github.com/golang-fips/openssl/v2 v2.0.4-0.20250101202634-d9e21e31a3ec/go.mod h1:OYUBsoxLpFu8OFyhZHxfpN8lgcsw8JhTC3BQK7+XUc0=
  golang.org/x/crypto v0.30.0 h1:RwoQn3GkWiMkzlX562cLB7OxWvjH1L8xutO2WoJcRoY=
  golang.org/x/crypto v0.30.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
  golang.org/x/net v0.32.1-0.20241206180132-552d8ac903a1 h1:+Yk1FZ5E+/ewA0nOO/HRYs9E4yeqpGOShuSAdzCNNoQ=

diff --git a/patches/0005-Add-CNG-crypto-backend.patch b/patches/0005-Add-CNG-crypto-backend.patch
@@ -11,14 +11,14 @@ Subject: [PATCH] Add CNG crypto backend
  src/crypto/internal/backend/common.go         |   9 +-
  src/crypto/internal/backend/fips140/cng.go    |  33 ++
  src/crypto/rsa/pss_test.go                    |   2 +-
- src/go.mod                                    |   1 +
+ src/go.mod                                    |   3 +-
  src/go.sum                                    |   2 +
  src/go/build/deps_test.go                     |   5 +
  src/go/build/vendor_test.go                   |   1 +
  .../goexperiment/exp_cngcrypto_off.go         |   9 +
  src/internal/goexperiment/exp_cngcrypto_on.go |   9 +
  src/internal/goexperiment/flags.go            |   1 +
- 14 files changed, 420 insertions(+), 5 deletions(-)
+ 14 files changed, 421 insertions(+), 6 deletions(-)
  create mode 100644 src/crypto/ecdsa/badlinkname.go
  create mode 100644 src/crypto/internal/backend/bbig/big_cng.go
  create mode 100644 src/crypto/internal/backend/cng_windows.go
@@ -487,24 +487,26 @@ index a4af0a2144870a..7d7115cff81cea 100644
  		t.Fatal(err)
  	}
 diff --git a/src/go.mod b/src/go.mod
-index a506e2f736c10e..08dd96c6d38698 100644
+index 1d413ae209cb31..ba9552622805d4 100644
 --- a/src/go.mod
 +++ b/src/go.mod
-@@ -4,6 +4,7 @@ go 1.24
+@@ -3,7 +3,8 @@ module std
+ go 1.24
 
  require (
- 	github.com/golang-fips/openssl/v2 v2.0.4-0.20241225091133-9c8cba847a2f
+-	github.com/golang-fips/openssl/v2 v2.0.4-0.20250101202634-d9e21e31a3ec
++    github.com/golang-fips/openssl/v2 v2.0.4-0.20250101202634-d9e21e31a3ec
 +	github.com/microsoft/go-crypto-winnative v0.0.0-20250108090702-b49854c00e37
  	golang.org/x/crypto v0.30.0
  	golang.org/x/net v0.32.1-0.20241206180132-552d8ac903a1
  )
 diff --git a/src/go.sum b/src/go.sum
-index 210e6c90b572d6..0ae5510ff66fa8 100644
+index a47f298fb2a668..20656cc8f05ee0 100644
 --- a/src/go.sum
 +++ b/src/go.sum
 @@ -1,5 +1,7 @@
- github.com/golang-fips/openssl/v2 v2.0.4-0.20241225091133-9c8cba847a2f h1:dKnIgZyXDis/KEKCsIfF+w84kwSJVj2aaedyaf74ywo=
- github.com/golang-fips/openssl/v2 v2.0.4-0.20241225091133-9c8cba847a2f/go.mod h1:OYUBsoxLpFu8OFyhZHxfpN8lgcsw8JhTC3BQK7+XUc0=
+ github.com/golang-fips/openssl/v2 v2.0.4-0.20250101202634-d9e21e31a3ec h1:izqCt+k+GQnVUIzgFmnP/dBCKbIyqxH2tsSA4n+eB0s=
+ github.com/golang-fips/openssl/v2 v2.0.4-0.20250101202634-d9e21e31a3ec/go.mod h1:OYUBsoxLpFu8OFyhZHxfpN8lgcsw8JhTC3BQK7+XUc0=
 +github.com/microsoft/go-crypto-winnative v0.0.0-20250108090702-b49854c00e37 h1:KB8xmJcFSPlZFMg2mxz5b6DCE8k1qpHy2HFevAJLELI=
 +github.com/microsoft/go-crypto-winnative v0.0.0-20250108090702-b49854c00e37/go.mod h1:JkxQeL8dGcyCuKjn1Etz4NmQrOMImMy4BA9hptEfVFA=
  golang.org/x/crypto v0.30.0 h1:RwoQn3GkWiMkzlX562cLB7OxWvjH1L8xutO2WoJcRoY=

diff --git a/patches/0006-Vendor-crypto-backends.patch b/patches/0006-Vendor-crypto-backends.patch
@@ -19,7 +19,7 @@ To reproduce, run 'go mod vendor' in 'go/src'.
  .../github.com/golang-fips/openssl/v2/ec.go   |  68 ++
  .../github.com/golang-fips/openssl/v2/ecdh.go | 303 ++++++++
  .../golang-fips/openssl/v2/ecdsa.go           | 208 ++++++
- .../golang-fips/openssl/v2/ed25519.go         | 218 ++++++
+ .../golang-fips/openssl/v2/ed25519.go         | 228 ++++++
  .../github.com/golang-fips/openssl/v2/evp.go  | 580 +++++++++++++++
  .../golang-fips/openssl/v2/goopenssl.c        | 248 +++++++
  .../golang-fips/openssl/v2/goopenssl.h        | 261 +++++++
@@ -69,7 +69,7 @@ To reproduce, run 'go mod vendor' in 'go/src'.
  .../internal/subtle/aliasing.go               |  32 +
  .../internal/sysdll/sys_windows.go            |  55 ++
  src/vendor/modules.txt                        |  11 +
- 64 files changed, 10924 insertions(+)
+ 64 files changed, 10934 insertions(+)
  create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/.gitignore
  create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/.gitleaks.toml
  create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/LICENSE
@@ -2115,10 +2115,10 @@ index 00000000000000..bc5f1117fd4355
 +}
 diff --git a/src/vendor/github.com/golang-fips/openssl/v2/ed25519.go b/src/vendor/github.com/golang-fips/openssl/v2/ed25519.go
 new file mode 100644
-index 00000000000000..cd237025109997
+index 00000000000000..f96db2cd5efcad
 --- /dev/null
 +++ b/src/vendor/github.com/golang-fips/openssl/v2/ed25519.go
-@@ -0,0 +1,218 @@
+@@ -0,0 +1,228 @@
 +//go:build !cmd_go_bootstrap
 +
 +package openssl
@@ -2211,7 +2211,7 @@ index 00000000000000..cd237025109997
 +	if err := extractPKEYPubEd25519(k._pkey, pub); err != nil {
 +		return nil, err
 +	}
-+	pubk, err := NewPublicKeyEd25119(pub)
++	pubk, err := NewPublicKeyEd25519(pub)
 +	if err != nil {
 +		return nil, err
 +	}
@@ -2229,14 +2229,24 @@ index 00000000000000..cd237025109997
 +	return priv, nil
 +}
 +
++// Deprecated: use NewPrivateKeyEd25519 instead.
 +func NewPrivateKeyEd25119(priv []byte) (*PrivateKeyEd25519, error) {
++	return NewPrivateKeyEd25519(priv)
++}
++
++func NewPrivateKeyEd25519(priv []byte) (*PrivateKeyEd25519, error) {
 +	if len(priv) != privateKeySizeEd25519 {
 +		panic("ed25519: bad private key length: " + strconv.Itoa(len(priv)))
 +	}
 +	return NewPrivateKeyEd25519FromSeed(priv[:seedSizeEd25519])
 +}
 +
++// Deprecated: use NewPublicKeyEd25519 instead.
 +func NewPublicKeyEd25119(pub []byte) (*PublicKeyEd25519, error) {
++	return NewPublicKeyEd25519(pub)
++}
++
++func NewPublicKeyEd25519(pub []byte) (*PublicKeyEd25519, error) {
 +	if len(pub) != publicKeySizeEd25519 {
 +		panic("ed25519: bad public key length: " + strconv.Itoa(len(pub)))
 +	}
@@ -11429,11 +11439,11 @@ index 00000000000000..1722410e5af193
 +	return getSystemDirectory() + "\\" + dll
 +}
 diff --git a/src/vendor/modules.txt b/src/vendor/modules.txt
-index 1c8de570cc2f1f..50d06b2f265cd4 100644
+index 1c8de570cc2f1f..df0e85b6c2d0ee 100644
 --- a/src/vendor/modules.txt
 +++ b/src/vendor/modules.txt
 @@ -1,3 +1,14 @@
-+# github.com/golang-fips/openssl/v2 v2.0.4-0.20241225091133-9c8cba847a2f
++# github.com/golang-fips/openssl/v2 v2.0.4-0.20250101202634-d9e21e31a3ec
 +## explicit; go 1.22
 +github.com/golang-fips/openssl/v2
 +github.com/golang-fips/openssl/v2/bbig