diff --git a/patches/0004-Add-OpenSSL-crypto-backend.patch b/patches/0004-Add-OpenSSL-crypto-backend.patch index b4127954f0..14b9534030 100644 --- a/patches/0004-Add-OpenSSL-crypto-backend.patch +++ b/patches/0004-Add-OpenSSL-crypto-backend.patch @@ -142,7 +142,7 @@ index 00000000000000..118efa3a492a7d +} diff --git a/src/crypto/internal/backend/openssl_linux.go b/src/crypto/internal/backend/openssl_linux.go new file mode 100644 -index 00000000000000..a05ca0b0a0b7ab +index 00000000000000..e53a7c6de508ce --- /dev/null +++ b/src/crypto/internal/backend/openssl_linux.go @@ -0,0 +1,335 @@ @@ -249,7 +249,7 @@ index 00000000000000..a05ca0b0a0b7ab +func SHA384(p []byte) (sum [48]byte) { return openssl.SHA384(p) } +func SHA512(p []byte) (sum [64]byte) { return openssl.SHA512(p) } +func SHA512_224(p []byte) (sum [28]byte) { return openssl.SHA512_224(p) } -+func SHA512_256(p []byte) (sum [32]byte) { return openssl.SHA512_224(p) } ++func SHA512_256(p []byte) (sum [32]byte) { return openssl.SHA512_256(p) } + +func NewHMAC(h func() hash.Hash, key []byte) hash.Hash { return openssl.NewHMAC(h, key) } + diff --git a/patches/0006-Vendor-crypto-backends.patch b/patches/0006-Vendor-crypto-backends.patch index 58c34c0a6d..90a8b7ae06 100644 --- a/patches/0006-Vendor-crypto-backends.patch +++ b/patches/0006-Vendor-crypto-backends.patch @@ -5,70 +5,69 @@ Subject: [PATCH] Vendor crypto backends To reproduce, run 'go mod vendor' in 'go/src'. --- - .../golang-fips/openssl/v2/.gitignore | 1 + - .../golang-fips/openssl/v2/.gitleaks.toml | 9 + - .../github.com/golang-fips/openssl/v2/LICENSE | 20 + - .../golang-fips/openssl/v2/README.md | 66 ++ - .../github.com/golang-fips/openssl/v2/aes.go | 147 +++ - .../golang-fips/openssl/v2/bbig/big.go | 37 + - .../github.com/golang-fips/openssl/v2/big.go | 11 + - .../golang-fips/openssl/v2/cgo_go124.go | 18 + - .../golang-fips/openssl/v2/cipher.go | 569 +++++++++ - .../github.com/golang-fips/openssl/v2/des.go | 114 ++ - .../github.com/golang-fips/openssl/v2/dsa.go | 323 +++++ - .../github.com/golang-fips/openssl/v2/ec.go | 68 ++ - .../github.com/golang-fips/openssl/v2/ecdh.go | 303 +++++ - .../golang-fips/openssl/v2/ecdsa.go | 208 ++++ - .../golang-fips/openssl/v2/ed25519.go | 218 ++++ - .../github.com/golang-fips/openssl/v2/evp.go | 569 +++++++++ - .../golang-fips/openssl/v2/goopenssl.c | 248 ++++ - .../golang-fips/openssl/v2/goopenssl.h | 262 +++++ - .../github.com/golang-fips/openssl/v2/hash.go | 1041 +++++++++++++++++ - .../github.com/golang-fips/openssl/v2/hkdf.go | 322 +++++ - .../github.com/golang-fips/openssl/v2/hmac.go | 274 +++++ - .../github.com/golang-fips/openssl/v2/init.go | 64 + - .../golang-fips/openssl/v2/init_unix.go | 31 + - .../golang-fips/openssl/v2/init_windows.go | 36 + - .../golang-fips/openssl/v2/openssl.go | 469 ++++++++ - .../golang-fips/openssl/v2/params.go | 210 ++++ - .../golang-fips/openssl/v2/pbkdf2.go | 62 + - .../golang-fips/openssl/v2/port_dsa.c | 85 ++ - .../openssl/v2/port_evp_md5_sha1.c | 126 ++ - .../github.com/golang-fips/openssl/v2/rand.go | 20 + - .../github.com/golang-fips/openssl/v2/rc4.go | 66 ++ - .../github.com/golang-fips/openssl/v2/rsa.go | 408 +++++++ - .../github.com/golang-fips/openssl/v2/shims.h | 416 +++++++ - .../golang-fips/openssl/v2/thread_setup.go | 14 + - .../golang-fips/openssl/v2/thread_setup.h | 4 + - .../openssl/v2/thread_setup_unix.c | 64 + - .../openssl/v2/thread_setup_windows.c | 64 + - .../golang-fips/openssl/v2/tls1prf.go | 160 +++ - .../github.com/golang-fips/openssl/v2/zaes.go | 86 ++ - .../microsoft/go-crypto-winnative/LICENSE | 21 + - .../microsoft/go-crypto-winnative/cng/aes.go | 393 +++++++ - .../go-crypto-winnative/cng/bbig/big.go | 31 + - .../microsoft/go-crypto-winnative/cng/big.go | 30 + - .../go-crypto-winnative/cng/cipher.go | 52 + - .../microsoft/go-crypto-winnative/cng/cng.go | 131 +++ - .../microsoft/go-crypto-winnative/cng/des.go | 106 ++ - .../microsoft/go-crypto-winnative/cng/dsa.go | 465 ++++++++ - .../microsoft/go-crypto-winnative/cng/ecdh.go | 255 ++++ - .../go-crypto-winnative/cng/ecdsa.go | 169 +++ - .../microsoft/go-crypto-winnative/cng/hash.go | 306 +++++ - .../microsoft/go-crypto-winnative/cng/hkdf.go | 124 ++ - .../microsoft/go-crypto-winnative/cng/hmac.go | 35 + - .../microsoft/go-crypto-winnative/cng/keys.go | 220 ++++ - .../go-crypto-winnative/cng/pbkdf2.go | 70 ++ - .../microsoft/go-crypto-winnative/cng/rand.go | 28 + - .../microsoft/go-crypto-winnative/cng/rc4.go | 65 + - .../microsoft/go-crypto-winnative/cng/rsa.go | 396 +++++++ - .../go-crypto-winnative/cng/tls1prf.go | 88 ++ - .../internal/bcrypt/bcrypt_windows.go | 359 ++++++ - .../internal/bcrypt/zsyscall_windows.go | 389 ++++++ - .../internal/subtle/aliasing.go | 32 + - .../internal/sysdll/sys_windows.go | 55 + - src/vendor/modules.txt | 11 + - 63 files changed, 11044 insertions(+) + .../golang-fips/openssl/v2/.gitignore | 1 + + .../golang-fips/openssl/v2/.gitleaks.toml | 9 + + .../github.com/golang-fips/openssl/v2/LICENSE | 20 + + .../golang-fips/openssl/v2/README.md | 66 ++ + .../github.com/golang-fips/openssl/v2/aes.go | 147 ++++ + .../golang-fips/openssl/v2/bbig/big.go | 37 + + .../github.com/golang-fips/openssl/v2/big.go | 11 + + .../golang-fips/openssl/v2/cgo_go124.go | 18 + + .../golang-fips/openssl/v2/cipher.go | 569 +++++++++++++++ + .../github.com/golang-fips/openssl/v2/des.go | 114 +++ + .../github.com/golang-fips/openssl/v2/dsa.go | 323 +++++++++ + .../github.com/golang-fips/openssl/v2/ec.go | 68 ++ + .../github.com/golang-fips/openssl/v2/ecdh.go | 303 ++++++++ + .../golang-fips/openssl/v2/ecdsa.go | 208 ++++++ + .../golang-fips/openssl/v2/ed25519.go | 228 ++++++ + .../github.com/golang-fips/openssl/v2/evp.go | 580 +++++++++++++++ + .../golang-fips/openssl/v2/goopenssl.c | 248 +++++++ + .../golang-fips/openssl/v2/goopenssl.h | 261 +++++++ + .../github.com/golang-fips/openssl/v2/hash.go | 673 ++++++++++++++++++ + .../github.com/golang-fips/openssl/v2/hkdf.go | 322 +++++++++ + .../github.com/golang-fips/openssl/v2/hmac.go | 274 +++++++ + .../github.com/golang-fips/openssl/v2/init.go | 64 ++ + .../golang-fips/openssl/v2/init_unix.go | 31 + + .../golang-fips/openssl/v2/init_windows.go | 36 + + .../golang-fips/openssl/v2/openssl.go | 469 ++++++++++++ + .../golang-fips/openssl/v2/params.go | 210 ++++++ + .../golang-fips/openssl/v2/pbkdf2.go | 62 ++ + .../golang-fips/openssl/v2/port_dsa.c | 85 +++ + .../github.com/golang-fips/openssl/v2/rand.go | 20 + + .../github.com/golang-fips/openssl/v2/rc4.go | 66 ++ + .../github.com/golang-fips/openssl/v2/rsa.go | 408 +++++++++++ + .../github.com/golang-fips/openssl/v2/shims.h | 413 +++++++++++ + .../golang-fips/openssl/v2/thread_setup.go | 14 + + .../golang-fips/openssl/v2/thread_setup.h | 4 + + .../openssl/v2/thread_setup_unix.c | 64 ++ + .../openssl/v2/thread_setup_windows.c | 64 ++ + .../golang-fips/openssl/v2/tls1prf.go | 160 +++++ + .../github.com/golang-fips/openssl/v2/zaes.go | 86 +++ + .../microsoft/go-crypto-winnative/LICENSE | 21 + + .../microsoft/go-crypto-winnative/cng/aes.go | 393 ++++++++++ + .../go-crypto-winnative/cng/bbig/big.go | 31 + + .../microsoft/go-crypto-winnative/cng/big.go | 30 + + .../go-crypto-winnative/cng/cipher.go | 52 ++ + .../microsoft/go-crypto-winnative/cng/cng.go | 131 ++++ + .../microsoft/go-crypto-winnative/cng/des.go | 106 +++ + .../microsoft/go-crypto-winnative/cng/dsa.go | 465 ++++++++++++ + .../microsoft/go-crypto-winnative/cng/ecdh.go | 255 +++++++ + .../go-crypto-winnative/cng/ecdsa.go | 169 +++++ + .../microsoft/go-crypto-winnative/cng/hash.go | 306 ++++++++ + .../microsoft/go-crypto-winnative/cng/hkdf.go | 124 ++++ + .../microsoft/go-crypto-winnative/cng/hmac.go | 35 + + .../microsoft/go-crypto-winnative/cng/keys.go | 220 ++++++ + .../go-crypto-winnative/cng/pbkdf2.go | 70 ++ + .../microsoft/go-crypto-winnative/cng/rand.go | 28 + + .../microsoft/go-crypto-winnative/cng/rc4.go | 65 ++ + .../microsoft/go-crypto-winnative/cng/rsa.go | 396 +++++++++++ + .../go-crypto-winnative/cng/tls1prf.go | 88 +++ + .../internal/bcrypt/bcrypt_windows.go | 359 ++++++++++ + .../internal/bcrypt/zsyscall_windows.go | 389 ++++++++++ + .../internal/subtle/aliasing.go | 32 + + .../internal/sysdll/sys_windows.go | 55 ++ + src/vendor/modules.txt | 11 + + 62 files changed, 10567 insertions(+) create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/.gitignore create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/.gitleaks.toml create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/LICENSE @@ -97,7 +96,6 @@ To reproduce, run 'go mod vendor' in 'go/src'. create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/params.go create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/pbkdf2.go create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/port_dsa.c - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/port_evp_md5_sha1.c create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/rand.go create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/rc4.go create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/rsa.go @@ -2113,10 +2111,10 @@ index 00000000000000..bc5f1117fd4355 +} diff --git a/src/vendor/github.com/golang-fips/openssl/v2/ed25519.go b/src/vendor/github.com/golang-fips/openssl/v2/ed25519.go new file mode 100644 -index 00000000000000..cd237025109997 +index 00000000000000..f96db2cd5efcad --- /dev/null +++ b/src/vendor/github.com/golang-fips/openssl/v2/ed25519.go -@@ -0,0 +1,218 @@ +@@ -0,0 +1,228 @@ +//go:build !cmd_go_bootstrap + +package openssl @@ -2209,7 +2207,7 @@ index 00000000000000..cd237025109997 + if err := extractPKEYPubEd25519(k._pkey, pub); err != nil { + return nil, err + } -+ pubk, err := NewPublicKeyEd25119(pub) ++ pubk, err := NewPublicKeyEd25519(pub) + if err != nil { + return nil, err + } @@ -2227,14 +2225,24 @@ index 00000000000000..cd237025109997 + return priv, nil +} + ++// Deprecated: use NewPrivateKeyEd25519 instead. +func NewPrivateKeyEd25119(priv []byte) (*PrivateKeyEd25519, error) { ++ return NewPrivateKeyEd25519(priv) ++} ++ ++func NewPrivateKeyEd25519(priv []byte) (*PrivateKeyEd25519, error) { + if len(priv) != privateKeySizeEd25519 { + panic("ed25519: bad private key length: " + strconv.Itoa(len(priv))) + } + return NewPrivateKeyEd25519FromSeed(priv[:seedSizeEd25519]) +} + ++// Deprecated: use NewPublicKeyEd25519 instead. +func NewPublicKeyEd25119(pub []byte) (*PublicKeyEd25519, error) { ++ return NewPublicKeyEd25519(pub) ++} ++ ++func NewPublicKeyEd25519(pub []byte) (*PublicKeyEd25519, error) { + if len(pub) != publicKeySizeEd25519 { + panic("ed25519: bad public key length: " + strconv.Itoa(len(pub))) + } @@ -2337,10 +2345,10 @@ index 00000000000000..cd237025109997 +} diff --git a/src/vendor/github.com/golang-fips/openssl/v2/evp.go b/src/vendor/github.com/golang-fips/openssl/v2/evp.go new file mode 100644 -index 00000000000000..ef68bbfb8fb065 +index 00000000000000..8b5b367f9f8092 --- /dev/null +++ b/src/vendor/github.com/golang-fips/openssl/v2/evp.go -@@ -0,0 +1,569 @@ +@@ -0,0 +1,580 @@ +//go:build !cmd_go_bootstrap + +package openssl @@ -2391,29 +2399,8 @@ index 00000000000000..ef68bbfb8fb065 + +// hashToMD converts a hash.Hash implementation from this package to a GO_EVP_MD_PTR. +func hashToMD(h hash.Hash) C.GO_EVP_MD_PTR { -+ var ch crypto.Hash -+ switch h.(type) { -+ case *sha1Hash, *sha1Marshal: -+ ch = crypto.SHA1 -+ case *sha224Hash, *sha224Marshal: -+ ch = crypto.SHA224 -+ case *sha256Hash, *sha256Marshal: -+ ch = crypto.SHA256 -+ case *sha384Hash, *sha384Marshal: -+ ch = crypto.SHA384 -+ case *sha512Hash, *sha512Marshal: -+ ch = crypto.SHA512 -+ case *sha3_224Hash: -+ ch = crypto.SHA3_224 -+ case *sha3_256Hash: -+ ch = crypto.SHA3_256 -+ case *sha3_384Hash: -+ ch = crypto.SHA3_384 -+ case *sha3_512Hash: -+ ch = crypto.SHA3_512 -+ } -+ if ch != 0 { -+ return cryptoHashToMD(ch) ++ if h, ok := h.(*evpHash); ok { ++ return h.alg.md + } + return nil +} @@ -2432,78 +2419,110 @@ index 00000000000000..ef68bbfb8fb065 + return md, nil +} + -+// cryptoHashToMD converts a crypto.Hash to a GO_EVP_MD_PTR. -+func cryptoHashToMD(ch crypto.Hash) (md C.GO_EVP_MD_PTR) { ++type hashAlgorithm struct { ++ md C.GO_EVP_MD_PTR ++ ch crypto.Hash ++ size int ++ blockSize int ++ marshallable bool ++ magic string ++ marshalledSize int ++} ++ ++// loadHash converts a crypto.Hash to a EVP_MD. ++func loadHash(ch crypto.Hash) *hashAlgorithm { + if v, ok := cacheMD.Load(ch); ok { -+ return v.(C.GO_EVP_MD_PTR) -+ } -+ defer func() { -+ if md != nil { -+ switch vMajor { -+ case 1: -+ // On OpenSSL 1 EVP_MD objects can be not-nil even -+ // when they are not supported. We need to pass the md -+ // to a EVP_MD_CTX to really know if they can be used. -+ ctx := C.go_openssl_EVP_MD_CTX_new() -+ if C.go_openssl_EVP_DigestInit_ex(ctx, md, nil) != 1 { -+ md = nil -+ } -+ C.go_openssl_EVP_MD_CTX_free(ctx) -+ case 3: -+ // On OpenSSL 3, directly operating on a EVP_MD object -+ // not created by EVP_MD_fetch has negative performance -+ // implications, as digest operations will have -+ // to fetch it on every call. Better to just fetch it once here. -+ md = C.go_openssl_EVP_MD_fetch(nil, C.go_openssl_EVP_MD_get0_name(md), nil) -+ default: -+ panic(errUnsupportedVersion()) -+ } -+ } -+ cacheMD.Store(ch, md) -+ }() -+ // SupportsHash returns false for MD5SHA1 because we don't -+ // provide a hash.Hash implementation for it. Yet, it can -+ // still be used when signing/verifying with an RSA key. -+ if ch == crypto.MD5SHA1 { -+ if vMajor == 1 && vMinor == 0 { -+ return C.go_openssl_EVP_md5_sha1_backport() -+ } else { -+ return C.go_openssl_EVP_md5_sha1() -+ } ++ return v.(*hashAlgorithm) + } ++ ++ var hash hashAlgorithm + switch ch { ++ case crypto.RIPEMD160: ++ hash.md = C.go_openssl_EVP_ripemd160() + case crypto.MD4: -+ return C.go_openssl_EVP_md4() ++ hash.md = C.go_openssl_EVP_md4() + case crypto.MD5: -+ return C.go_openssl_EVP_md5() ++ hash.md = C.go_openssl_EVP_md5() ++ hash.magic = md5Magic ++ hash.marshalledSize = md5MarshaledSize ++ case crypto.MD5SHA1: ++ if vMajor == 1 && vMinor == 0 { ++ // OpenSSL 1.0.2 does not support MD5SHA1. ++ hash.md = nil ++ } else { ++ hash.md = C.go_openssl_EVP_md5_sha1() ++ } + case crypto.SHA1: -+ return C.go_openssl_EVP_sha1() ++ hash.md = C.go_openssl_EVP_sha1() ++ hash.magic = sha1Magic ++ hash.marshalledSize = sha1MarshaledSize + case crypto.SHA224: -+ return C.go_openssl_EVP_sha224() ++ hash.md = C.go_openssl_EVP_sha224() ++ hash.magic = magic224 ++ hash.marshalledSize = marshaledSize256 + case crypto.SHA256: -+ return C.go_openssl_EVP_sha256() ++ hash.md = C.go_openssl_EVP_sha256() ++ hash.magic = magic256 ++ hash.marshalledSize = marshaledSize256 + case crypto.SHA384: -+ return C.go_openssl_EVP_sha384() ++ hash.md = C.go_openssl_EVP_sha384() ++ hash.magic = magic384 ++ hash.marshalledSize = marshaledSize512 + case crypto.SHA512: -+ return C.go_openssl_EVP_sha512() ++ hash.md = C.go_openssl_EVP_sha512() ++ hash.magic = magic512 ++ hash.marshalledSize = marshaledSize512 ++ case crypto.SHA512_224: ++ if versionAtOrAbove(1, 1, 1) { ++ hash.md = C.go_openssl_EVP_sha512_224() ++ hash.magic = magic512_224 ++ hash.marshalledSize = marshaledSize512 ++ } ++ case crypto.SHA512_256: ++ if versionAtOrAbove(1, 1, 1) { ++ hash.md = C.go_openssl_EVP_sha512_256() ++ hash.magic = magic512_256 ++ hash.marshalledSize = marshaledSize512 ++ } + case crypto.SHA3_224: + if versionAtOrAbove(1, 1, 1) { -+ return C.go_openssl_EVP_sha3_224() ++ hash.md = C.go_openssl_EVP_sha3_224() + } + case crypto.SHA3_256: + if versionAtOrAbove(1, 1, 1) { -+ return C.go_openssl_EVP_sha3_256() ++ hash.md = C.go_openssl_EVP_sha3_256() + } + case crypto.SHA3_384: + if versionAtOrAbove(1, 1, 1) { -+ return C.go_openssl_EVP_sha3_384() ++ hash.md = C.go_openssl_EVP_sha3_384() + } + case crypto.SHA3_512: + if versionAtOrAbove(1, 1, 1) { -+ return C.go_openssl_EVP_sha3_512() ++ hash.md = C.go_openssl_EVP_sha3_512() + } + } -+ return nil ++ if hash.md == nil { ++ cacheMD.Store(ch, (*hashAlgorithm)(nil)) ++ return nil ++ } ++ hash.ch = ch ++ hash.size = int(C.go_openssl_EVP_MD_get_size(hash.md)) ++ hash.blockSize = int(C.go_openssl_EVP_MD_get_block_size(hash.md)) ++ if vMajor == 3 { ++ // On OpenSSL 3, directly operating on a EVP_MD object ++ // not created by EVP_MD_fetch has negative performance ++ // implications, as digest operations will have ++ // to fetch it on every call. Better to just fetch it once here. ++ md := C.go_openssl_EVP_MD_fetch(nil, C.go_openssl_EVP_MD_get0_name(hash.md), nil) ++ // Don't overwrite md in case it can't be fetched, as the md may still be used ++ // outside of EVP_MD_CTX, for example to sign and verify RSA signatures. ++ if md != nil { ++ hash.md = md ++ } ++ } ++ hash.marshallable = hash.magic != "" && isHashMarshallable(hash.md) ++ cacheMD.Store(ch, &hash) ++ return &hash +} + +// generateEVPPKey generates a new EVP_PKEY with the given id and properties. @@ -2645,11 +2664,11 @@ index 00000000000000..ef68bbfb8fb065 + } + } + case C.GO_RSA_PKCS1_PSS_PADDING: -+ md := cryptoHashToMD(ch) -+ if md == nil { ++ alg := loadHash(ch) ++ if alg == nil { + return nil, errors.New("crypto/rsa: unsupported hash function") + } -+ if C.go_openssl_EVP_PKEY_CTX_ctrl(ctx, C.GO_EVP_PKEY_RSA, -1, C.GO_EVP_PKEY_CTRL_MD, 0, unsafe.Pointer(md)) != 1 { ++ if C.go_openssl_EVP_PKEY_CTX_ctrl(ctx, C.GO_EVP_PKEY_RSA, -1, C.GO_EVP_PKEY_CTRL_MD, 0, unsafe.Pointer(alg.md)) != 1 { + return nil, newOpenSSLError("EVP_PKEY_CTX_ctrl failed") + } + // setPadding must happen after setting EVP_PKEY_CTRL_MD. @@ -2665,11 +2684,11 @@ index 00000000000000..ef68bbfb8fb065 + case C.GO_RSA_PKCS1_PADDING: + if ch != 0 { + // We support unhashed messages. -+ md := cryptoHashToMD(ch) -+ if md == nil { ++ alg := loadHash(ch) ++ if alg == nil { + return nil, errors.New("crypto/rsa: unsupported hash function") + } -+ if C.go_openssl_EVP_PKEY_CTX_ctrl(ctx, -1, -1, C.GO_EVP_PKEY_CTRL_MD, 0, unsafe.Pointer(md)) != 1 { ++ if C.go_openssl_EVP_PKEY_CTX_ctrl(ctx, -1, -1, C.GO_EVP_PKEY_CTRL_MD, 0, unsafe.Pointer(alg.md)) != 1 { + return nil, newOpenSSLError("EVP_PKEY_CTX_ctrl failed") + } + if err := setPadding(); err != nil { @@ -2784,8 +2803,8 @@ index 00000000000000..ef68bbfb8fb065 +} + +func evpHashSign(withKey withKeyFunc, h crypto.Hash, msg []byte) ([]byte, error) { -+ md := cryptoHashToMD(h) -+ if md == nil { ++ alg := loadHash(h) ++ if alg == nil { + return nil, errors.New("unsupported hash function: " + strconv.Itoa(int(h))) + } + var out []byte @@ -2796,7 +2815,7 @@ index 00000000000000..ef68bbfb8fb065 + } + defer C.go_openssl_EVP_MD_CTX_free(ctx) + if withKey(func(key C.GO_EVP_PKEY_PTR) C.int { -+ return C.go_openssl_EVP_DigestSignInit(ctx, nil, md, nil, key) ++ return C.go_openssl_EVP_DigestSignInit(ctx, nil, alg.md, nil, key) + }) != 1 { + return nil, newOpenSSLError("EVP_DigestSignInit failed") + } @@ -2816,8 +2835,8 @@ index 00000000000000..ef68bbfb8fb065 +} + +func evpHashVerify(withKey withKeyFunc, h crypto.Hash, msg, sig []byte) error { -+ md := cryptoHashToMD(h) -+ if md == nil { ++ alg := loadHash(h) ++ if alg == nil { + return errors.New("unsupported hash function: " + strconv.Itoa(int(h))) + } + ctx := C.go_openssl_EVP_MD_CTX_new() @@ -2826,7 +2845,7 @@ index 00000000000000..ef68bbfb8fb065 + } + defer C.go_openssl_EVP_MD_CTX_free(ctx) + if withKey(func(key C.GO_EVP_PKEY_PTR) C.int { -+ return C.go_openssl_EVP_DigestVerifyInit(ctx, nil, md, nil, key) ++ return C.go_openssl_EVP_DigestVerifyInit(ctx, nil, alg.md, nil, key) + }) != 1 { + return newOpenSSLError("EVP_DigestVerifyInit failed") + } @@ -3166,10 +3185,10 @@ index 00000000000000..626f184badc53d +} diff --git a/src/vendor/github.com/golang-fips/openssl/v2/goopenssl.h b/src/vendor/github.com/golang-fips/openssl/v2/goopenssl.h new file mode 100644 -index 00000000000000..1165f99157c663 +index 00000000000000..f5cdced630679f --- /dev/null +++ b/src/vendor/github.com/golang-fips/openssl/v2/goopenssl.h -@@ -0,0 +1,262 @@ +@@ -0,0 +1,261 @@ +// This header file describes the OpenSSL ABI as built for use in Go. + +#include // size_t @@ -3199,7 +3218,6 @@ index 00000000000000..1165f99157c663 +int go_openssl_version_patch(void* handle); +int go_openssl_thread_setup(void); +void go_openssl_load_functions(void* handle, unsigned int major, unsigned int minor, unsigned int patch); -+const GO_EVP_MD_PTR go_openssl_EVP_md5_sha1_backport(void); +void go_openssl_DSA_get0_pqg_backport(const GO_DSA_PTR d, GO_BIGNUM_PTR *p, GO_BIGNUM_PTR *q, GO_BIGNUM_PTR *g); +int go_openssl_DSA_set0_pqg_backport(GO_DSA_PTR d, GO_BIGNUM_PTR p, GO_BIGNUM_PTR q, GO_BIGNUM_PTR g); +void go_openssl_DSA_get0_key_backport(const GO_DSA_PTR d, GO_BIGNUM_PTR *pub_key, GO_BIGNUM_PTR *priv_key); @@ -3435,10 +3453,10 @@ index 00000000000000..1165f99157c663 \ No newline at end of file diff --git a/src/vendor/github.com/golang-fips/openssl/v2/hash.go b/src/vendor/github.com/golang-fips/openssl/v2/hash.go new file mode 100644 -index 00000000000000..6fd3a518906004 +index 00000000000000..6f89cfc7a4f234 --- /dev/null +++ b/src/vendor/github.com/golang-fips/openssl/v2/hash.go -@@ -0,0 +1,1041 @@ +@@ -0,0 +1,673 @@ +//go:build !cmd_go_bootstrap + +package openssl @@ -3455,6 +3473,9 @@ index 00000000000000..6fd3a518906004 + "unsafe" +) + ++// maxHashSize is the size of SHA52 and SHA3_512, the largest hashes we support. ++const maxHashSize = 64 ++ +// NOTE: Implementation ported from https://go-review.googlesource.com/c/go/+/404295. +// The cgo calls in this file are arranged to avoid marking the parameters as escaping. +// To do that, we call noescape (including via addr). @@ -3467,7 +3488,7 @@ index 00000000000000..6fd3a518906004 +// This is all to preserve compatibility with the allocation behavior of the non-openssl implementations. + +func hashOneShot(ch crypto.Hash, p []byte, sum []byte) bool { -+ return C.go_openssl_EVP_Digest(unsafe.Pointer(&*addr(p)), C.size_t(len(p)), (*C.uchar)(unsafe.Pointer(&*addr(sum))), nil, cryptoHashToMD(ch), nil) != 0 ++ return C.go_openssl_EVP_Digest(unsafe.Pointer(&*addr(p)), C.size_t(len(p)), (*C.uchar)(unsafe.Pointer(&*addr(sum))), nil, loadHash(ch).md, nil) != 0 +} + +func MD4(p []byte) (sum [16]byte) { @@ -3519,9 +3540,43 @@ index 00000000000000..6fd3a518906004 + return +} + -+// SupportsHash returns true if a hash.Hash implementation is supported for h. ++func SHA512_224(p []byte) (sum [28]byte) { ++ if !hashOneShot(crypto.SHA512_224, p, sum[:]) { ++ panic("openssl: SHA512 failed") ++ } ++ return ++} ++ ++func SHA512_256(p []byte) (sum [32]byte) { ++ if !hashOneShot(crypto.SHA512_256, p, sum[:]) { ++ panic("openssl: SHA512_256 failed") ++ } ++ return ++} ++ ++// cacheHashSupported is a cache of crypto.Hash support. ++var cacheHashSupported sync.Map ++ ++// SupportsHash reports whether the current OpenSSL version supports the given hash. +func SupportsHash(h crypto.Hash) bool { -+ return cryptoHashToMD(h) != nil ++ if v, ok := cacheHashSupported.Load(h); ok { ++ return v.(bool) ++ } ++ alg := loadHash(h) ++ if alg == nil { ++ cacheHashSupported.Store(h, false) ++ return false ++ } ++ // EVP_MD objects can be non-nil even when they can't be used ++ // in a EVP_MD_CTX, e.g. MD5 in FIPS mode. We need to prove ++ // if they can be used by passing them to a EVP_MD_CTX. ++ var supported bool ++ if ctx := C.go_openssl_EVP_MD_CTX_new(); ctx != nil { ++ supported = C.go_openssl_EVP_DigestInit_ex(ctx, alg.md, nil) == 1 ++ C.go_openssl_EVP_MD_CTX_free(ctx) ++ } ++ cacheHashSupported.Store(h, supported) ++ return supported +} + +func SHA3_224(p []byte) (sum [28]byte) { @@ -3552,21 +3607,79 @@ index 00000000000000..6fd3a518906004 + return +} + -+var isMarshallableCache sync.Map ++// NewMD4 returns a new MD4 hash. ++// The returned hash doesn't implement encoding.BinaryMarshaler and ++// encoding.BinaryUnmarshaler. ++func NewMD4() hash.Hash { ++ return newEvpHash(crypto.MD4) ++} ++ ++// NewMD5 returns a new MD5 hash. ++func NewMD5() hash.Hash { ++ return newEvpHash(crypto.MD5) ++} ++ ++// NewSHA1 returns a new SHA1 hash. ++func NewSHA1() hash.Hash { ++ return newEvpHash(crypto.SHA1) ++} ++ ++// NewSHA224 returns a new SHA224 hash. ++func NewSHA224() hash.Hash { ++ return newEvpHash(crypto.SHA224) ++} ++ ++// NewSHA256 returns a new SHA256 hash. ++func NewSHA256() hash.Hash { ++ return newEvpHash(crypto.SHA256) ++} ++ ++// NewSHA384 returns a new SHA384 hash. ++func NewSHA384() hash.Hash { ++ return newEvpHash(crypto.SHA384) ++} ++ ++// NewSHA512 returns a new SHA512 hash. ++func NewSHA512() hash.Hash { ++ return newEvpHash(crypto.SHA512) ++} ++ ++// NewSHA512_224 returns a new SHA512_224 hash. ++func NewSHA512_224() hash.Hash { ++ return newEvpHash(crypto.SHA512_224) ++} ++ ++// NewSHA512_256 returns a new SHA512_256 hash. ++func NewSHA512_256() hash.Hash { ++ return newEvpHash(crypto.SHA512_256) ++} + -+// isHashMarshallable returns true if the memory layout of cb ++// NewSHA3_224 returns a new SHA3-224 hash. ++func NewSHA3_224() hash.Hash { ++ return newEvpHash(crypto.SHA3_224) ++} ++ ++// NewSHA3_256 returns a new SHA3-256 hash. ++func NewSHA3_256() hash.Hash { ++ return newEvpHash(crypto.SHA3_256) ++} ++ ++// NewSHA3_384 returns a new SHA3-384 hash. ++func NewSHA3_384() hash.Hash { ++ return newEvpHash(crypto.SHA3_384) ++} ++ ++// NewSHA3_512 returns a new SHA3-512 hash. ++func NewSHA3_512() hash.Hash { ++ return newEvpHash(crypto.SHA3_512) ++} ++ ++// isHashMarshallable returns true if the memory layout of md +// is known by this library and can therefore be marshalled. -+func isHashMarshallable(ch crypto.Hash) bool { ++func isHashMarshallable(md C.GO_EVP_MD_PTR) bool { + if vMajor == 1 { + return true + } -+ if v, ok := isMarshallableCache.Load(ch); ok { -+ return v.(bool) -+ } -+ md := cryptoHashToMD(ch) -+ if md == nil { -+ return false -+ } + prov := C.go_openssl_EVP_MD_get0_provider(md) + if prov == nil { + return false @@ -3579,40 +3692,34 @@ index 00000000000000..6fd3a518906004 + // We only know the memory layout of the built-in providers. + // See evpHash.hashState for more details. + marshallable := name == "default" || name == "fips" -+ isMarshallableCache.Store(ch, marshallable) + return marshallable +} + +// evpHash implements generic hash methods. +type evpHash struct { ++ alg *hashAlgorithm + ctx C.GO_EVP_MD_CTX_PTR + // ctx2 is used in evpHash.sum to avoid changing + // the state of ctx. Having it here allows reusing the + // same allocated object multiple times. -+ ctx2 C.GO_EVP_MD_CTX_PTR -+ size int -+ blockSize int -+ marshallable bool ++ ctx2 C.GO_EVP_MD_CTX_PTR +} + +func newEvpHash(ch crypto.Hash) *evpHash { -+ md := cryptoHashToMD(ch) -+ if md == nil { ++ alg := loadHash(ch) ++ if alg == nil { + panic("openssl: unsupported hash function: " + strconv.Itoa(int(ch))) + } + ctx := C.go_openssl_EVP_MD_CTX_new() -+ if C.go_openssl_EVP_DigestInit_ex(ctx, md, nil) != 1 { ++ if C.go_openssl_EVP_DigestInit_ex(ctx, alg.md, nil) != 1 { + C.go_openssl_EVP_MD_CTX_free(ctx) + panic(newOpenSSLError("EVP_DigestInit_ex")) + } + ctx2 := C.go_openssl_EVP_MD_CTX_new() -+ blockSize := int(C.go_openssl_EVP_MD_get_block_size(md)) + h := &evpHash{ -+ ctx: ctx, -+ ctx2: ctx2, -+ size: ch.Size(), -+ blockSize: blockSize, -+ marshallable: isHashMarshallable(ch), ++ alg: alg, ++ ctx: ctx, ++ ctx2: ctx2, + } + runtime.SetFinalizer(h, (*evpHash).finalize) + return h @@ -3657,24 +3764,26 @@ index 00000000000000..6fd3a518906004 +} + +func (h *evpHash) Size() int { -+ return h.size ++ return h.alg.size +} + +func (h *evpHash) BlockSize() int { -+ return h.blockSize ++ return h.alg.blockSize +} + -+func (h *evpHash) sum(out []byte) { ++func (h *evpHash) Sum(in []byte) []byte { ++ defer runtime.KeepAlive(h) ++ out := make([]byte, h.Size(), maxHashSize) // explicit cap to allow stack allocation + if C.go_hash_sum(h.ctx, h.ctx2, base(out)) != 1 { + panic(newOpenSSLError("go_hash_sum")) + } -+ runtime.KeepAlive(h) ++ return append(in, out...) +} + -+// clone returns a new evpHash object that is a deep clone of itself. ++// Clone returns a new evpHash object that is a deep clone of itself. +// The duplicate object contains all state and data contained in the +// original object at the point of duplication. -+func (h *evpHash) clone() (*evpHash, error) { ++func (h *evpHash) Clone() (hash.Hash, error) { + ctx := C.go_openssl_EVP_MD_CTX_new() + if ctx == nil { + return nil, newOpenSSLError("EVP_MD_CTX_new") @@ -3689,11 +3798,9 @@ index 00000000000000..6fd3a518906004 + return nil, newOpenSSLError("EVP_MD_CTX_new") + } + cloned := &evpHash{ -+ ctx: ctx, -+ ctx2: ctx2, -+ size: h.size, -+ blockSize: h.blockSize, -+ marshallable: h.marshallable, ++ alg: h.alg, ++ ctx: ctx, ++ ctx2: ctx2, + } + runtime.SetFinalizer(cloned, (*evpHash).finalize) + return cloned, nil @@ -3703,10 +3810,7 @@ index 00000000000000..6fd3a518906004 +// +// The EVP_MD_CTX memory layout has changed in OpenSSL 3 +// and the property holding the internal structure is no longer md_data but algctx. -+func (h *evpHash) hashState() unsafe.Pointer { -+ if !h.marshallable { -+ panic("openssl: hash state is not marshallable") -+ } ++func hashState(ctx C.GO_EVP_MD_CTX_PTR) unsafe.Pointer { + switch vMajor { + case 1: + // https://github.com/openssl/openssl/blob/0418e993c717a6863f206feaa40673a261de7395/crypto/evp/evp_local.h#L12. @@ -3715,7 +3819,7 @@ index 00000000000000..6fd3a518906004 + _ C.ulong + md_data unsafe.Pointer + } -+ return (*mdCtx)(unsafe.Pointer(h.ctx)).md_data ++ return (*mdCtx)(unsafe.Pointer(ctx)).md_data + case 3: + // https://github.com/openssl/openssl/blob/5675a5aaf6a2e489022bcfc18330dae9263e598e/crypto/evp/evp_local.h#L16. + type mdCtx struct { @@ -3724,49 +3828,94 @@ index 00000000000000..6fd3a518906004 + _ [3]unsafe.Pointer + algctx unsafe.Pointer + } -+ return (*mdCtx)(unsafe.Pointer(h.ctx)).algctx ++ return (*mdCtx)(unsafe.Pointer(ctx)).algctx + default: + panic(errUnsupportedVersion()) + } +} + -+// NewMD4 returns a new MD4 hash. -+// The returned hash doesn't implement encoding.BinaryMarshaler and -+// encoding.BinaryUnmarshaler. -+func NewMD4() hash.Hash { -+ return &md4Hash{ -+ evpHash: newEvpHash(crypto.MD4), ++func (d *evpHash) MarshalBinary() ([]byte, error) { ++ if !d.alg.marshallable { ++ return nil, errors.New("openssl: hash state is not marshallable") + } ++ buf := make([]byte, 0, d.alg.marshalledSize) ++ return d.AppendBinary(buf) +} + -+type md4Hash struct { -+ *evpHash -+ out [16]byte -+} -+ -+func (h *md4Hash) Sum(in []byte) []byte { -+ h.sum(h.out[:]) -+ return append(in, h.out[:]...) -+} -+ -+// Clone returns a new [hash.Hash] object that is a deep clone of itself. -+// The duplicate object contains all state and data contained in the -+// original object at the point of duplication. -+func (h *md4Hash) Clone() (hash.Hash, error) { -+ c, err := h.clone() -+ if err != nil { -+ return nil, err ++func (d *evpHash) AppendBinary(buf []byte) ([]byte, error) { ++ if !d.alg.marshallable { ++ return nil, errors.New("openssl: hash state is not marshallable") ++ } ++ state := hashState(d.ctx) ++ if state == nil { ++ return nil, errors.New("openssl: can't retrieve hash state") ++ } ++ var appender interface { ++ AppendBinary([]byte) ([]byte, error) ++ } ++ switch d.alg.ch { ++ case crypto.MD5: ++ appender = (*md5State)(state) ++ case crypto.SHA1: ++ appender = (*sha1State)(state) ++ case crypto.SHA224: ++ appender = (*sha256State)(state) ++ case crypto.SHA256: ++ appender = (*sha256State)(state) ++ case crypto.SHA384: ++ appender = (*sha512State)(state) ++ case crypto.SHA512: ++ appender = (*sha512State)(state) ++ case crypto.SHA512_224: ++ appender = (*sha512State)(state) ++ case crypto.SHA512_256: ++ appender = (*sha512State)(state) ++ default: ++ panic("openssl: unsupported hash function: " + strconv.Itoa(int(d.alg.ch))) + } -+ return &md4Hash{evpHash: c}, nil ++ buf = append(buf, d.alg.magic[:]...) ++ return appender.AppendBinary(buf) +} + -+// NewMD5 returns a new MD5 hash. -+func NewMD5() hash.Hash { -+ h := md5Hash{evpHash: newEvpHash(crypto.MD5)} -+ if h.marshallable { -+ return &md5Marshal{h} ++func (d *evpHash) UnmarshalBinary(b []byte) error { ++ if !d.alg.marshallable { ++ return errors.New("openssl: hash state is not marshallable") ++ } ++ if len(b) < len(d.alg.magic) || string(b[:len(d.alg.magic)]) != string(d.alg.magic[:]) { ++ return errors.New("openssl: invalid hash state identifier") ++ } ++ if len(b) != d.alg.marshalledSize { ++ return errors.New("openssl: invalid hash state size") ++ } ++ state := hashState(d.ctx) ++ if state == nil { ++ return errors.New("openssl: can't retrieve hash state") + } -+ return &h ++ b = b[len(d.alg.magic):] ++ var unmarshaler interface { ++ UnmarshalBinary([]byte) error ++ } ++ switch d.alg.ch { ++ case crypto.MD5: ++ unmarshaler = (*md5State)(state) ++ case crypto.SHA1: ++ unmarshaler = (*sha1State)(state) ++ case crypto.SHA224: ++ unmarshaler = (*sha256State)(state) ++ case crypto.SHA256: ++ unmarshaler = (*sha256State)(state) ++ case crypto.SHA384: ++ unmarshaler = (*sha512State)(state) ++ case crypto.SHA512: ++ unmarshaler = (*sha512State)(state) ++ case crypto.SHA512_224: ++ unmarshaler = (*sha512State)(state) ++ case crypto.SHA512_256: ++ unmarshaler = (*sha512State)(state) ++ default: ++ panic("openssl: unsupported hash function: " + strconv.Itoa(int(d.alg.ch))) ++ } ++ return unmarshaler.UnmarshalBinary(b) +} + +// md5State layout is taken from @@ -3778,53 +3927,12 @@ index 00000000000000..6fd3a518906004 + nx uint32 +} + -+type md5Hash struct { -+ *evpHash -+ out [16]byte -+} -+ -+func (h *md5Hash) Sum(in []byte) []byte { -+ h.sum(h.out[:]) -+ return append(in, h.out[:]...) -+} -+ -+// Clone returns a new [hash.Hash] object that is a deep clone of itself. -+// The duplicate object contains all state and data contained in the -+// original object at the point of duplication. -+func (h *md5Hash) Clone() (hash.Hash, error) { -+ c, err := h.clone() -+ if err != nil { -+ return nil, err -+ } -+ return &md5Hash{evpHash: c}, nil -+} -+ +const ( + md5Magic = "md5\x01" + md5MarshaledSize = len(md5Magic) + 4*4 + 64 + 8 +) + -+type md5Marshal struct { -+ md5Hash -+} -+ -+func (h *md5Marshal) MarshalBinary() ([]byte, error) { -+ buf := make([]byte, 0, md5MarshaledSize) -+ return h.AppendBinary(buf) -+} -+ -+func (h *md5Marshal) UnmarshalBinary(b []byte) error { -+ if len(b) < len(md5Magic) || string(b[:len(md5Magic)]) != md5Magic { -+ return errors.New("crypto/md5: invalid hash state identifier") -+ } -+ if len(b) != md5MarshaledSize { -+ return errors.New("crypto/md5: invalid hash state size") -+ } -+ d := (*md5State)(h.hashState()) -+ if d == nil { -+ return errors.New("crypto/md5: can't retrieve hash state") -+ } -+ b = b[len(md5Magic):] ++func (d *md5State) UnmarshalBinary(b []byte) error { + b, d.h[0] = consumeUint32(b) + b, d.h[1] = consumeUint32(b) + b, d.h[2] = consumeUint32(b) @@ -3837,13 +3945,7 @@ index 00000000000000..6fd3a518906004 + return nil +} + -+func (h *md5Marshal) AppendBinary(buf []byte) ([]byte, error) { -+ d := (*md5State)(h.hashState()) -+ if d == nil { -+ return nil, errors.New("crypto/md5: can't retrieve hash state") -+ } -+ -+ buf = append(buf, md5Magic...) ++func (d *md5State) AppendBinary(buf []byte) ([]byte, error) { + buf = appendUint32(buf, d.h[0]) + buf = appendUint32(buf, d.h[1]) + buf = appendUint32(buf, d.h[2]) @@ -3854,36 +3956,6 @@ index 00000000000000..6fd3a518906004 + return buf, nil +} + -+// NewSHA1 returns a new SHA1 hash. -+func NewSHA1() hash.Hash { -+ h := sha1Hash{evpHash: newEvpHash(crypto.SHA1)} -+ if h.marshallable { -+ return &sha1Marshal{h} -+ } -+ return &h -+} -+ -+type sha1Hash struct { -+ *evpHash -+ out [20]byte -+} -+ -+func (h *sha1Hash) Sum(in []byte) []byte { -+ h.sum(h.out[:]) -+ return append(in, h.out[:]...) -+} -+ -+// Clone returns a new [hash.Hash] object that is a deep clone of itself. -+// The duplicate object contains all state and data contained in the -+// original object at the point of duplication. -+func (h *sha1Hash) Clone() (hash.Hash, error) { -+ c, err := h.clone() -+ if err != nil { -+ return nil, err -+ } -+ return &sha1Hash{evpHash: c}, nil -+} -+ +// sha1State layout is taken from +// https://github.com/openssl/openssl/blob/0418e993c717a6863f206feaa40673a261de7395/include/openssl/sha.h#L34. +type sha1State struct { @@ -3898,27 +3970,7 @@ index 00000000000000..6fd3a518906004 + sha1MarshaledSize = len(sha1Magic) + 5*4 + 64 + 8 +) + -+type sha1Marshal struct { -+ sha1Hash -+} -+ -+func (h *sha1Marshal) MarshalBinary() ([]byte, error) { -+ buf := make([]byte, 0, sha1MarshaledSize) -+ return h.AppendBinary(buf) -+} -+ -+func (h *sha1Marshal) UnmarshalBinary(b []byte) error { -+ if len(b) < len(sha1Magic) || string(b[:len(sha1Magic)]) != sha1Magic { -+ return errors.New("crypto/sha1: invalid hash state identifier") -+ } -+ if len(b) != sha1MarshaledSize { -+ return errors.New("crypto/sha1: invalid hash state size") -+ } -+ d := (*sha1State)(h.hashState()) -+ if d == nil { -+ return errors.New("crypto/sha1: can't retrieve hash state") -+ } -+ b = b[len(sha1Magic):] ++func (d *sha1State) UnmarshalBinary(b []byte) error { + b, d.h[0] = consumeUint32(b) + b, d.h[1] = consumeUint32(b) + b, d.h[2] = consumeUint32(b) @@ -3932,12 +3984,7 @@ index 00000000000000..6fd3a518906004 + return nil +} + -+func (h *sha1Marshal) AppendBinary(buf []byte) ([]byte, error) { -+ d := (*sha1State)(h.hashState()) -+ if d == nil { -+ return nil, errors.New("crypto/sha1: can't retrieve hash state") -+ } -+ buf = append(buf, sha1Magic...) ++func (d *sha1State) AppendBinary(buf []byte) ([]byte, error) { + buf = appendUint32(buf, d.h[0]) + buf = appendUint32(buf, d.h[1]) + buf = appendUint32(buf, d.h[2]) @@ -3949,66 +3996,6 @@ index 00000000000000..6fd3a518906004 + return buf, nil +} + -+// NewSHA224 returns a new SHA224 hash. -+func NewSHA224() hash.Hash { -+ h := sha224Hash{evpHash: newEvpHash(crypto.SHA224)} -+ if h.marshallable { -+ return &sha224Marshal{h} -+ } -+ return &h -+} -+ -+type sha224Hash struct { -+ *evpHash -+ out [224 / 8]byte -+} -+ -+func (h *sha224Hash) Sum(in []byte) []byte { -+ h.sum(h.out[:]) -+ return append(in, h.out[:]...) -+} -+ -+// Clone returns a new [hash.Hash] object that is a deep clone of itself. -+// The duplicate object contains all state and data contained in the -+// original object at the point of duplication. -+func (h *sha224Hash) Clone() (hash.Hash, error) { -+ c, err := h.clone() -+ if err != nil { -+ return nil, err -+ } -+ return &sha224Hash{evpHash: c}, nil -+} -+ -+// NewSHA256 returns a new SHA256 hash. -+func NewSHA256() hash.Hash { -+ h := sha256Hash{evpHash: newEvpHash(crypto.SHA256)} -+ if h.marshallable { -+ return &sha256Marshal{h} -+ } -+ return &h -+} -+ -+type sha256Hash struct { -+ *evpHash -+ out [256 / 8]byte -+} -+ -+func (h *sha256Hash) Sum(in []byte) []byte { -+ h.sum(h.out[:]) -+ return append(in, h.out[:]...) -+} -+ -+// Clone returns a new [hash.Hash] object that is a deep clone of itself. -+// The duplicate object contains all state and data contained in the -+// original object at the point of duplication. -+func (h *sha256Hash) Clone() (hash.Hash, error) { -+ c, err := h.clone() -+ if err != nil { -+ return nil, err -+ } -+ return &sha256Hash{evpHash: c}, nil -+} -+ +const ( + magic224 = "sha\x02" + magic256 = "sha\x03" @@ -4024,36 +4011,7 @@ index 00000000000000..6fd3a518906004 + nx uint32 +} + -+type sha224Marshal struct { -+ sha224Hash -+} -+ -+type sha256Marshal struct { -+ sha256Hash -+} -+ -+func (h *sha224Marshal) MarshalBinary() ([]byte, error) { -+ buf := make([]byte, 0, marshaledSize256) -+ return h.AppendBinary(buf) -+} -+ -+func (h *sha256Marshal) MarshalBinary() ([]byte, error) { -+ buf := make([]byte, 0, marshaledSize256) -+ return h.AppendBinary(buf) -+} -+ -+func (h *sha224Marshal) UnmarshalBinary(b []byte) error { -+ if len(b) < len(magic224) || string(b[:len(magic224)]) != magic224 { -+ return errors.New("crypto/sha256: invalid hash state identifier") -+ } -+ if len(b) != marshaledSize256 { -+ return errors.New("crypto/sha256: invalid hash state size") -+ } -+ d := (*sha256State)(h.hashState()) -+ if d == nil { -+ return errors.New("crypto/sha256: can't retrieve hash state") -+ } -+ b = b[len(magic224):] ++func (d *sha256State) UnmarshalBinary(b []byte) error { + b, d.h[0] = consumeUint32(b) + b, d.h[1] = consumeUint32(b) + b, d.h[2] = consumeUint32(b) @@ -4070,40 +4028,7 @@ index 00000000000000..6fd3a518906004 + return nil +} + -+func (h *sha256Marshal) UnmarshalBinary(b []byte) error { -+ if len(b) < len(magic256) || string(b[:len(magic256)]) != magic256 { -+ return errors.New("crypto/sha256: invalid hash state identifier") -+ } -+ if len(b) != marshaledSize256 { -+ return errors.New("crypto/sha256: invalid hash state size") -+ } -+ d := (*sha256State)(h.hashState()) -+ if d == nil { -+ return errors.New("crypto/sha256: can't retrieve hash state") -+ } -+ b = b[len(magic256):] -+ b, d.h[0] = consumeUint32(b) -+ b, d.h[1] = consumeUint32(b) -+ b, d.h[2] = consumeUint32(b) -+ b, d.h[3] = consumeUint32(b) -+ b, d.h[4] = consumeUint32(b) -+ b, d.h[5] = consumeUint32(b) -+ b, d.h[6] = consumeUint32(b) -+ b, d.h[7] = consumeUint32(b) -+ b = b[copy(d.x[:], b):] -+ _, n := consumeUint64(b) -+ d.nl = uint32(n << 3) -+ d.nh = uint32(n >> 29) -+ d.nx = uint32(n) % 64 -+ return nil -+} -+ -+func (h *sha224Marshal) AppendBinary(buf []byte) ([]byte, error) { -+ d := (*sha256State)(h.hashState()) -+ if d == nil { -+ return nil, errors.New("crypto/sha256: can't retrieve hash state") -+ } -+ buf = append(buf, magic224...) ++func (d *sha256State) AppendBinary(buf []byte) ([]byte, error) { + buf = appendUint32(buf, d.h[0]) + buf = appendUint32(buf, d.h[1]) + buf = appendUint32(buf, d.h[2]) @@ -4118,86 +4043,6 @@ index 00000000000000..6fd3a518906004 + return buf, nil +} + -+func (h *sha256Marshal) AppendBinary(buf []byte) ([]byte, error) { -+ d := (*sha256State)(h.hashState()) -+ if d == nil { -+ return nil, errors.New("crypto/sha256: can't retrieve hash state") -+ } -+ buf = append(buf, magic256...) -+ buf = appendUint32(buf, d.h[0]) -+ buf = appendUint32(buf, d.h[1]) -+ buf = appendUint32(buf, d.h[2]) -+ buf = appendUint32(buf, d.h[3]) -+ buf = appendUint32(buf, d.h[4]) -+ buf = appendUint32(buf, d.h[5]) -+ buf = appendUint32(buf, d.h[6]) -+ buf = appendUint32(buf, d.h[7]) -+ buf = append(buf, d.x[:d.nx]...) -+ buf = append(buf, make([]byte, len(d.x)-int(d.nx))...) -+ buf = appendUint64(buf, uint64(d.nl)>>3|uint64(d.nh)<<29) -+ return buf, nil -+} -+ -+// NewSHA384 returns a new SHA384 hash. -+func NewSHA384() hash.Hash { -+ h := sha384Hash{evpHash: newEvpHash(crypto.SHA384)} -+ if h.marshallable { -+ return &sha384Marshal{h} -+ } -+ return &h -+} -+ -+type sha384Hash struct { -+ *evpHash -+ out [384 / 8]byte -+} -+ -+func (h *sha384Hash) Sum(in []byte) []byte { -+ h.sum(h.out[:]) -+ return append(in, h.out[:]...) -+} -+ -+// Clone returns a new [hash.Hash] object that is a deep clone of itself. -+// The duplicate object contains all state and data contained in the -+// original object at the point of duplication. -+func (h *sha384Hash) Clone() (hash.Hash, error) { -+ c, err := h.clone() -+ if err != nil { -+ return nil, err -+ } -+ return &sha384Hash{evpHash: c}, nil -+} -+ -+// NewSHA512 returns a new SHA512 hash. -+func NewSHA512() hash.Hash { -+ h := sha512Hash{evpHash: newEvpHash(crypto.SHA512)} -+ if h.marshallable { -+ return &sha512Marshal{h} -+ } -+ return &h -+} -+ -+type sha512Hash struct { -+ *evpHash -+ out [512 / 8]byte -+} -+ -+func (h *sha512Hash) Sum(in []byte) []byte { -+ h.sum(h.out[:]) -+ return append(in, h.out[:]...) -+} -+ -+// Clone returns a new [hash.Hash] object that is a deep clone of itself. -+// The duplicate object contains all state and data contained in the -+// original object at the point of duplication. -+func (h *sha512Hash) Clone() (hash.Hash, error) { -+ c, err := h.clone() -+ if err != nil { -+ return nil, err -+ } -+ return &sha512Hash{evpHash: c}, nil -+} -+ +// sha512State layout is taken from +// https://github.com/openssl/openssl/blob/0418e993c717a6863f206feaa40673a261de7395/include/openssl/sha.h#L95. +type sha512State struct { @@ -4215,39 +4060,12 @@ index 00000000000000..6fd3a518906004 + marshaledSize512 = len(magic512) + 8*8 + 128 + 8 +) + -+type sha384Marshal struct { -+ sha384Hash -+} -+ -+type sha512Marshal struct { -+ sha512Hash -+} -+ -+func (h *sha384Marshal) MarshalBinary() ([]byte, error) { -+ buf := make([]byte, 0, marshaledSize512) -+ return h.AppendBinary(buf) -+} -+ -+func (h *sha512Marshal) MarshalBinary() ([]byte, error) { ++func (d *sha512State) MarshalBinary() ([]byte, error) { + buf := make([]byte, 0, marshaledSize512) -+ return h.AppendBinary(buf) ++ return d.AppendBinary(buf) +} + -+func (h *sha384Marshal) UnmarshalBinary(b []byte) error { -+ if len(b) < len(magic512) { -+ return errors.New("crypto/sha512: invalid hash state identifier") -+ } -+ if string(b[:len(magic384)]) != magic384 { -+ return errors.New("crypto/sha512: invalid hash state identifier") -+ } -+ if len(b) != marshaledSize512 { -+ return errors.New("crypto/sha512: invalid hash state size") -+ } -+ d := (*sha512State)(h.hashState()) -+ if d == nil { -+ return errors.New("crypto/sha512: can't retrieve hash state") -+ } -+ b = b[len(magic512):] ++func (d *sha512State) UnmarshalBinary(b []byte) error { + b, d.h[0] = consumeUint64(b) + b, d.h[1] = consumeUint64(b) + b, d.h[2] = consumeUint64(b) @@ -4264,63 +4082,7 @@ index 00000000000000..6fd3a518906004 + return nil +} + -+func (h *sha512Marshal) UnmarshalBinary(b []byte) error { -+ if len(b) < len(magic512) { -+ return errors.New("crypto/sha512: invalid hash state identifier") -+ } -+ if string(b[:len(magic512)]) != magic512 { -+ return errors.New("crypto/sha512: invalid hash state identifier") -+ } -+ if len(b) != marshaledSize512 { -+ return errors.New("crypto/sha512: invalid hash state size") -+ } -+ d := (*sha512State)(h.hashState()) -+ if d == nil { -+ return errors.New("crypto/sha512: can't retrieve hash state") -+ } -+ b = b[len(magic512):] -+ b, d.h[0] = consumeUint64(b) -+ b, d.h[1] = consumeUint64(b) -+ b, d.h[2] = consumeUint64(b) -+ b, d.h[3] = consumeUint64(b) -+ b, d.h[4] = consumeUint64(b) -+ b, d.h[5] = consumeUint64(b) -+ b, d.h[6] = consumeUint64(b) -+ b, d.h[7] = consumeUint64(b) -+ b = b[copy(d.x[:], b):] -+ _, n := consumeUint64(b) -+ d.nl = n << 3 -+ d.nh = n >> 61 -+ d.nx = uint32(n) % 128 -+ return nil -+} -+ -+func (h *sha384Marshal) AppendBinary(buf []byte) ([]byte, error) { -+ d := (*sha512State)(h.hashState()) -+ if d == nil { -+ return nil, errors.New("crypto/sha512: can't retrieve hash state") -+ } -+ buf = append(buf, magic384...) -+ buf = appendUint64(buf, d.h[0]) -+ buf = appendUint64(buf, d.h[1]) -+ buf = appendUint64(buf, d.h[2]) -+ buf = appendUint64(buf, d.h[3]) -+ buf = appendUint64(buf, d.h[4]) -+ buf = appendUint64(buf, d.h[5]) -+ buf = appendUint64(buf, d.h[6]) -+ buf = appendUint64(buf, d.h[7]) -+ buf = append(buf, d.x[:d.nx]...) -+ buf = append(buf, make([]byte, len(d.x)-int(d.nx))...) -+ buf = appendUint64(buf, d.nl>>3|d.nh<<61) -+ return buf, nil -+} -+ -+func (h *sha512Marshal) AppendBinary(buf []byte) ([]byte, error) { -+ d := (*sha512State)(h.hashState()) -+ if d == nil { -+ return nil, errors.New("crypto/sha512: can't retrieve hash state") -+ } -+ buf = append(buf, magic512...) ++func (d *sha512State) AppendBinary(buf []byte) ([]byte, error) { + buf = appendUint64(buf, d.h[0]) + buf = appendUint64(buf, d.h[1]) + buf = appendUint64(buf, d.h[2]) @@ -4335,118 +4097,6 @@ index 00000000000000..6fd3a518906004 + return buf, nil +} + -+// NewSHA3_224 returns a new SHA3-224 hash. -+func NewSHA3_224() hash.Hash { -+ return &sha3_224Hash{ -+ evpHash: newEvpHash(crypto.SHA3_224), -+ } -+} -+ -+type sha3_224Hash struct { -+ *evpHash -+ out [224 / 8]byte -+} -+ -+func (h *sha3_224Hash) Sum(in []byte) []byte { -+ h.sum(h.out[:]) -+ return append(in, h.out[:]...) -+} -+ -+// Clone returns a new [hash.Hash] object that is a deep clone of itself. -+// The duplicate object contains all state and data contained in the -+// original object at the point of duplication. -+func (h *sha3_224Hash) Clone() (hash.Hash, error) { -+ c, err := h.clone() -+ if err != nil { -+ return nil, err -+ } -+ return &sha3_224Hash{evpHash: c}, nil -+} -+ -+// NewSHA3_256 returns a new SHA3-256 hash. -+func NewSHA3_256() hash.Hash { -+ return &sha3_256Hash{ -+ evpHash: newEvpHash(crypto.SHA3_256), -+ } -+} -+ -+type sha3_256Hash struct { -+ *evpHash -+ out [256 / 8]byte -+} -+ -+func (h *sha3_256Hash) Sum(in []byte) []byte { -+ h.sum(h.out[:]) -+ return append(in, h.out[:]...) -+} -+ -+// Clone returns a new [hash.Hash] object that is a deep clone of itself. -+// The duplicate object contains all state and data contained in the -+// original object at the point of duplication. -+func (h *sha3_256Hash) Clone() (hash.Hash, error) { -+ c, err := h.clone() -+ if err != nil { -+ return nil, err -+ } -+ return &sha3_256Hash{evpHash: c}, nil -+} -+ -+// NewSHA3_384 returns a new SHA3-384 hash. -+func NewSHA3_384() hash.Hash { -+ return &sha3_384Hash{ -+ evpHash: newEvpHash(crypto.SHA3_384), -+ } -+} -+ -+type sha3_384Hash struct { -+ *evpHash -+ out [384 / 8]byte -+} -+ -+func (h *sha3_384Hash) Sum(in []byte) []byte { -+ h.sum(h.out[:]) -+ return append(in, h.out[:]...) -+} -+ -+// Clone returns a new [hash.Hash] object that is a deep clone of itself. -+// The duplicate object contains all state and data contained in the -+// original object at the point of duplication. -+func (h *sha3_384Hash) Clone() (hash.Hash, error) { -+ c, err := h.clone() -+ if err != nil { -+ return nil, err -+ } -+ return &sha3_384Hash{evpHash: c}, nil -+} -+ -+// NewSHA3_512 returns a new SHA3-512 hash. -+func NewSHA3_512() hash.Hash { -+ return &sha3_512Hash{ -+ evpHash: newEvpHash(crypto.SHA3_512), -+ } -+} -+ -+type sha3_512Hash struct { -+ *evpHash -+ out [512 / 8]byte -+} -+ -+func (h *sha3_512Hash) Sum(in []byte) []byte { -+ h.sum(h.out[:]) -+ return append(in, h.out[:]...) -+} -+ -+// Clone returns a new [hash.Hash] object that is a deep clone of itself. -+// The duplicate object contains all state and data contained in the -+// original object at the point of duplication. -+func (h *sha3_512Hash) Clone() (hash.Hash, error) { -+ c, err := h.clone() -+ if err != nil { -+ return nil, err -+ } -+ return &sha3_512Hash{evpHash: c}, nil -+} -+ +// appendUint64 appends x into b as a big endian byte sequence. +func appendUint64(b []byte, x uint64) []byte { + return append(b, @@ -6088,138 +5738,6 @@ index 00000000000000..5a948eafdbc6a7 + return 1; +} \ No newline at end of file -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/port_evp_md5_sha1.c b/src/vendor/github.com/golang-fips/openssl/v2/port_evp_md5_sha1.c -new file mode 100644 -index 00000000000000..50d49b1f103351 ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/port_evp_md5_sha1.c -@@ -0,0 +1,126 @@ -+// The following is a partial backport of crypto/evp/m_md5_sha1.c, -+// commit cbc8a839959418d8a2c2e3ec6bdf394852c9501e on the -+// OpenSSL_1_1_0-stable branch. The ctrl function has been removed. -+ -+/* -+ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. -+ * -+ * Licensed under the OpenSSL license (the "License"). You may not use -+ * this file except in compliance with the License. You can obtain a copy -+ * in the file LICENSE in the source distribution or at -+ * https://www.openssl.org/source/license.html -+ */ -+ -+#include "goopenssl.h" -+ -+#define NID_md5_sha1 114 -+ -+#define MD5_CBLOCK 64 -+#define MD5_LBLOCK (MD5_CBLOCK/4) -+#define MD5_DIGEST_LENGTH 16 -+#define SHA_LBLOCK 16 -+#define SHA_DIGEST_LENGTH 20 -+ -+#define EVP_PKEY_NULL_method NULL,NULL,{0,0,0,0} -+ -+// Change: MD5_LONG and SHA_LONG have been expanded to unsigned int, -+// which is always 32 bits. This avoids adding some obscure logic -+// to support 16-bit platforms. -+ -+# define MD5_LONG unsigned int -+# define SHA_LONG unsigned int -+ -+typedef struct env_md_st EVP_MD; -+typedef struct env_md_ctx_st EVP_MD_CTX; -+ -+struct env_md_ctx_st { -+ void *digest; -+ void *engine; -+ unsigned long flags; -+ void *md_data; -+ void *pctx; -+ void *update; -+} /* EVP_MD_CTX */ ; -+ -+struct env_md_st { -+ int type; -+ int pkey_type; -+ int md_size; -+ unsigned long flags; -+ int (*init) (EVP_MD_CTX *ctx); -+ int (*update) (EVP_MD_CTX *ctx, const void *data, size_t count); -+ int (*final) (EVP_MD_CTX *ctx, unsigned char *md); -+ void *copy; -+ void *cleanup; -+ void *sign; -+ void *verify; -+ int required_pkey_type[5]; -+ int block_size; -+ int ctx_size; -+ void *md_ctrl; -+} /* EVP_MD */ ; -+ -+typedef struct MD5state_st { -+ MD5_LONG A, B, C, D; -+ MD5_LONG Nl, Nh; -+ MD5_LONG data[MD5_LBLOCK]; -+ MD5_LONG num; -+} MD5_CTX; -+ -+typedef struct SHAstate_st { -+ SHA_LONG h0, h1, h2, h3, h4; -+ SHA_LONG Nl, Nh; -+ SHA_LONG data[SHA_LBLOCK]; -+ SHA_LONG num; -+} SHA_CTX; -+ -+struct md5_sha1_ctx { -+ MD5_CTX md5; -+ SHA_CTX sha1; -+}; -+ -+static int md5_sha1_init(EVP_MD_CTX *ctx) { -+ struct md5_sha1_ctx *mctx = ctx->md_data; -+ if (!go_openssl_MD5_Init(&mctx->md5)) -+ return 0; -+ return go_openssl_SHA1_Init(&mctx->sha1); -+} -+ -+static int md5_sha1_update(EVP_MD_CTX *ctx, const void *data, -+ size_t count) { -+ struct md5_sha1_ctx *mctx = ctx->md_data; -+ if (!go_openssl_MD5_Update(&mctx->md5, data, count)) -+ return 0; -+ return go_openssl_SHA1_Update(&mctx->sha1, data, count); -+} -+ -+static int md5_sha1_final(EVP_MD_CTX *ctx, unsigned char *md) { -+ struct md5_sha1_ctx *mctx = ctx->md_data; -+ if (!go_openssl_MD5_Final(md, &mctx->md5)) -+ return 0; -+ return go_openssl_SHA1_Final(md + MD5_DIGEST_LENGTH, &mctx->sha1); -+} -+ -+// Change: Removed: -+// static int ctrl(EVP_MD_CTX *ctx, int cmd, int mslen, void *ms) -+ -+static const EVP_MD md5_sha1_md = { -+ NID_md5_sha1, -+ NID_md5_sha1, -+ MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH, -+ 0, -+ md5_sha1_init, -+ md5_sha1_update, -+ md5_sha1_final, -+ NULL, -+ NULL, -+ EVP_PKEY_NULL_method, // Change: inserted -+ MD5_CBLOCK, -+ sizeof(EVP_MD *) + sizeof(struct md5_sha1_ctx), -+ NULL, // Change: was ctrl -+}; -+ -+// Change: Apply name mangling. -+const GO_EVP_MD_PTR go_openssl_EVP_md5_sha1_backport(void) { -+ return (const GO_EVP_MD_PTR)&md5_sha1_md; -+} diff --git a/src/vendor/github.com/golang-fips/openssl/v2/rand.go b/src/vendor/github.com/golang-fips/openssl/v2/rand.go new file mode 100644 index 00000000000000..9fd709635c3b40 @@ -6734,10 +6252,10 @@ index 00000000000000..da5c7636173775 +} diff --git a/src/vendor/github.com/golang-fips/openssl/v2/shims.h b/src/vendor/github.com/golang-fips/openssl/v2/shims.h new file mode 100644 -index 00000000000000..c8f599f71c0b20 +index 00000000000000..437312ad795fc3 --- /dev/null +++ b/src/vendor/github.com/golang-fips/openssl/v2/shims.h -@@ -0,0 +1,416 @@ +@@ -0,0 +1,413 @@ +#include // size_t +#include // uint64_t + @@ -6970,13 +6488,8 @@ index 00000000000000..c8f599f71c0b20 +DEFINEFUNC(int, EVP_DigestVerifyInit, (GO_EVP_MD_CTX_PTR ctx, GO_EVP_PKEY_CTX_PTR *pctx, const GO_EVP_MD_PTR type, GO_ENGINE_PTR e, GO_EVP_PKEY_PTR pkey), (ctx, pctx, type, e, pkey)) \ +DEFINEFUNC(int, EVP_DigestVerifyFinal, (GO_EVP_MD_CTX_PTR ctx, const unsigned char *sig, size_t siglen), (ctx, sig, siglen)) \ +DEFINEFUNC_1_1_1(int, EVP_DigestVerify, (GO_EVP_MD_CTX_PTR ctx, const unsigned char *sigret, size_t siglen, const unsigned char *tbs, size_t tbslen), (ctx, sigret, siglen, tbs, tbslen)) \ -+DEFINEFUNC_LEGACY_1_0(int, MD5_Init, (GO_MD5_CTX_PTR c), (c)) \ -+DEFINEFUNC_LEGACY_1_0(int, MD5_Update, (GO_MD5_CTX_PTR c, const void *data, size_t len), (c, data, len)) \ -+DEFINEFUNC_LEGACY_1_0(int, MD5_Final, (unsigned char *md, GO_MD5_CTX_PTR c), (md, c)) \ -+DEFINEFUNC_LEGACY_1_0(int, SHA1_Init, (GO_SHA_CTX_PTR c), (c)) \ -+DEFINEFUNC_LEGACY_1_0(int, SHA1_Update, (GO_SHA_CTX_PTR c, const void *data, size_t len), (c, data, len)) \ -+DEFINEFUNC_LEGACY_1_0(int, SHA1_Final, (unsigned char *md, GO_SHA_CTX_PTR c), (md, c)) \ +DEFINEFUNC_1_1(const GO_EVP_MD_PTR, EVP_md5_sha1, (void), ()) \ ++DEFINEFUNC(const GO_EVP_MD_PTR, EVP_ripemd160, (void), ()) \ +DEFINEFUNC(const GO_EVP_MD_PTR, EVP_md4, (void), ()) \ +DEFINEFUNC(const GO_EVP_MD_PTR, EVP_md5, (void), ()) \ +DEFINEFUNC(const GO_EVP_MD_PTR, EVP_sha1, (void), ()) \ @@ -6984,6 +6497,8 @@ index 00000000000000..c8f599f71c0b20 +DEFINEFUNC(const GO_EVP_MD_PTR, EVP_sha256, (void), ()) \ +DEFINEFUNC(const GO_EVP_MD_PTR, EVP_sha384, (void), ()) \ +DEFINEFUNC(const GO_EVP_MD_PTR, EVP_sha512, (void), ()) \ ++DEFINEFUNC_1_1_1(const GO_EVP_MD_PTR, EVP_sha512_224, (void), ()) \ ++DEFINEFUNC_1_1_1(const GO_EVP_MD_PTR, EVP_sha512_256, (void), ()) \ +DEFINEFUNC_1_1_1(const GO_EVP_MD_PTR, EVP_sha3_224, (void), ()) \ +DEFINEFUNC_1_1_1(const GO_EVP_MD_PTR, EVP_sha3_256, (void), ()) \ +DEFINEFUNC_1_1_1(const GO_EVP_MD_PTR, EVP_sha3_384, (void), ()) \ @@ -7326,7 +6841,7 @@ index 00000000000000..93281d6cffc352 +} diff --git a/src/vendor/github.com/golang-fips/openssl/v2/tls1prf.go b/src/vendor/github.com/golang-fips/openssl/v2/tls1prf.go new file mode 100644 -index 00000000000000..f342f221ea0c92 +index 00000000000000..33134548830d3e --- /dev/null +++ b/src/vendor/github.com/golang-fips/openssl/v2/tls1prf.go @@ -0,0 +1,160 @@ @@ -7367,7 +6882,7 @@ index 00000000000000..f342f221ea0c92 + // that the caller wants to use TLS 1.0/1.1 PRF. + // OpenSSL detects this case by checking if the hash + // function is MD5SHA1. -+ md = cryptoHashToMD(crypto.MD5SHA1) ++ md = loadHash(crypto.MD5SHA1).md + } else { + h, err := hashFuncHash(fh) + if err != nil {