Adds ACVP test coverage for the SP 800-185 cSHAKE-128 and cSHAKE-256
algorithms based on the NIST spec:
https://pages.nist.gov/ACVP/draft-celi-acvp-xof.html
Updates #69642
Change-Id: I4a6ef9a99dfe520f3177e0e7c258326475690f5f
Reviewed-on: https://go-review.googlesource.com/c/go/+/648455
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Auto-Submit: Roland Shoemaker <roland@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Adds ACVP test coverage for the SP 800-56Brev2 KTS-OAEP-basic algorithm
based on the NIST spec:
https://pages.nist.gov/ACVP/draft-hammett-acvp-kas-ifc.html
Change-Id: I31240af30a73ee9f0ef00f47129738860378ea8f
Reviewed-on: https://go-review.googlesource.com/c/go/+/648436
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Auto-Submit: Roland Shoemaker <roland@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Adds ACVP test coverage for the SP 800-56Crev2 IG D.P KDA
OneStepNoCounter mode algorithm based on the NIST spec:
https://pages.nist.gov/ACVP/draft-hammett-acvp-kas-kdf-onestepnocounter.html
Coverage is added for all SHA2 and SHA3 HMACs.
Updates #69642
Change-Id: I337bf824a71fce6c796a1440b7f08c4f5413d92f
Reviewed-on: https://go-review.googlesource.com/c/go/+/648435
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Roland Shoemaker <roland@golang.org>
Currently one of the reasons experimental events are tricky to use is
because:
- There's no way to take advantage of the existing infrastructure, like
strings and stacks, and
- There's no way to attach arbitrary data to an event (except through
strings, possibly).
Fix this by abstracting away the raw arguments in an ExperimentalEvent
and requiring access to the arguments via a new method, ArgValue. This
returns a Value, which gives us an opportunity to construct a typed
value for the raw argument dynamically, and a way to access existing
tables. The type of the argument is deduced from conventions for the
argument's name. This seems more than sufficient for experimental
events.
To make this work, we also need to add a "string" variant to the Value
type. This may be a little confusing since they're primarily used for
metrics, but one could imagine other scenarios in which this is useful,
such as including build information in the trace as a metric, so I think
this is fine.
This change also updates the Value API to accomodate a String method for
use with things that expect a fmt.Stringer, which means renaming the
value assertion methods to have a "To" prefix.
Change-Id: I43a2334f6cd306122c5b94641a6252ca4258b39f
Reviewed-on: https://go-review.googlesource.com/c/go/+/645135
Reviewed-by: Michael Pratt <mpratt@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Michael Knyszek <mknyszek@google.com>
These fake P IDs really only belong to the traceviewer.
Change-Id: I7976beb5750f1efca85e28975074a8c570a9c959
Reviewed-on: https://go-review.googlesource.com/c/go/+/644876
Reviewed-by: Michael Pratt <mpratt@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Michael Knyszek <mknyszek@google.com>
parser.go is an old file that contains trace v1 definitions and a second
equivalent definition for stack frames. These are redundant and useless.
Delete these definitions and rename the file to fakep.go, which
describes the only thing left in this file, a bunch of fake P IDs used
by the trace viewer.
We should consider moving the fake P definitions elsewhere, too.
Change-Id: Ifd0768bd73c39009069445afe0155f1e352f00c3
Reviewed-on: https://go-review.googlesource.com/c/go/+/644875
Reviewed-by: Michael Pratt <mpratt@google.com>
Auto-Submit: Michael Knyszek <mknyszek@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
This change deduplicates trace wire format definitions between the
runtime and the trace parser by making the internal/trace/tracev2
package the source of truth.
Change-Id: Ia0721d3484a80417e40ac473ec32870bee73df09
Reviewed-on: https://go-review.googlesource.com/c/go/+/644221
Auto-Submit: Michael Knyszek <mknyszek@google.com>
Reviewed-by: Michael Pratt <mpratt@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
This change moves maxArgs to tracev2 and renames it MaxTimedEventArgs.
It also updates the tests to make sure the specs conform to this
requirement.
Change-Id: I7b0c888a4dfd83306a470a4c9b0f9e44fe2e7818
Reviewed-on: https://go-review.googlesource.com/c/go/+/646016
TryBot-Bypass: Michael Knyszek <mknyszek@google.com>
Reviewed-by: Michael Pratt <mpratt@google.com>
Auto-Submit: Michael Knyszek <mknyszek@google.com>
This change adds a test to help guide people adding experiments to this
package by validating that the spec is written correctly.
Also, makes some minor tweaks to the package in order to get the tests
to pass.
Change-Id: I3daa420c5a9ec3ea536415c8e5d06f41666a9566
Reviewed-on: https://go-review.googlesource.com/c/go/+/646015
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Michael Pratt <mpratt@google.com>
Auto-Submit: Michael Knyszek <mknyszek@google.com>
The bat files can use "if" + parentheses to make it easier to
understand how the if-case is handled rather than the more cryptic
"if" + "goto".
While here, replace some "goto"s with direct "exit" calls.
Change-Id: I20e1804439b5088f8f1e5cbf8676f3d58560109d
Reviewed-on: https://go-review.googlesource.com/c/go/+/648375
Auto-Submit: Damien Neil <dneil@google.com>
Reviewed-by: Damien Neil <dneil@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Cherry Mui <cherryyz@google.com>
Allows git core.sshcommand to take effect when set by the user.
This was originally added to work around an issue in
OpenSSH < 7.3 (2016), see https://go.dev/issue/13453 .
A fixed version of OpenSSH should be widely available enough
that it is no longer necessary
Fixes#71482
Change-Id: I6f44cc354e8a4063e226cac78ec27117fcc40e93
Reviewed-on: https://go-review.googlesource.com/c/go/+/647995
Reviewed-by: Sam Thanawalla <samthanawalla@google.com>
Auto-Submit: Daniel Martí <mvdan@mvdan.cc>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Michael Matloob <matloob@golang.org>
CL 648195 was supposed to have fixed#71615, but it didn't include an
update to r.syncs. I can confirm this CL fixes the issue even when
running the test many times in a row.
Fixes#71615.
Change-Id: I97db3d639dc5bc8648a191696f90b0e5087307c8
Reviewed-on: https://go-review.googlesource.com/c/go/+/648315
Auto-Submit: Michael Knyszek <mknyszek@google.com>
Reviewed-by: Cherry Mui <cherryyz@google.com>
TryBot-Bypass: Michael Knyszek <mknyszek@google.com>
Change-Id: I1e5085ff2ed7f3d75ac3dc34ab72be6b55729fb7
Reviewed-on: https://go-review.googlesource.com/c/go/+/647575
Auto-Submit: Ian Lance Taylor <iant@google.com>
Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Commit-Queue: Ian Lance Taylor <iant@google.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
For #67002
Change-Id: Id6c3a2096bd10f5f5f6921a0441dc6d9e6cdeb3b
Reviewed-on: https://go-review.googlesource.com/c/go/+/645718
Commit-Queue: Damien Neil <dneil@google.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Damien Neil <dneil@google.com>
Adds ACVP test coverage for the SP 800-108r1 KDF feedback mode algorithm
based on the NIST spec:
https://pages.nist.gov/ACVP/draft-celi-acvp-kbkdf.html
The HKDF-based implementation in our FIPS module fixes some parameters,
requiring tailoring of the advertised capability to match. Notably:
* We only support fixedDataOrder "after fixed data"
* We only support a counter length of 8 bits
* We only support empty IVs
No acvp_test.config.json update accompanies this support because the
ACVP tests for this algorithm aren't amenable to fixed data testing.
Updates #69642
Change-Id: I729e899377a64d2b613d6435241aebabeef93bca
Reviewed-on: https://go-review.googlesource.com/c/go/+/640016
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Adds ACVP test coverage for the RSA algorithm based on the NIST spec:
https://pages.nist.gov/ACVP/draft-celi-acvp-rsa.html
Includes coverage for keyGen, sigGen and sigVer across a variety of
modulus sizes. For sigGen and sigVer both PKCS1v1.5 and PSS are
supported with a variety of SHA2 digests.
The static test data from go-acvp only includes sigVer vectors/expected.
The keyGen and sigGen test types aren't amenable to fixed data testing.
Updates #69642
Change-Id: Ia61a69115f2d2a984b95435a37d4c9c6db90a89a
Reviewed-on: https://go-review.googlesource.com/c/go/+/642135
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Adds ACVP test coverage for the SP 800-108r1 KDF counter mode algorithm
based on the NIST spec:
https://pages.nist.gov/ACVP/draft-celi-acvp-kbkdf.html
The implementation in our FIPS module fixes some parameters, requiring
tailoring of the advertised capability to match. Notably:
* We only support macModes CMAC-AES-128, -192, and -256
* We only support supportedLengths 256 (matching the [32]byte output
from CounterKDF.DeriveKey)
* We only support fixedDataOrder "before fixed data"
* We only support counterLength 16
No acvp_test.config.json update accompanies this support because the
ACVP tests for this algorithm aren't amenable to fixed data testing.
Updates #69642
Change-Id: I9e02d6c8cb6e209ac8e4c9fba926fffbad916098
Reviewed-on: https://go-review.googlesource.com/c/go/+/639776
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Adds ACVP test coverage for the SP 800-90A rev 1 ctrDRBG algorithm based
on the NIST spec:
https://pages.nist.gov/ACVP/draft-vassilev-acvp-drbg.html#section-7.2
The implementation in our FIPS module is a minimal implementation
tailored to the specific needs of stdlib crypto. As a result we
customize the ACVP capability registration so that:
* predResistanceEnabled is false
* only mode AES-256 is supported
* for that mode,
* derFuncEnabled is false
* persoStringLen is 0 to disable personalization
* additionalInputLen is 384 to match the [48]byte argument in our API
Other capability values are chosen based on Table 4's ctrDRBG AES-256
w/o `derFuncEnabled` row:
https://pages.nist.gov/ACVP/draft-vassilev-acvp-drbg.html#section-7.4
We do enable reseed in the capability, necessitating two acvptool
commands: one that expects only 6 args and doesn't reseed
("ctrDRBG/AES-256"), and one that expects 8 args and does
("ctrDRBG-reseed/AES-256").
Updates #69642
Change-Id: I0f01a2f9496f45b130ee7d10916708093236f473
Reviewed-on: https://go-review.googlesource.com/c/go/+/639795
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Since CL 644215 each Sync event now represents the coming generation,
with a final Sync event emitted even when there's nothing ahead. This
change however failed to emit a Sync event at the end of a completely
valid generation when the next generation was invalid, causing the
runtime test TestCrashWhileTracing to start failing.
Fix this by emitting a final Sync event even when the next generation is
broken. We hold onto the error in parsing the next generation and emit
it after that final Sync event.
(Should these "final" Sync events distinguish themselves in some way?)
Fixes#71615.
Change-Id: I1f8abee5abaa39e1219e6fa05e9f82f1478db4c9
Cq-Include-Trybots: luci.golang.try:gotip-linux-amd64-longtest
Reviewed-on: https://go-review.googlesource.com/c/go/+/648195
Auto-Submit: Michael Knyszek <mknyszek@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Cherry Mui <cherryyz@google.com>
Adds ACVP test coverage for the Sp800-56Ar3 KAS-ECC-SSC algorithm based
on the NIST spec:
https://pages.nist.gov/ACVP/draft-hammett-acvp-kas-ssc-ecc.html
There's no acvp_test.config.json update for this algorithm as one test
type type requires random key generation and can't be separated from the
test type that doesn't, making it a bad fit for static data testing.
Updates #69642
Change-Id: I3b6538fad1c1e5c8b14b638ff3b933f11e98f75a
Reviewed-on: https://go-review.googlesource.com/c/go/+/637916
Reviewed-by: Roland Shoemaker <roland@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Adds ACVP test coverage for the SP 800-135rev1 SSH KDF based on the NIST
spec:
https://pages.nist.gov/ACVP/draft-celi-acvp-kdf-ssh.html
Only SHA1, SHA2-224, SHA2-256, SHA2-384, and SHA2-512 are valid hash
algorithms for the SSH KDF algorithm. We do not include SHA-1 since it
is out of scope for our FIPS module.
Similarly only TDES, AES-128, AES-192 and AES-256 are valid ciphers, and
we do not include TDES.
Updates #69642
Change-Id: I70e45b77a91bd8aa631da30fab54c97e974f433c
Reviewed-on: https://go-review.googlesource.com/c/go/+/636355
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
We can just use == if the interface is direct.
Fixes#70738
Change-Id: Ia9a644791a370fec969c04c42d28a9b58f16911f
Reviewed-on: https://go-review.googlesource.com/c/go/+/635435
Auto-Submit: Keith Randall <khr@golang.org>
Reviewed-by: Cuong Manh Le <cuong.manhle.vn@gmail.com>
Reviewed-by: Cherry Mui <cherryyz@google.com>
Reviewed-by: David Chase <drchase@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
The error is stored internally in *bio.Writer, more specifically
in *bufio.Writer and the current code does not handle it, ignoring
errors silently.
Change-Id: Iefa9bf7ddabb3c4fc03377e676a8098dcad9be6d
GitHub-Last-Rev: a5d36223312773039c37bb1c52fffc96fff04fba
GitHub-Pull-Request: golang/go#71621
Reviewed-on: https://go-review.googlesource.com/c/go/+/647915
Reviewed-by: Keith Randall <khr@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Keith Randall <khr@google.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Auto-Submit: Keith Randall <khr@golang.org>
Recognize and allow all LoongArch-specific CFLAGS as standardized
in the LoongArch Toolchain Conventions v1.1, and implemented in current
versions of GCC and Clang, to enable advanced cgo use cases on loong64.
These flags are also allowed for linker invocations in case of possible
LTO.
See: https://github.com/loongson/la-toolchain-conventions/blob/releases/v1.1/LoongArch-toolchain-conventions-EN.adoc#list
While at it, also add support for -mtls-dialect as some C programs
may benefit performance-wise from the optional TLSDESC usage. This flag
is not specific to loong64 though; it is available for amd64, arm,
arm64, loong64, riscv64 and x86.
Fixes#71597.
Change-Id: I35d2507edb71fa324ae429a3ae3c739644a9cac1
Reviewed-on: https://go-review.googlesource.com/c/go/+/647956
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Commit-Queue: Ian Lance Taylor <iant@google.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Reviewed-by: Cherry Mui <cherryyz@google.com>
Reviewed-by: abner chenc <chenguoqi@loongson.cn>
Reviewed-by: Meidan Li <limeidan@loongson.cn>
time.Time has had an AppendFormat method since go1.5 so there's no
need to carry around a custom implementation.
Change-Id: I8e7e5a9ac34e8bf251f5d70555405777ce4e22a8
Reviewed-on: https://go-review.googlesource.com/c/go/+/647955
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Reviewed-by: Damien Neil <dneil@google.com>
Auto-Submit: Ian Lance Taylor <iant@golang.org>
These two packages were historically separate in an attempt to provide a
unified description of trace v1 and trace v2 formats. In practice this
turned out to be pointless, since it made more sense to keep the trace
v1 parser in a self-contained bubble with a converter to v2. Future
trace wire format migrations should probably just follow the same
general strategy, if there's a substantial change. (Minor changes can be
handled more organically.)
Change-Id: Ic765df62065fe53cfae59b505297527c3fa42dfb
Reviewed-on: https://go-review.googlesource.com/c/go/+/645395
Auto-Submit: Michael Knyszek <mknyszek@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Michael Pratt <mpratt@google.com>
Currently testgen only generates Go 1.22 tests. Allow generating tests
for different versions, especially now that we've tightened up which
events can be emitted by different versions.
Change-Id: Ia64309c6934f34eace03b3229d05fca5acfc7366
Reviewed-on: https://go-review.googlesource.com/c/go/+/644220
Reviewed-by: Michael Pratt <mpratt@google.com>
Auto-Submit: Michael Knyszek <mknyszek@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Currently all v2 trace versions, Go 1.22 and Go 1.23, share a full set
of specs. This is mostly OK, but it means quite a few events will be
accepted for 1.22 traces that should be rejected. This change fixes that
by limiting which event specs are returned by version.Version.Specs for
Go 1.22.
While we're here, let's be stricter about event names too, and move
tracev2.EventString to be a method on the version, so we can be more
precise. An intended consequence of this move is that tracev2 no longer
depends on fmt, since we will want the runtime to depend on tracev2 in
the near future.
Change-Id: If7285460c8ba59ab73da00993b7b12e61cdfe6a9
Reviewed-on: https://go-review.googlesource.com/c/go/+/644219
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Michael Knyszek <mknyszek@google.com>
Reviewed-by: Michael Pratt <mpratt@google.com>
This change follows up from the previous one which renamed oldtrace to
tracev1, defining everything Go 1.22+ as trace v2.
This change also re-maps some packages in preparation for sharing with
other parts of the standard library, like the runtime. It also cleans up
some other uses of 'go122' that are just a bit misleading. The mappings
are as follows:
- internal/trace/event -> internal/trace/tracev2/event
- internal/trace/event/go122 -> internal/trace/tracev2
- internal/trace/internal/testgen/go122 ->
internal/trace/internal/testgen
The CL updates all import paths and runs gofmt -w -s on the entire
subdirectory.
Change-Id: I35476c679a96d4eafad6b94bac5f88aa7b085d2f
Reviewed-on: https://go-review.googlesource.com/c/go/+/644218
Auto-Submit: Michael Knyszek <mknyszek@google.com>
Reviewed-by: Michael Pratt <mpratt@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
synctest.Run waits for all bubbled goroutines to exit before returning.
Establish a happens-before relationship between the bubbled goroutines
exiting and Run returning.
For #67434
Change-Id: Ibda7ec2075ae50838c0851e60dc5b3c6f3ca70fb
Reviewed-on: https://go-review.googlesource.com/c/go/+/647755
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Damien Neil <dneil@google.com>
Reviewed-by: Michael Pratt <mpratt@google.com>
Currently Root embeds a root and calls SetFinalizer on &r.root. This
sets the finalizer on the outer root, which is visible to users of
os.Root, and thus they can mutate the finalizer attached to it.
This change modifies Root to not embed its inner root, but rather to
refer to it by pointer. This allows us to set the finalizer on this
independent inner object, preventing users of os.Root from changing the
finalizer. This follows the same pattern as os.File's finalizer.
Fixes#71617.
Change-Id: Ibd199bab1b3c877d5e12ef380fd4647b4e10221f
Reviewed-on: https://go-review.googlesource.com/c/go/+/647876
Auto-Submit: Michael Knyszek <mknyszek@google.com>
Reviewed-by: Damien Neil <dneil@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Adds ACVP test coverage for the SP 800-56Crev2 IG 2.4.B TLS v1.3 KDF
based on the NIST spec:
https://pages.nist.gov/ACVP/draft-hammett-acvp-kdf-tls-v1.3.html
Only SHA2-256 and SHA2-384 are valid hash algorithms for the TLS1.3 KDF
algorithm.
The BoringSSL acvptool "lowers" the more complicated TLS 1.3 KDF ACVP
test cases into simple invocations of our module wrapper's pre-existing
HKDF commands, and the new "HKDFExtract/$HASH" and
"HKDFExpandLabel/$HASH" commands added in this branch.
Updates #69642
Change-Id: I5fb1af5b5b33c1845b27cf8968e6523e89bcc589
Reviewed-on: https://go-review.googlesource.com/c/go/+/636117
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Adds ACVP test coverage for the SP 800-135rev1 RFC 7627 TLS v1.2 KDF
based on the NIST spec:
https://pages.nist.gov/ACVP/draft-celi-acvp-kdf-tls.html
Only SHA2-256, SHA2-384 and SHA2-512 are valid hash algorithms for the
TLSKDF algorithm.
Updates #69642
Change-Id: I553d4f6a1d6652ed486af0e2c94730c8063fb47f
Reviewed-on: https://go-review.googlesource.com/c/go/+/636116
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: David Chase <drchase@google.com>
Adds ACVP test coverage for the SP 800-56Crev2 HKDF KDA based on the
NIST spec:
https://pages.nist.gov/ACVP/draft-hammett-acvp-kas-kdf-hkdf.html
Updates #69642
Change-Id: Ie4f48f9b0181eaf6c2201a9796d366a31c474eba
Reviewed-on: https://go-review.googlesource.com/c/go/+/636115
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
This commit adds ACVP test coverage for SHAKE-128 and SHAKE-256
based on the NIST spec:
https://pages.nist.gov/ACVP/draft-celi-acvp-sha3.html
Updates #69642
Change-Id: Ia6899def452fcb63a03603b7919fcb0c3576474b
Reviewed-on: https://go-review.googlesource.com/c/go/+/622395
Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
TryBot-Bypass: Dmitri Shuralyov <dmitshur@golang.org>
Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org>
Reviewed-by: Cherry Mui <cherryyz@google.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
The existing documentation is not certain in the place regarding requirements about AES key.
Added some notes for precise description.
Change-Id: I190562ab7c1566cce8e7771f9927d738c72880ce
GitHub-Last-Rev: 6565a8f4e5b37220fd14d55e876b809b2d763b7c
GitHub-Pull-Request: golang/go#71589
Reviewed-on: https://go-review.googlesource.com/c/go/+/647336
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Reviewed-by: Jorropo <jorropo.pgm@gmail.com>
Auto-Submit: Jorropo <jorropo.pgm@gmail.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Change-Id: I4d0b5919d109f768ba04ab519e8f948a5749a752
GitHub-Last-Rev: 6f27f1193c21bb10e3b81660b4271f2c1f33be1e
GitHub-Pull-Request: golang/go#70520
Reviewed-on: https://go-review.googlesource.com/c/go/+/631076
Run-TryBot: Rob Pike <r@golang.org>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Reviewed-by: Rob Pike <r@golang.org>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
The bytes package iterators return subslices, not substrings.
Updates #61901.
Change-Id: Ida91d3e33a0f178edfe9a267861adf4f13f9a965
Reviewed-on: https://go-review.googlesource.com/c/go/+/647875
Reviewed-by: Ian Lance Taylor <iant@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Each plugin is compiled as a separate shared object,
with its own symbol table. When dynamic linking plugin symbols
are resolved within the plugin's scope, not globally merged to
avoid conflicts.
Change-Id: I9e6986085855c17fbd6c39b937cb6129d216f5e9
Reviewed-on: https://go-review.googlesource.com/c/go/+/435015
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Joel Sing <joel@sing.id.au>
Reviewed-by: Michael Pratt <mpratt@google.com>
Reviewed-by: Cherry Mui <cherryyz@google.com>
Use the same code pattern for sends and receives and factor it out
into a new helper method Checker.chanElem.
Provide the exact error cause rather than simply referring to the
core type.
For #70128.
Change-Id: I4a0b597a487b78c057eebe06c4ac28f9bf1f7719
Reviewed-on: https://go-review.googlesource.com/c/go/+/647455
Auto-Submit: Robert Griesemer <gri@google.com>
Reviewed-by: Robert Findley <rfindley@google.com>
Reviewed-by: Robert Griesemer <gri@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Change-Id: I97ecbc6fc0c73c6d8469144f86a7ad8c2655a658
Reviewed-on: https://go-review.googlesource.com/c/go/+/638581
Reviewed-by: Robert Griesemer <gri@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Ian Lance Taylor <iant@golang.org>
Reviewed-by: Cherry Mui <cherryyz@google.com>
Consolidate release/deactivation into a single doRelease method.
It needs to check GOOS for backward compatibility, but it's
simpler to keep all the logic in one place.
Change-Id: I242eb084d44d2682f862a8fbf55c410fb8c53358
Reviewed-on: https://go-review.googlesource.com/c/go/+/638580
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Ian Lance Taylor <iant@golang.org>
Reviewed-by: Michael Knyszek <mknyszek@google.com>
Reviewed-by: Cherry Mui <cherryyz@google.com>
There is no reason to use a cleanup/finalizer for a Process that
doesn't use a handle, because Release doesn't change anything visible
about the process.
For #70907
Change-Id: I3b92809175523ceee2e07d601cc2a8e8b86321e0
Reviewed-on: https://go-review.googlesource.com/c/go/+/638579
Reviewed-by: Carlos Amedee <carlos@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Ian Lance Taylor <iant@golang.org>
Reviewed-by: Michael Knyszek <mknyszek@google.com>
