Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

golang binary missing vendored openssl fips patches. #186

Closed
sipasing opened this issue May 6, 2024 · 7 comments · Fixed by #190
Closed

golang binary missing vendored openssl fips patches. #186

sipasing opened this issue May 6, 2024 · 7 comments · Fixed by #190

Comments

@sipasing
Copy link
Contributor

sipasing commented May 6, 2024
edited
Loading

I am building golang v1.22.0 in fips mode on linux by applying patches provided by this repo.

RUN git clone https://github.com/golang-fips/go.git golang-fips &&     cd golang-fips && ./scripts/full-initialize-repo.sh go$GOLANG_VER &&     cd go/src && ./make.bash --no-clean

But when i run go tool , I dont see vendored openssl code inside them.

go tool nm /golang-fips/go/bin/go | grep -i openssl
go tool nm /golang-fips/go/bin/go | grep -i fips
  f8f270 D crypto/internal/boring/fipstls.required
  f15d30 D crypto/tls.defaultCipherSuitesFIPS
  f15e30 D crypto/tls.defaultFIPSCipherSuitesTLS13
  f15d10 D crypto/tls.defaultFIPSCurvePreferences
  f15d50 D crypto/tls.fipsSupportedSignatureAlgorithms

Previous go version i built (go v1.20.12) used to show all vendored openssl-fips cgo symbols.

go tool nm /bin/go | grep -i DLOPEN_OPENSSL
  97d370 T _cgo_b68ed06c1ed7_Cfunc__goboringcrypto_DLOPEN_OPENSSL
  5e3ce0 t vendor/github.com/golang-fips/openssl-fips/openssl._Cfunc__goboringcrypto_DLOPEN_OPENSSL.abi0
 1067e28 d vendor/github.com/golang-fips/openssl-fips/openssl._cgo_b68ed06c1ed7_Cfunc__goboringcrypto_DLOPEN_OPENSSL

Am i missing some recent configuration change that is required ?

go env | grep GOEXPERIMENT
GOEXPERIMENT="strictfipsruntime"
env |grep FIPS
GOLANG_FIPS=1
go env | grep CGO_ENABLED 
CGO_ENABLED="1"
@dbenoit17
Copy link
Collaborator

dbenoit17 commented May 6, 2024
edited
Loading

The setup-initial-patch.sh script only generates the patches. They must be applied separately. full-initialize-repo.sh will do both.

We should clarify this in the readme. Happy to leave the issue open until then.

@sipasing
Copy link
Contributor Author

sipasing commented May 6, 2024

Very sorry, that was a copy paste error in the original post. I meant to type

RUN git clone https://github.com/golang-fips/go.git golang-fips &&     cd golang-fips && ./scripts/full-initialize-repo.sh go$GOLANG_VER &&     cd go/src && ./make.bash --no-clean

LEt me update my initial comment also.

@dbenoit17
Copy link
Collaborator

Ah! One thing to note, the symbol names have changed with the inclusion of the golang-fips/openssl@v2 backend in Go 1.22. I don't think that's the issue though if go tool nm /golang-fips/go/bin/go | grep -i openssl doesn't produce any match. After the script is run, is there a src/vendor/github.com/golang-fips/openssl directory? Could you paste the output from full-initialize-repo.sh and make.bash?

@sipasing
Copy link
Contributor Author

sipasing commented May 6, 2024

I don't think that's the issue though if go tool nm /golang-fips/go/bin/go | grep -i openssl doesn't produce any match.

Yep. we were hoping for some output. After my last post, I installed glibc-static on my build host and got one match

go tool nm /golang-fips/go/bin/go | grep -i openssl
  73f860 T vendor/github.com/golang-fips/openssl/v2/bbig.Enc

Full output of full-initialize-repo.sh and make.bash

Cloning into 'golang-fips'...
Host Go Version:
go version go1.20.12 linux/amd64
Host Go Env:
GO111MODULE=""
GOARCH="amd64"
GOBIN=""
GOCACHE="/root/.cache/go-build"
GOENV="/root/.config/go/env"
GOEXE=""
GOEXPERIMENT=""
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GOINSECURE=""
GOMODCACHE="/root/go/pkg/mod"
GONOPROXY=""
GONOSUMDB=""
GOOS="linux"
GOPATH="/root/go"
GOPRIVATE=""
GOPROXY="https://proxy.golang.org,direct"
GOROOT="/usr/lib/golang"
GOSUMDB="sum.golang.org"
GOTMPDIR=""
GOTOOLDIR="/usr/lib/golang/pkg/tool/linux_amd64"
GOVCS=""
GOVERSION="go1.20.12"
GCCGO="gccgo"
GOAMD64="v1"
AR="ar"
CC="gcc"
CXX="g++"
CGO_ENABLED="1"
GOMOD="/dev/null"
GOWORK=""
CGO_CFLAGS="-O2 -g"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-O2 -g"
CGO_FFLAGS="-O2 -g"
CGO_LDFLAGS="-O2 -g"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -m64 -pthread -Wl,--no-gc-sections -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build1710500127=/tmp/go-build -gno-record-gcc-switches"
++ pwd
+ ROOT=/golang-fips
+ trap cleanup EXIT
+ replacement=
+ getopts r: o
+ shift 0
+ ./scripts/setup-go-submodule.sh go1.22.0
+ GIT_REF=go1.22.0
+++ dirname ./scripts/setup-go-submodule.sh
++ readlink -f ./scripts
+ SCRIPT_DIR=/golang-fips/scripts
+++ dirname ./scripts/setup-go-submodule.sh
++ readlink -f ./scripts/../config
+ CONFIG_DIR=/golang-fips/config
+ '[' -z go1.22.0 ']'
+ git submodule add --force https://github.com/golang/go.git
Cloning into '/golang-fips/go'...
+ git submodule update
+ pushd go
+ git fetch
/golang-fips/go /golang-fips
+ git checkout go1.22.0
Note: switching to 'go1.22.0'.

You are in 'detached HEAD' state. You can look around, make experimental
changes and commit them, and you can discard any commits you make in this
state without impacting any branches by switching back to a branch.

If you want to create a new branch to retain commits you create, you may
do so (now or later) by using -c with the switch command. Example:

  git switch -c <new-branch-name>

Or undo this operation with:

  git switch -

Turn off this advice by setting config variable advice.detachedHead to false

HEAD is now at a10e42f219 [release-branch.go1.22] go1.22.0
++ git branch --show-current
++ wc -l
/golang-fips
+ [[ 0 == \1 ]]
+ popd
+ cd ./go
++ git rev-parse HEAD

/golang-fips/go/src /golang-fips/go
+ ORIGINAL_GIT_SHA=a10e42f219abb9c5bc4e7d86d9464700a42c7d57
+ echo
+ pushd ./src
+ ./make.bash
Building Go cmd/dist using /usr/lib/golang. (go1.20.12 linux/amd64)
Building Go toolchain1 using /usr/lib/golang.
Building Go bootstrap cmd/go (go_bootstrap) using Go toolchain1.
Building Go toolchain2 using go_bootstrap and Go toolchain1.
Building Go toolchain3 using go_bootstrap and Go toolchain2.
Building packages and commands for linux/amd64.
---
Installed Go for linux/amd64 in /golang-fips/go
Installed commands in /golang-fips/go/bin
*** You need to add /golang-fips/go/bin to your PATH.
+ popd
+ /golang-fips/scripts/apply-initial-patch.sh
/golang-fips/go
+ git apply -v ../patches/000-initial-setup.patch
Checking patch src/cmd/go/testdata/script/gopath_std_vendor.txt...
Checking patch src/crypto/ecdh/ecdh_test.go...
Checking patch src/crypto/ecdsa/ecdsa_test.go...
Checking patch src/crypto/ecdsa/equal_test.go...
Checking patch src/crypto/ed25519/ed25519_test.go...
Checking patch src/crypto/ed25519/ed25519vectors_test.go...
Checking patch src/crypto/internal/backend/boringtest/config.go...
Checking patch src/crypto/internal/backend/dummy.s...
Checking patch src/crypto/internal/backend/nobackend.go...
Checking patch src/crypto/internal/backend/openssl.go...
Checking patch src/crypto/internal/backend/bbig/big.go...
Checking patch src/crypto/rsa/pkcs1v15_test.go...
Checking patch src/crypto/rsa/pss_test.go...
Checking patch src/crypto/rsa/rsa.go...
Hunk #1 succeeded at 534 (offset 25 lines).
Hunk #2 succeeded at 724 (offset 44 lines).
Checking patch src/crypto/rsa/rsa_test.go...
Hunk #6 succeeded at 677 (offset 10 lines).
Hunk #7 succeeded at 704 (offset 10 lines).
Hunk #8 succeeded at 751 (offset 10 lines).
Hunk #9 succeeded at 770 (offset 10 lines).
Checking patch src/crypto/tls/boring.go...
Checking patch src/crypto/tls/boring_test.go...
Hunk #4 succeeded at 234 (offset -2 lines).
Hunk #5 succeeded at 330 (offset -2 lines).
Hunk #6 succeeded at 367 (offset -2 lines).
Hunk #7 succeeded at 398 (offset -2 lines).
Hunk #8 succeeded at 430 (offset -2 lines).
Hunk #9 succeeded at 452 (offset -2 lines).
Hunk #10 succeeded at 460 (offset -2 lines).
Hunk #11 succeeded at 484 (offset -2 lines).
Hunk #12 succeeded at 510 (offset -2 lines).
Hunk #13 succeeded at 537 (offset -2 lines).
Hunk #14 succeeded at 559 (offset -2 lines).
Hunk #15 succeeded at 596 (offset -2 lines).
Checking patch src/crypto/tls/cipher_suites.go...
Hunk #1 succeeded at 378 (offset 24 lines).
Checking patch src/crypto/tls/common.go...
Hunk #2 succeeded at 1041 (offset 46 lines).
Checking patch src/crypto/tls/handshake_client_test.go...
Hunk #1 succeeded at 2198 (offset 42 lines).
Checking patch src/crypto/tls/key_schedule.go...
Hunk #2 succeeded at 60 (offset 1 line).
Hunk #3 succeeded at 91 (offset 1 line).
Checking patch src/crypto/x509/boring_test.go...
Checking patch src/crypto/x509/x509_test.go...
Hunk #2 succeeded at 129 (offset 2 lines).
Hunk #3 succeeded at 236 (offset 2 lines).
Hunk #4 succeeded at 655 (offset 2 lines).
Hunk #5 succeeded at 3716 (offset 78 lines).
Checking patch src/go/build/deps_test.go...
Hunk #1 succeeded at 436 (offset 40 lines).
Hunk #2 succeeded at 469 (offset 40 lines).
Hunk #3 succeeded at 717 (offset 84 lines).
Hunk #4 succeeded at 760 (offset 84 lines).
Hunk #5 succeeded at 770 (offset 84 lines).
Checking patch src/runtime/pprof/proto_test.go...
Hunk #3 succeeded at 145 (offset -5 lines).
Checking patch src/runtime/runtime_boring.go...
Applied patch src/cmd/go/testdata/script/gopath_std_vendor.txt cleanly.
Applied patch src/crypto/ecdh/ecdh_test.go cleanly.
Applied patch src/crypto/ecdsa/ecdsa_test.go cleanly.
Applied patch src/crypto/ecdsa/equal_test.go cleanly.
Applied patch src/crypto/ed25519/ed25519_test.go cleanly.
Applied patch src/crypto/ed25519/ed25519vectors_test.go cleanly.
Applied patch src/crypto/internal/backend/boringtest/config.go cleanly.
Applied patch src/crypto/internal/backend/dummy.s cleanly.
Applied patch src/crypto/internal/backend/nobackend.go cleanly.
Applied patch src/crypto/internal/backend/openssl.go cleanly.
Applied patch src/crypto/internal/backend/bbig/big.go cleanly.
Applied patch src/crypto/rsa/pkcs1v15_test.go cleanly.
Applied patch src/crypto/rsa/pss_test.go cleanly.
Applied patch src/crypto/rsa/rsa.go cleanly.
Applied patch src/crypto/rsa/rsa_test.go cleanly.
Applied patch src/crypto/tls/boring.go cleanly.
Applied patch src/crypto/tls/boring_test.go cleanly.
Applied patch src/crypto/tls/cipher_suites.go cleanly.
Applied patch src/crypto/tls/common.go cleanly.
Applied patch src/crypto/tls/handshake_client_test.go cleanly.
Applied patch src/crypto/tls/key_schedule.go cleanly.
Applied patch src/crypto/x509/boring_test.go cleanly.
Applied patch src/crypto/x509/x509_test.go cleanly.
Applied patch src/go/build/deps_test.go cleanly.
Applied patch src/runtime/pprof/proto_test.go cleanly.
Applied patch src/runtime/runtime_boring.go cleanly.
+ git add .
+ git commit -m phase1
[detached HEAD f7c929194b] phase1
 25 files changed, 739 insertions(+), 69 deletions(-)
 create mode 100644 src/crypto/internal/backend/bbig/big.go
 create mode 100644 src/crypto/internal/backend/boringtest/config.go
 create mode 100644 src/crypto/internal/backend/dummy.s
 create mode 100644 src/crypto/internal/backend/nobackend.go
 create mode 100644 src/crypto/internal/backend/openssl.go
+ /golang-fips/scripts/create-secondary-patch.sh ''
+ GO_SOURCES='src/crypto/**/*.go'
+ sed -i -e 's/boring\.Enabled/boring\.Enabled()/g' src/crypto/aes/aes_gcm.go src/crypto/aes/aes_test.go src/crypto/aes/block.go src/crypto/aes/cbc_ppc64x.go src/crypto/aes/cbc_s390x.go src/crypto/aes/cipher.go src/crypto/aes/cipher_asm.go src/crypto/aes/cipher_generic.go src/crypto/aes/cipher_s390x.go src/crypto/aes/const.go src/crypto/aes/ctr_s390x.go src/crypto/aes/gcm_ppc64x.go src/crypto/aes/gcm_s390x.go src/crypto/aes/modes.go src/crypto/aes/modes_test.go src/crypto/boring/boring.go src/crypto/boring/boring_test.go src/crypto/boring/notboring_test.go src/crypto/cipher/benchmark_test.go src/crypto/cipher/cbc.go src/crypto/cipher/cbc_aes_test.go src/crypto/cipher/cfb.go src/crypto/cipher/cfb_test.go src/crypto/cipher/cipher.go src/crypto/cipher/cipher_test.go src/crypto/cipher/common_test.go src/crypto/cipher/ctr.go src/crypto/cipher/ctr_aes_test.go src/crypto/cipher/ctr_test.go src/crypto/cipher/example_test.go src/crypto/cipher/export_test.go src/crypto/cipher/fuzz_test.go src/crypto/cipher/gcm.go src/crypto/cipher/gcm_test.go src/crypto/cipher/io.go src/crypto/cipher/ofb.go src/crypto/cipher/ofb_test.go src/crypto/des/block.go src/crypto/des/cipher.go src/crypto/des/const.go src/crypto/des/des_test.go src/crypto/des/example_test.go src/crypto/des/internal_test.go src/crypto/dsa/dsa.go src/crypto/dsa/dsa_test.go src/crypto/ecdh/ecdh.go src/crypto/ecdh/ecdh_test.go src/crypto/ecdh/nist.go src/crypto/ecdh/x25519.go src/crypto/ecdsa/boring.go src/crypto/ecdsa/ecdsa.go src/crypto/ecdsa/ecdsa_legacy.go src/crypto/ecdsa/ecdsa_noasm.go src/crypto/ecdsa/ecdsa_s390x.go src/crypto/ecdsa/ecdsa_s390x_test.go src/crypto/ecdsa/ecdsa_test.go src/crypto/ecdsa/equal_test.go src/crypto/ecdsa/example_test.go src/crypto/ecdsa/notboring.go src/crypto/ed25519/ed25519.go src/crypto/ed25519/ed25519_test.go src/crypto/ed25519/ed25519vectors_test.go src/crypto/elliptic/elliptic.go src/crypto/elliptic/elliptic_test.go src/crypto/elliptic/nistec.go src/crypto/elliptic/nistec_p256.go src/crypto/elliptic/p224_test.go src/crypto/elliptic/p256_test.go src/crypto/elliptic/params.go src/crypto/hmac/hmac.go src/crypto/hmac/hmac_test.go src/crypto/md5/example_test.go src/crypto/md5/gen.go src/crypto/md5/md5.go src/crypto/md5/md5_test.go src/crypto/md5/md5block.go src/crypto/md5/md5block_decl.go src/crypto/md5/md5block_generic.go src/crypto/rand/example_test.go src/crypto/rand/rand.go src/crypto/rand/rand_batched_test.go src/crypto/rand/rand_getentropy.go src/crypto/rand/rand_getrandom.go src/crypto/rand/rand_js.go src/crypto/rand/rand_plan9.go src/crypto/rand/rand_test.go src/crypto/rand/rand_unix.go src/crypto/rand/rand_wasip1.go src/crypto/rand/rand_windows.go src/crypto/rand/util.go src/crypto/rand/util_test.go src/crypto/rc4/rc4.go src/crypto/rc4/rc4_test.go src/crypto/rsa/boring.go src/crypto/rsa/boring_test.go src/crypto/rsa/equal_test.go src/crypto/rsa/example_test.go src/crypto/rsa/notboring.go src/crypto/rsa/pkcs1v15.go src/crypto/rsa/pkcs1v15_test.go src/crypto/rsa/pss.go src/crypto/rsa/pss_test.go src/crypto/rsa/rsa.go src/crypto/rsa/rsa_export_test.go src/crypto/rsa/rsa_test.go src/crypto/sha1/example_test.go src/crypto/sha1/fallback_test.go src/crypto/sha1/issue15617_test.go src/crypto/sha1/sha1.go src/crypto/sha1/sha1_test.go src/crypto/sha1/sha1block.go src/crypto/sha1/sha1block_amd64.go src/crypto/sha1/sha1block_arm64.go src/crypto/sha1/sha1block_decl.go src/crypto/sha1/sha1block_generic.go src/crypto/sha1/sha1block_s390x.go src/crypto/sha256/example_test.go src/crypto/sha256/fallback_test.go src/crypto/sha256/sha256.go src/crypto/sha256/sha256_test.go src/crypto/sha256/sha256block.go src/crypto/sha256/sha256block_amd64.go src/crypto/sha256/sha256block_arm64.go src/crypto/sha256/sha256block_decl.go src/crypto/sha256/sha256block_generic.go src/crypto/sha256/sha256block_s390x.go src/crypto/sha512/fallback_test.go src/crypto/sha512/sha512.go src/crypto/sha512/sha512_test.go src/crypto/sha512/sha512block.go src/crypto/sha512/sha512block_amd64.go src/crypto/sha512/sha512block_arm64.go src/crypto/sha512/sha512block_decl.go src/crypto/sha512/sha512block_generic.go src/crypto/sha512/sha512block_s390x.go src/crypto/subtle/constant_time.go src/crypto/subtle/constant_time_test.go src/crypto/subtle/xor.go src/crypto/subtle/xor_amd64.go src/crypto/subtle/xor_arm64.go src/crypto/subtle/xor_generic.go src/crypto/subtle/xor_ppc64x.go src/crypto/subtle/xor_test.go src/crypto/tls/alert.go src/crypto/tls/auth.go src/crypto/tls/auth_test.go src/crypto/tls/boring.go src/crypto/tls/boring_test.go src/crypto/tls/cache.go src/crypto/tls/cache_test.go src/crypto/tls/cipher_suites.go src/crypto/tls/common.go src/crypto/tls/common_string.go src/crypto/tls/conn.go src/crypto/tls/conn_test.go src/crypto/tls/example_test.go src/crypto/tls/generate_cert.go src/crypto/tls/handshake_client.go src/crypto/tls/handshake_client_test.go src/crypto/tls/handshake_client_tls13.go src/crypto/tls/handshake_messages.go src/crypto/tls/handshake_messages_test.go src/crypto/tls/handshake_server.go src/crypto/tls/handshake_server_test.go src/crypto/tls/handshake_server_tls13.go src/crypto/tls/handshake_test.go src/crypto/tls/handshake_unix_test.go src/crypto/tls/key_agreement.go src/crypto/tls/key_schedule.go src/crypto/tls/key_schedule_test.go src/crypto/tls/link_test.go src/crypto/tls/notboring.go src/crypto/tls/prf.go src/crypto/tls/prf_test.go src/crypto/tls/quic.go src/crypto/tls/quic_test.go src/crypto/tls/ticket.go src/crypto/tls/ticket_test.go src/crypto/tls/tls.go src/crypto/tls/tls_test.go src/crypto/x509/boring.go src/crypto/x509/boring_test.go src/crypto/x509/cert_pool.go src/crypto/x509/cert_pool_test.go src/crypto/x509/example_test.go src/crypto/x509/hybrid_pool_test.go src/crypto/x509/name_constraints_test.go src/crypto/x509/notboring.go src/crypto/x509/oid.go src/crypto/x509/oid_test.go src/crypto/x509/parser.go src/crypto/x509/parser_test.go src/crypto/x509/pem_decrypt.go src/crypto/x509/pem_decrypt_test.go src/crypto/x509/pkcs1.go src/crypto/x509/pkcs8.go src/crypto/x509/pkcs8_test.go src/crypto/x509/platform_test.go src/crypto/x509/root.go src/crypto/x509/root_aix.go src/crypto/x509/root_bsd.go src/crypto/x509/root_darwin.go src/crypto/x509/root_darwin_test.go src/crypto/x509/root_linux.go src/crypto/x509/root_plan9.go src/crypto/x509/root_solaris.go src/crypto/x509/root_test.go src/crypto/x509/root_unix.go src/crypto/x509/root_unix_test.go src/crypto/x509/root_wasm.go src/crypto/x509/root_windows.go src/crypto/x509/root_windows_test.go src/crypto/x509/sec1.go src/crypto/x509/sec1_test.go src/crypto/x509/verify.go src/crypto/x509/verify_test.go src/crypto/x509/x509.go src/crypto/x509/x509_test.go src/crypto/x509/x509_test_import.go
+ sed -i -e 's/"crypto\/internal\/boring"/boring "crypto\/internal\/backend"/g' src/crypto/aes/aes_gcm.go src/crypto/aes/aes_test.go src/crypto/aes/block.go src/crypto/aes/cbc_ppc64x.go src/crypto/aes/cbc_s390x.go src/crypto/aes/cipher.go src/crypto/aes/cipher_asm.go src/crypto/aes/cipher_generic.go src/crypto/aes/cipher_s390x.go src/crypto/aes/const.go src/crypto/aes/ctr_s390x.go src/crypto/aes/gcm_ppc64x.go src/crypto/aes/gcm_s390x.go src/crypto/aes/modes.go src/crypto/aes/modes_test.go src/crypto/boring/boring.go src/crypto/boring/boring_test.go src/crypto/boring/notboring_test.go src/crypto/cipher/benchmark_test.go src/crypto/cipher/cbc.go src/crypto/cipher/cbc_aes_test.go src/crypto/cipher/cfb.go src/crypto/cipher/cfb_test.go src/crypto/cipher/cipher.go src/crypto/cipher/cipher_test.go src/crypto/cipher/common_test.go src/crypto/cipher/ctr.go src/crypto/cipher/ctr_aes_test.go src/crypto/cipher/ctr_test.go src/crypto/cipher/example_test.go src/crypto/cipher/export_test.go src/crypto/cipher/fuzz_test.go src/crypto/cipher/gcm.go src/crypto/cipher/gcm_test.go src/crypto/cipher/io.go src/crypto/cipher/ofb.go src/crypto/cipher/ofb_test.go src/crypto/des/block.go src/crypto/des/cipher.go src/crypto/des/const.go src/crypto/des/des_test.go src/crypto/des/example_test.go src/crypto/des/internal_test.go src/crypto/dsa/dsa.go src/crypto/dsa/dsa_test.go src/crypto/ecdh/ecdh.go src/crypto/ecdh/ecdh_test.go src/crypto/ecdh/nist.go src/crypto/ecdh/x25519.go src/crypto/ecdsa/boring.go src/crypto/ecdsa/ecdsa.go src/crypto/ecdsa/ecdsa_legacy.go src/crypto/ecdsa/ecdsa_noasm.go src/crypto/ecdsa/ecdsa_s390x.go src/crypto/ecdsa/ecdsa_s390x_test.go src/crypto/ecdsa/ecdsa_test.go src/crypto/ecdsa/equal_test.go src/crypto/ecdsa/example_test.go src/crypto/ecdsa/notboring.go src/crypto/ed25519/ed25519.go src/crypto/ed25519/ed25519_test.go src/crypto/ed25519/ed25519vectors_test.go src/crypto/elliptic/elliptic.go src/crypto/elliptic/elliptic_test.go src/crypto/elliptic/nistec.go src/crypto/elliptic/nistec_p256.go src/crypto/elliptic/p224_test.go src/crypto/elliptic/p256_test.go src/crypto/elliptic/params.go src/crypto/hmac/hmac.go src/crypto/hmac/hmac_test.go src/crypto/md5/example_test.go src/crypto/md5/gen.go src/crypto/md5/md5.go src/crypto/md5/md5_test.go src/crypto/md5/md5block.go src/crypto/md5/md5block_decl.go src/crypto/md5/md5block_generic.go src/crypto/rand/example_test.go src/crypto/rand/rand.go src/crypto/rand/rand_batched_test.go src/crypto/rand/rand_getentropy.go src/crypto/rand/rand_getrandom.go src/crypto/rand/rand_js.go src/crypto/rand/rand_plan9.go src/crypto/rand/rand_test.go src/crypto/rand/rand_unix.go src/crypto/rand/rand_wasip1.go src/crypto/rand/rand_windows.go src/crypto/rand/util.go src/crypto/rand/util_test.go src/crypto/rc4/rc4.go src/crypto/rc4/rc4_test.go src/crypto/rsa/boring.go src/crypto/rsa/boring_test.go src/crypto/rsa/equal_test.go src/crypto/rsa/example_test.go src/crypto/rsa/notboring.go src/crypto/rsa/pkcs1v15.go src/crypto/rsa/pkcs1v15_test.go src/crypto/rsa/pss.go src/crypto/rsa/pss_test.go src/crypto/rsa/rsa.go src/crypto/rsa/rsa_export_test.go src/crypto/rsa/rsa_test.go src/crypto/sha1/example_test.go src/crypto/sha1/fallback_test.go src/crypto/sha1/issue15617_test.go src/crypto/sha1/sha1.go src/crypto/sha1/sha1_test.go src/crypto/sha1/sha1block.go src/crypto/sha1/sha1block_amd64.go src/crypto/sha1/sha1block_arm64.go src/crypto/sha1/sha1block_decl.go src/crypto/sha1/sha1block_generic.go src/crypto/sha1/sha1block_s390x.go src/crypto/sha256/example_test.go src/crypto/sha256/fallback_test.go src/crypto/sha256/sha256.go src/crypto/sha256/sha256_test.go src/crypto/sha256/sha256block.go src/crypto/sha256/sha256block_amd64.go src/crypto/sha256/sha256block_arm64.go src/crypto/sha256/sha256block_decl.go src/crypto/sha256/sha256block_generic.go src/crypto/sha256/sha256block_s390x.go src/crypto/sha512/fallback_test.go src/crypto/sha512/sha512.go src/crypto/sha512/sha512_test.go src/crypto/sha512/sha512block.go src/crypto/sha512/sha512block_amd64.go src/crypto/sha512/sha512block_arm64.go src/crypto/sha512/sha512block_decl.go src/crypto/sha512/sha512block_generic.go src/crypto/sha512/sha512block_s390x.go src/crypto/subtle/constant_time.go src/crypto/subtle/constant_time_test.go src/crypto/subtle/xor.go src/crypto/subtle/xor_amd64.go src/crypto/subtle/xor_arm64.go src/crypto/subtle/xor_generic.go src/crypto/subtle/xor_ppc64x.go src/crypto/subtle/xor_test.go src/crypto/tls/alert.go src/crypto/tls/auth.go src/crypto/tls/auth_test.go src/crypto/tls/boring.go src/crypto/tls/boring_test.go src/crypto/tls/cache.go src/crypto/tls/cache_test.go src/crypto/tls/cipher_suites.go src/crypto/tls/common.go src/crypto/tls/common_string.go src/crypto/tls/conn.go src/crypto/tls/conn_test.go src/crypto/tls/example_test.go src/crypto/tls/generate_cert.go src/crypto/tls/handshake_client.go src/crypto/tls/handshake_client_test.go src/crypto/tls/handshake_client_tls13.go src/crypto/tls/handshake_messages.go src/crypto/tls/handshake_messages_test.go src/crypto/tls/handshake_server.go src/crypto/tls/handshake_server_test.go src/crypto/tls/handshake_server_tls13.go src/crypto/tls/handshake_test.go src/crypto/tls/handshake_unix_test.go src/crypto/tls/key_agreement.go src/crypto/tls/key_schedule.go src/crypto/tls/key_schedule_test.go src/crypto/tls/link_test.go src/crypto/tls/notboring.go src/crypto/tls/prf.go src/crypto/tls/prf_test.go src/crypto/tls/quic.go src/crypto/tls/quic_test.go src/crypto/tls/ticket.go src/crypto/tls/ticket_test.go src/crypto/tls/tls.go src/crypto/tls/tls_test.go src/crypto/x509/boring.go src/crypto/x509/boring_test.go src/crypto/x509/cert_pool.go src/crypto/x509/cert_pool_test.go src/crypto/x509/example_test.go src/crypto/x509/hybrid_pool_test.go src/crypto/x509/name_constraints_test.go src/crypto/x509/notboring.go src/crypto/x509/oid.go src/crypto/x509/oid_test.go src/crypto/x509/parser.go src/crypto/x509/parser_test.go src/crypto/x509/pem_decrypt.go src/crypto/x509/pem_decrypt_test.go src/crypto/x509/pkcs1.go src/crypto/x509/pkcs8.go src/crypto/x509/pkcs8_test.go src/crypto/x509/platform_test.go src/crypto/x509/root.go src/crypto/x509/root_aix.go src/crypto/x509/root_bsd.go src/crypto/x509/root_darwin.go src/crypto/x509/root_darwin_test.go src/crypto/x509/root_linux.go src/crypto/x509/root_plan9.go src/crypto/x509/root_solaris.go src/crypto/x509/root_test.go src/crypto/x509/root_unix.go src/crypto/x509/root_unix_test.go src/crypto/x509/root_wasm.go src/crypto/x509/root_windows.go src/crypto/x509/root_windows_test.go src/crypto/x509/sec1.go src/crypto/x509/sec1_test.go src/crypto/x509/verify.go src/crypto/x509/verify_test.go src/crypto/x509/x509.go src/crypto/x509/x509_test.go src/crypto/x509/x509_test_import.go
+ sed -i -e 's/"crypto\/internal\/boring\/bbig"/"crypto\/internal\/backend\/bbig"/g' src/crypto/aes/aes_gcm.go src/crypto/aes/aes_test.go src/crypto/aes/block.go src/crypto/aes/cbc_ppc64x.go src/crypto/aes/cbc_s390x.go src/crypto/aes/cipher.go src/crypto/aes/cipher_asm.go src/crypto/aes/cipher_generic.go src/crypto/aes/cipher_s390x.go src/crypto/aes/const.go src/crypto/aes/ctr_s390x.go src/crypto/aes/gcm_ppc64x.go src/crypto/aes/gcm_s390x.go src/crypto/aes/modes.go src/crypto/aes/modes_test.go src/crypto/boring/boring.go src/crypto/boring/boring_test.go src/crypto/boring/notboring_test.go src/crypto/cipher/benchmark_test.go src/crypto/cipher/cbc.go src/crypto/cipher/cbc_aes_test.go src/crypto/cipher/cfb.go src/crypto/cipher/cfb_test.go src/crypto/cipher/cipher.go src/crypto/cipher/cipher_test.go src/crypto/cipher/common_test.go src/crypto/cipher/ctr.go src/crypto/cipher/ctr_aes_test.go src/crypto/cipher/ctr_test.go src/crypto/cipher/example_test.go src/crypto/cipher/export_test.go src/crypto/cipher/fuzz_test.go src/crypto/cipher/gcm.go src/crypto/cipher/gcm_test.go src/crypto/cipher/io.go src/crypto/cipher/ofb.go src/crypto/cipher/ofb_test.go src/crypto/des/block.go src/crypto/des/cipher.go src/crypto/des/const.go src/crypto/des/des_test.go src/crypto/des/example_test.go src/crypto/des/internal_test.go src/crypto/dsa/dsa.go src/crypto/dsa/dsa_test.go src/crypto/ecdh/ecdh.go src/crypto/ecdh/ecdh_test.go src/crypto/ecdh/nist.go src/crypto/ecdh/x25519.go src/crypto/ecdsa/boring.go src/crypto/ecdsa/ecdsa.go src/crypto/ecdsa/ecdsa_legacy.go src/crypto/ecdsa/ecdsa_noasm.go src/crypto/ecdsa/ecdsa_s390x.go src/crypto/ecdsa/ecdsa_s390x_test.go src/crypto/ecdsa/ecdsa_test.go src/crypto/ecdsa/equal_test.go src/crypto/ecdsa/example_test.go src/crypto/ecdsa/notboring.go src/crypto/ed25519/ed25519.go src/crypto/ed25519/ed25519_test.go src/crypto/ed25519/ed25519vectors_test.go src/crypto/elliptic/elliptic.go src/crypto/elliptic/elliptic_test.go src/crypto/elliptic/nistec.go src/crypto/elliptic/nistec_p256.go src/crypto/elliptic/p224_test.go src/crypto/elliptic/p256_test.go src/crypto/elliptic/params.go src/crypto/hmac/hmac.go src/crypto/hmac/hmac_test.go src/crypto/md5/example_test.go src/crypto/md5/gen.go src/crypto/md5/md5.go src/crypto/md5/md5_test.go src/crypto/md5/md5block.go src/crypto/md5/md5block_decl.go src/crypto/md5/md5block_generic.go src/crypto/rand/example_test.go src/crypto/rand/rand.go src/crypto/rand/rand_batched_test.go src/crypto/rand/rand_getentropy.go src/crypto/rand/rand_getrandom.go src/crypto/rand/rand_js.go src/crypto/rand/rand_plan9.go src/crypto/rand/rand_test.go src/crypto/rand/rand_unix.go src/crypto/rand/rand_wasip1.go src/crypto/rand/rand_windows.go src/crypto/rand/util.go src/crypto/rand/util_test.go src/crypto/rc4/rc4.go src/crypto/rc4/rc4_test.go src/crypto/rsa/boring.go src/crypto/rsa/boring_test.go src/crypto/rsa/equal_test.go src/crypto/rsa/example_test.go src/crypto/rsa/notboring.go src/crypto/rsa/pkcs1v15.go src/crypto/rsa/pkcs1v15_test.go src/crypto/rsa/pss.go src/crypto/rsa/pss_test.go src/crypto/rsa/rsa.go src/crypto/rsa/rsa_export_test.go src/crypto/rsa/rsa_test.go src/crypto/sha1/example_test.go src/crypto/sha1/fallback_test.go src/crypto/sha1/issue15617_test.go src/crypto/sha1/sha1.go src/crypto/sha1/sha1_test.go src/crypto/sha1/sha1block.go src/crypto/sha1/sha1block_amd64.go src/crypto/sha1/sha1block_arm64.go src/crypto/sha1/sha1block_decl.go src/crypto/sha1/sha1block_generic.go src/crypto/sha1/sha1block_s390x.go src/crypto/sha256/example_test.go src/crypto/sha256/fallback_test.go src/crypto/sha256/sha256.go src/crypto/sha256/sha256_test.go src/crypto/sha256/sha256block.go src/crypto/sha256/sha256block_amd64.go src/crypto/sha256/sha256block_arm64.go src/crypto/sha256/sha256block_decl.go src/crypto/sha256/sha256block_generic.go src/crypto/sha256/sha256block_s390x.go src/crypto/sha512/fallback_test.go src/crypto/sha512/sha512.go src/crypto/sha512/sha512_test.go src/crypto/sha512/sha512block.go src/crypto/sha512/sha512block_amd64.go src/crypto/sha512/sha512block_arm64.go src/crypto/sha512/sha512block_decl.go src/crypto/sha512/sha512block_generic.go src/crypto/sha512/sha512block_s390x.go src/crypto/subtle/constant_time.go src/crypto/subtle/constant_time_test.go src/crypto/subtle/xor.go src/crypto/subtle/xor_amd64.go src/crypto/subtle/xor_arm64.go src/crypto/subtle/xor_generic.go src/crypto/subtle/xor_ppc64x.go src/crypto/subtle/xor_test.go src/crypto/tls/alert.go src/crypto/tls/auth.go src/crypto/tls/auth_test.go src/crypto/tls/boring.go src/crypto/tls/boring_test.go src/crypto/tls/cache.go src/crypto/tls/cache_test.go src/crypto/tls/cipher_suites.go src/crypto/tls/common.go src/crypto/tls/common_string.go src/crypto/tls/conn.go src/crypto/tls/conn_test.go src/crypto/tls/example_test.go src/crypto/tls/generate_cert.go src/crypto/tls/handshake_client.go src/crypto/tls/handshake_client_test.go src/crypto/tls/handshake_client_tls13.go src/crypto/tls/handshake_messages.go src/crypto/tls/handshake_messages_test.go src/crypto/tls/handshake_server.go src/crypto/tls/handshake_server_test.go src/crypto/tls/handshake_server_tls13.go src/crypto/tls/handshake_test.go src/crypto/tls/handshake_unix_test.go src/crypto/tls/key_agreement.go src/crypto/tls/key_schedule.go src/crypto/tls/key_schedule_test.go src/crypto/tls/link_test.go src/crypto/tls/notboring.go src/crypto/tls/prf.go src/crypto/tls/prf_test.go src/crypto/tls/quic.go src/crypto/tls/quic_test.go src/crypto/tls/ticket.go src/crypto/tls/ticket_test.go src/crypto/tls/tls.go src/crypto/tls/tls_test.go src/crypto/x509/boring.go src/crypto/x509/boring_test.go src/crypto/x509/cert_pool.go src/crypto/x509/cert_pool_test.go src/crypto/x509/example_test.go src/crypto/x509/hybrid_pool_test.go src/crypto/x509/name_constraints_test.go src/crypto/x509/notboring.go src/crypto/x509/oid.go src/crypto/x509/oid_test.go src/crypto/x509/parser.go src/crypto/x509/parser_test.go src/crypto/x509/pem_decrypt.go src/crypto/x509/pem_decrypt_test.go src/crypto/x509/pkcs1.go src/crypto/x509/pkcs8.go src/crypto/x509/pkcs8_test.go src/crypto/x509/platform_test.go src/crypto/x509/root.go src/crypto/x509/root_aix.go src/crypto/x509/root_bsd.go src/crypto/x509/root_darwin.go src/crypto/x509/root_darwin_test.go src/crypto/x509/root_linux.go src/crypto/x509/root_plan9.go src/crypto/x509/root_solaris.go src/crypto/x509/root_test.go src/crypto/x509/root_unix.go src/crypto/x509/root_unix_test.go src/crypto/x509/root_wasm.go src/crypto/x509/root_windows.go src/crypto/x509/root_windows_test.go src/crypto/x509/sec1.go src/crypto/x509/sec1_test.go src/crypto/x509/verify.go src/crypto/x509/verify_test.go src/crypto/x509/x509.go src/crypto/x509/x509_test.go src/crypto/x509/x509_test_import.go
+ sed -i -e 's/const boringEnabled/var boringEnabled/g' src/crypto/aes/aes_gcm.go src/crypto/aes/aes_test.go src/crypto/aes/block.go src/crypto/aes/cbc_ppc64x.go src/crypto/aes/cbc_s390x.go src/crypto/aes/cipher.go src/crypto/aes/cipher_asm.go src/crypto/aes/cipher_generic.go src/crypto/aes/cipher_s390x.go src/crypto/aes/const.go src/crypto/aes/ctr_s390x.go src/crypto/aes/gcm_ppc64x.go src/crypto/aes/gcm_s390x.go src/crypto/aes/modes.go src/crypto/aes/modes_test.go src/crypto/boring/boring.go src/crypto/boring/boring_test.go src/crypto/boring/notboring_test.go src/crypto/cipher/benchmark_test.go src/crypto/cipher/cbc.go src/crypto/cipher/cbc_aes_test.go src/crypto/cipher/cfb.go src/crypto/cipher/cfb_test.go src/crypto/cipher/cipher.go src/crypto/cipher/cipher_test.go src/crypto/cipher/common_test.go src/crypto/cipher/ctr.go src/crypto/cipher/ctr_aes_test.go src/crypto/cipher/ctr_test.go src/crypto/cipher/example_test.go src/crypto/cipher/export_test.go src/crypto/cipher/fuzz_test.go src/crypto/cipher/gcm.go src/crypto/cipher/gcm_test.go src/crypto/cipher/io.go src/crypto/cipher/ofb.go src/crypto/cipher/ofb_test.go src/crypto/des/block.go src/crypto/des/cipher.go src/crypto/des/const.go src/crypto/des/des_test.go src/crypto/des/example_test.go src/crypto/des/internal_test.go src/crypto/dsa/dsa.go src/crypto/dsa/dsa_test.go src/crypto/ecdh/ecdh.go src/crypto/ecdh/ecdh_test.go src/crypto/ecdh/nist.go src/crypto/ecdh/x25519.go src/crypto/ecdsa/boring.go src/crypto/ecdsa/ecdsa.go src/crypto/ecdsa/ecdsa_legacy.go src/crypto/ecdsa/ecdsa_noasm.go src/crypto/ecdsa/ecdsa_s390x.go src/crypto/ecdsa/ecdsa_s390x_test.go src/crypto/ecdsa/ecdsa_test.go src/crypto/ecdsa/equal_test.go src/crypto/ecdsa/example_test.go src/crypto/ecdsa/notboring.go src/crypto/ed25519/ed25519.go src/crypto/ed25519/ed25519_test.go src/crypto/ed25519/ed25519vectors_test.go src/crypto/elliptic/elliptic.go src/crypto/elliptic/elliptic_test.go src/crypto/elliptic/nistec.go src/crypto/elliptic/nistec_p256.go src/crypto/elliptic/p224_test.go src/crypto/elliptic/p256_test.go src/crypto/elliptic/params.go src/crypto/hmac/hmac.go src/crypto/hmac/hmac_test.go src/crypto/md5/example_test.go src/crypto/md5/gen.go src/crypto/md5/md5.go src/crypto/md5/md5_test.go src/crypto/md5/md5block.go src/crypto/md5/md5block_decl.go src/crypto/md5/md5block_generic.go src/crypto/rand/example_test.go src/crypto/rand/rand.go src/crypto/rand/rand_batched_test.go src/crypto/rand/rand_getentropy.go src/crypto/rand/rand_getrandom.go src/crypto/rand/rand_js.go src/crypto/rand/rand_plan9.go src/crypto/rand/rand_test.go src/crypto/rand/rand_unix.go src/crypto/rand/rand_wasip1.go src/crypto/rand/rand_windows.go src/crypto/rand/util.go src/crypto/rand/util_test.go src/crypto/rc4/rc4.go src/crypto/rc4/rc4_test.go src/crypto/rsa/boring.go src/crypto/rsa/boring_test.go src/crypto/rsa/equal_test.go src/crypto/rsa/example_test.go src/crypto/rsa/notboring.go src/crypto/rsa/pkcs1v15.go src/crypto/rsa/pkcs1v15_test.go src/crypto/rsa/pss.go src/crypto/rsa/pss_test.go src/crypto/rsa/rsa.go src/crypto/rsa/rsa_export_test.go src/crypto/rsa/rsa_test.go src/crypto/sha1/example_test.go src/crypto/sha1/fallback_test.go src/crypto/sha1/issue15617_test.go src/crypto/sha1/sha1.go src/crypto/sha1/sha1_test.go src/crypto/sha1/sha1block.go src/crypto/sha1/sha1block_amd64.go src/crypto/sha1/sha1block_arm64.go src/crypto/sha1/sha1block_decl.go src/crypto/sha1/sha1block_generic.go src/crypto/sha1/sha1block_s390x.go src/crypto/sha256/example_test.go src/crypto/sha256/fallback_test.go src/crypto/sha256/sha256.go src/crypto/sha256/sha256_test.go src/crypto/sha256/sha256block.go src/crypto/sha256/sha256block_amd64.go src/crypto/sha256/sha256block_arm64.go src/crypto/sha256/sha256block_decl.go src/crypto/sha256/sha256block_generic.go src/crypto/sha256/sha256block_s390x.go src/crypto/sha512/fallback_test.go src/crypto/sha512/sha512.go src/crypto/sha512/sha512_test.go src/crypto/sha512/sha512block.go src/crypto/sha512/sha512block_amd64.go src/crypto/sha512/sha512block_arm64.go src/crypto/sha512/sha512block_decl.go src/crypto/sha512/sha512block_generic.go src/crypto/sha512/sha512block_s390x.go src/crypto/subtle/constant_time.go src/crypto/subtle/constant_time_test.go src/crypto/subtle/xor.go src/crypto/subtle/xor_amd64.go src/crypto/subtle/xor_arm64.go src/crypto/subtle/xor_generic.go src/crypto/subtle/xor_ppc64x.go src/crypto/subtle/xor_test.go src/crypto/tls/alert.go src/crypto/tls/auth.go src/crypto/tls/auth_test.go src/crypto/tls/boring.go src/crypto/tls/boring_test.go src/crypto/tls/cache.go src/crypto/tls/cache_test.go src/crypto/tls/cipher_suites.go src/crypto/tls/common.go src/crypto/tls/common_string.go src/crypto/tls/conn.go src/crypto/tls/conn_test.go src/crypto/tls/example_test.go src/crypto/tls/generate_cert.go src/crypto/tls/handshake_client.go src/crypto/tls/handshake_client_test.go src/crypto/tls/handshake_client_tls13.go src/crypto/tls/handshake_messages.go src/crypto/tls/handshake_messages_test.go src/crypto/tls/handshake_server.go src/crypto/tls/handshake_server_test.go src/crypto/tls/handshake_server_tls13.go src/crypto/tls/handshake_test.go src/crypto/tls/handshake_unix_test.go src/crypto/tls/key_agreement.go src/crypto/tls/key_schedule.go src/crypto/tls/key_schedule_test.go src/crypto/tls/link_test.go src/crypto/tls/notboring.go src/crypto/tls/prf.go src/crypto/tls/prf_test.go src/crypto/tls/quic.go src/crypto/tls/quic_test.go src/crypto/tls/ticket.go src/crypto/tls/ticket_test.go src/crypto/tls/tls.go src/crypto/tls/tls_test.go src/crypto/x509/boring.go src/crypto/x509/boring_test.go src/crypto/x509/cert_pool.go src/crypto/x509/cert_pool_test.go src/crypto/x509/example_test.go src/crypto/x509/hybrid_pool_test.go src/crypto/x509/name_constraints_test.go src/crypto/x509/notboring.go src/crypto/x509/oid.go src/crypto/x509/oid_test.go src/crypto/x509/parser.go src/crypto/x509/parser_test.go src/crypto/x509/pem_decrypt.go src/crypto/x509/pem_decrypt_test.go src/crypto/x509/pkcs1.go src/crypto/x509/pkcs8.go src/crypto/x509/pkcs8_test.go src/crypto/x509/platform_test.go src/crypto/x509/root.go src/crypto/x509/root_aix.go src/crypto/x509/root_bsd.go src/crypto/x509/root_darwin.go src/crypto/x509/root_darwin_test.go src/crypto/x509/root_linux.go src/crypto/x509/root_plan9.go src/crypto/x509/root_solaris.go src/crypto/x509/root_test.go src/crypto/x509/root_unix.go src/crypto/x509/root_unix_test.go src/crypto/x509/root_wasm.go src/crypto/x509/root_windows.go src/crypto/x509/root_windows_test.go src/crypto/x509/sec1.go src/crypto/x509/sec1_test.go src/crypto/x509/verify.go src/crypto/x509/verify_test.go src/crypto/x509/x509.go src/crypto/x509/x509_test.go src/crypto/x509/x509_test_import.go
+ sed -i -e 's/\!boringcrypto/no_openssl/g' src/crypto/aes/aes_gcm.go src/crypto/aes/aes_test.go src/crypto/aes/block.go src/crypto/aes/cbc_ppc64x.go src/crypto/aes/cbc_s390x.go src/crypto/aes/cipher.go src/crypto/aes/cipher_asm.go src/crypto/aes/cipher_generic.go src/crypto/aes/cipher_s390x.go src/crypto/aes/const.go src/crypto/aes/ctr_s390x.go src/crypto/aes/gcm_ppc64x.go src/crypto/aes/gcm_s390x.go src/crypto/aes/modes.go src/crypto/aes/modes_test.go src/crypto/boring/boring.go src/crypto/boring/boring_test.go src/crypto/boring/notboring_test.go src/crypto/cipher/benchmark_test.go src/crypto/cipher/cbc.go src/crypto/cipher/cbc_aes_test.go src/crypto/cipher/cfb.go src/crypto/cipher/cfb_test.go src/crypto/cipher/cipher.go src/crypto/cipher/cipher_test.go src/crypto/cipher/common_test.go src/crypto/cipher/ctr.go src/crypto/cipher/ctr_aes_test.go src/crypto/cipher/ctr_test.go src/crypto/cipher/example_test.go src/crypto/cipher/export_test.go src/crypto/cipher/fuzz_test.go src/crypto/cipher/gcm.go src/crypto/cipher/gcm_test.go src/crypto/cipher/io.go src/crypto/cipher/ofb.go src/crypto/cipher/ofb_test.go src/crypto/des/block.go src/crypto/des/cipher.go src/crypto/des/const.go src/crypto/des/des_test.go src/crypto/des/example_test.go src/crypto/des/internal_test.go src/crypto/dsa/dsa.go src/crypto/dsa/dsa_test.go src/crypto/ecdh/ecdh.go src/crypto/ecdh/ecdh_test.go src/crypto/ecdh/nist.go src/crypto/ecdh/x25519.go src/crypto/ecdsa/boring.go src/crypto/ecdsa/ecdsa.go src/crypto/ecdsa/ecdsa_legacy.go src/crypto/ecdsa/ecdsa_noasm.go src/crypto/ecdsa/ecdsa_s390x.go src/crypto/ecdsa/ecdsa_s390x_test.go src/crypto/ecdsa/ecdsa_test.go src/crypto/ecdsa/equal_test.go src/crypto/ecdsa/example_test.go src/crypto/ecdsa/notboring.go src/crypto/ed25519/ed25519.go src/crypto/ed25519/ed25519_test.go src/crypto/ed25519/ed25519vectors_test.go src/crypto/elliptic/elliptic.go src/crypto/elliptic/elliptic_test.go src/crypto/elliptic/nistec.go src/crypto/elliptic/nistec_p256.go src/crypto/elliptic/p224_test.go src/crypto/elliptic/p256_test.go src/crypto/elliptic/params.go src/crypto/hmac/hmac.go src/crypto/hmac/hmac_test.go src/crypto/md5/example_test.go src/crypto/md5/gen.go src/crypto/md5/md5.go src/crypto/md5/md5_test.go src/crypto/md5/md5block.go src/crypto/md5/md5block_decl.go src/crypto/md5/md5block_generic.go src/crypto/rand/example_test.go src/crypto/rand/rand.go src/crypto/rand/rand_batched_test.go src/crypto/rand/rand_getentropy.go src/crypto/rand/rand_getrandom.go src/crypto/rand/rand_js.go src/crypto/rand/rand_plan9.go src/crypto/rand/rand_test.go src/crypto/rand/rand_unix.go src/crypto/rand/rand_wasip1.go src/crypto/rand/rand_windows.go src/crypto/rand/util.go src/crypto/rand/util_test.go src/crypto/rc4/rc4.go src/crypto/rc4/rc4_test.go src/crypto/rsa/boring.go src/crypto/rsa/boring_test.go src/crypto/rsa/equal_test.go src/crypto/rsa/example_test.go src/crypto/rsa/notboring.go src/crypto/rsa/pkcs1v15.go src/crypto/rsa/pkcs1v15_test.go src/crypto/rsa/pss.go src/crypto/rsa/pss_test.go src/crypto/rsa/rsa.go src/crypto/rsa/rsa_export_test.go src/crypto/rsa/rsa_test.go src/crypto/sha1/example_test.go src/crypto/sha1/fallback_test.go src/crypto/sha1/issue15617_test.go src/crypto/sha1/sha1.go src/crypto/sha1/sha1_test.go src/crypto/sha1/sha1block.go src/crypto/sha1/sha1block_amd64.go src/crypto/sha1/sha1block_arm64.go src/crypto/sha1/sha1block_decl.go src/crypto/sha1/sha1block_generic.go src/crypto/sha1/sha1block_s390x.go src/crypto/sha256/example_test.go src/crypto/sha256/fallback_test.go src/crypto/sha256/sha256.go src/crypto/sha256/sha256_test.go src/crypto/sha256/sha256block.go src/crypto/sha256/sha256block_amd64.go src/crypto/sha256/sha256block_arm64.go src/crypto/sha256/sha256block_decl.go src/crypto/sha256/sha256block_generic.go src/crypto/sha256/sha256block_s390x.go src/crypto/sha512/fallback_test.go src/crypto/sha512/sha512.go src/crypto/sha512/sha512_test.go src/crypto/sha512/sha512block.go src/crypto/sha512/sha512block_amd64.go src/crypto/sha512/sha512block_arm64.go src/crypto/sha512/sha512block_decl.go src/crypto/sha512/sha512block_generic.go src/crypto/sha512/sha512block_s390x.go src/crypto/subtle/constant_time.go src/crypto/subtle/constant_time_test.go src/crypto/subtle/xor.go src/crypto/subtle/xor_amd64.go src/crypto/subtle/xor_arm64.go src/crypto/subtle/xor_generic.go src/crypto/subtle/xor_ppc64x.go src/crypto/subtle/xor_test.go src/crypto/tls/alert.go src/crypto/tls/auth.go src/crypto/tls/auth_test.go src/crypto/tls/boring.go src/crypto/tls/boring_test.go src/crypto/tls/cache.go src/crypto/tls/cache_test.go src/crypto/tls/cipher_suites.go src/crypto/tls/common.go src/crypto/tls/common_string.go src/crypto/tls/conn.go src/crypto/tls/conn_test.go src/crypto/tls/example_test.go src/crypto/tls/generate_cert.go src/crypto/tls/handshake_client.go src/crypto/tls/handshake_client_test.go src/crypto/tls/handshake_client_tls13.go src/crypto/tls/handshake_messages.go src/crypto/tls/handshake_messages_test.go src/crypto/tls/handshake_server.go src/crypto/tls/handshake_server_test.go src/crypto/tls/handshake_server_tls13.go src/crypto/tls/handshake_test.go src/crypto/tls/handshake_unix_test.go src/crypto/tls/key_agreement.go src/crypto/tls/key_schedule.go src/crypto/tls/key_schedule_test.go src/crypto/tls/link_test.go src/crypto/tls/notboring.go src/crypto/tls/prf.go src/crypto/tls/prf_test.go src/crypto/tls/quic.go src/crypto/tls/quic_test.go src/crypto/tls/ticket.go src/crypto/tls/ticket_test.go src/crypto/tls/tls.go src/crypto/tls/tls_test.go src/crypto/x509/boring.go src/crypto/x509/boring_test.go src/crypto/x509/cert_pool.go src/crypto/x509/cert_pool_test.go src/crypto/x509/example_test.go src/crypto/x509/hybrid_pool_test.go src/crypto/x509/name_constraints_test.go src/crypto/x509/notboring.go src/crypto/x509/oid.go src/crypto/x509/oid_test.go src/crypto/x509/parser.go src/crypto/x509/parser_test.go src/crypto/x509/pem_decrypt.go src/crypto/x509/pem_decrypt_test.go src/crypto/x509/pkcs1.go src/crypto/x509/pkcs8.go src/crypto/x509/pkcs8_test.go src/crypto/x509/platform_test.go src/crypto/x509/root.go src/crypto/x509/root_aix.go src/crypto/x509/root_bsd.go src/crypto/x509/root_darwin.go src/crypto/x509/root_darwin_test.go src/crypto/x509/root_linux.go src/crypto/x509/root_plan9.go src/crypto/x509/root_solaris.go src/crypto/x509/root_test.go src/crypto/x509/root_unix.go src/crypto/x509/root_unix_test.go src/crypto/x509/root_wasm.go src/crypto/x509/root_windows.go src/crypto/x509/root_windows_test.go src/crypto/x509/sec1.go src/crypto/x509/sec1_test.go src/crypto/x509/verify.go src/crypto/x509/verify_test.go src/crypto/x509/x509.go src/crypto/x509/x509_test.go src/crypto/x509/x509_test_import.go
+ sed -i -e 's/boringcrypto/!no_openssl/g' src/crypto/aes/aes_gcm.go src/crypto/aes/aes_test.go src/crypto/aes/block.go src/crypto/aes/cbc_ppc64x.go src/crypto/aes/cbc_s390x.go src/crypto/aes/cipher.go src/crypto/aes/cipher_asm.go src/crypto/aes/cipher_generic.go src/crypto/aes/cipher_s390x.go src/crypto/aes/const.go src/crypto/aes/ctr_s390x.go src/crypto/aes/gcm_ppc64x.go src/crypto/aes/gcm_s390x.go src/crypto/aes/modes.go src/crypto/aes/modes_test.go src/crypto/boring/boring.go src/crypto/boring/boring_test.go src/crypto/boring/notboring_test.go src/crypto/cipher/benchmark_test.go src/crypto/cipher/cbc.go src/crypto/cipher/cbc_aes_test.go src/crypto/cipher/cfb.go src/crypto/cipher/cfb_test.go src/crypto/cipher/cipher.go src/crypto/cipher/cipher_test.go src/crypto/cipher/common_test.go src/crypto/cipher/ctr.go src/crypto/cipher/ctr_aes_test.go src/crypto/cipher/ctr_test.go src/crypto/cipher/example_test.go src/crypto/cipher/export_test.go src/crypto/cipher/fuzz_test.go src/crypto/cipher/gcm.go src/crypto/cipher/gcm_test.go src/crypto/cipher/io.go src/crypto/cipher/ofb.go src/crypto/cipher/ofb_test.go src/crypto/des/block.go src/crypto/des/cipher.go src/crypto/des/const.go src/crypto/des/des_test.go src/crypto/des/example_test.go src/crypto/des/internal_test.go src/crypto/dsa/dsa.go src/crypto/dsa/dsa_test.go src/crypto/ecdh/ecdh.go src/crypto/ecdh/ecdh_test.go src/crypto/ecdh/nist.go src/crypto/ecdh/x25519.go src/crypto/ecdsa/boring.go src/crypto/ecdsa/ecdsa.go src/crypto/ecdsa/ecdsa_legacy.go src/crypto/ecdsa/ecdsa_noasm.go src/crypto/ecdsa/ecdsa_s390x.go src/crypto/ecdsa/ecdsa_s390x_test.go src/crypto/ecdsa/ecdsa_test.go src/crypto/ecdsa/equal_test.go src/crypto/ecdsa/example_test.go src/crypto/ecdsa/notboring.go src/crypto/ed25519/ed25519.go src/crypto/ed25519/ed25519_test.go src/crypto/ed25519/ed25519vectors_test.go src/crypto/elliptic/elliptic.go src/crypto/elliptic/elliptic_test.go src/crypto/elliptic/nistec.go src/crypto/elliptic/nistec_p256.go src/crypto/elliptic/p224_test.go src/crypto/elliptic/p256_test.go src/crypto/elliptic/params.go src/crypto/hmac/hmac.go src/crypto/hmac/hmac_test.go src/crypto/md5/example_test.go src/crypto/md5/gen.go src/crypto/md5/md5.go src/crypto/md5/md5_test.go src/crypto/md5/md5block.go src/crypto/md5/md5block_decl.go src/crypto/md5/md5block_generic.go src/crypto/rand/example_test.go src/crypto/rand/rand.go src/crypto/rand/rand_batched_test.go src/crypto/rand/rand_getentropy.go src/crypto/rand/rand_getrandom.go src/crypto/rand/rand_js.go src/crypto/rand/rand_plan9.go src/crypto/rand/rand_test.go src/crypto/rand/rand_unix.go src/crypto/rand/rand_wasip1.go src/crypto/rand/rand_windows.go src/crypto/rand/util.go src/crypto/rand/util_test.go src/crypto/rc4/rc4.go src/crypto/rc4/rc4_test.go src/crypto/rsa/boring.go src/crypto/rsa/boring_test.go src/crypto/rsa/equal_test.go src/crypto/rsa/example_test.go src/crypto/rsa/notboring.go src/crypto/rsa/pkcs1v15.go src/crypto/rsa/pkcs1v15_test.go src/crypto/rsa/pss.go src/crypto/rsa/pss_test.go src/crypto/rsa/rsa.go src/crypto/rsa/rsa_export_test.go src/crypto/rsa/rsa_test.go src/crypto/sha1/example_test.go src/crypto/sha1/fallback_test.go src/crypto/sha1/issue15617_test.go src/crypto/sha1/sha1.go src/crypto/sha1/sha1_test.go src/crypto/sha1/sha1block.go src/crypto/sha1/sha1block_amd64.go src/crypto/sha1/sha1block_arm64.go src/crypto/sha1/sha1block_decl.go src/crypto/sha1/sha1block_generic.go src/crypto/sha1/sha1block_s390x.go src/crypto/sha256/example_test.go src/crypto/sha256/fallback_test.go src/crypto/sha256/sha256.go src/crypto/sha256/sha256_test.go src/crypto/sha256/sha256block.go src/crypto/sha256/sha256block_amd64.go src/crypto/sha256/sha256block_arm64.go src/crypto/sha256/sha256block_decl.go src/crypto/sha256/sha256block_generic.go src/crypto/sha256/sha256block_s390x.go src/crypto/sha512/fallback_test.go src/crypto/sha512/sha512.go src/crypto/sha512/sha512_test.go src/crypto/sha512/sha512block.go src/crypto/sha512/sha512block_amd64.go src/crypto/sha512/sha512block_arm64.go src/crypto/sha512/sha512block_decl.go src/crypto/sha512/sha512block_generic.go src/crypto/sha512/sha512block_s390x.go src/crypto/subtle/constant_time.go src/crypto/subtle/constant_time_test.go src/crypto/subtle/xor.go src/crypto/subtle/xor_amd64.go src/crypto/subtle/xor_arm64.go src/crypto/subtle/xor_generic.go src/crypto/subtle/xor_ppc64x.go src/crypto/subtle/xor_test.go src/crypto/tls/alert.go src/crypto/tls/auth.go src/crypto/tls/auth_test.go src/crypto/tls/boring.go src/crypto/tls/boring_test.go src/crypto/tls/cache.go src/crypto/tls/cache_test.go src/crypto/tls/cipher_suites.go src/crypto/tls/common.go src/crypto/tls/common_string.go src/crypto/tls/conn.go src/crypto/tls/conn_test.go src/crypto/tls/example_test.go src/crypto/tls/generate_cert.go src/crypto/tls/handshake_client.go src/crypto/tls/handshake_client_test.go src/crypto/tls/handshake_client_tls13.go src/crypto/tls/handshake_messages.go src/crypto/tls/handshake_messages_test.go src/crypto/tls/handshake_server.go src/crypto/tls/handshake_server_test.go src/crypto/tls/handshake_server_tls13.go src/crypto/tls/handshake_test.go src/crypto/tls/handshake_unix_test.go src/crypto/tls/key_agreement.go src/crypto/tls/key_schedule.go src/crypto/tls/key_schedule_test.go src/crypto/tls/link_test.go src/crypto/tls/notboring.go src/crypto/tls/prf.go src/crypto/tls/prf_test.go src/crypto/tls/quic.go src/crypto/tls/quic_test.go src/crypto/tls/ticket.go src/crypto/tls/ticket_test.go src/crypto/tls/tls.go src/crypto/tls/tls_test.go src/crypto/x509/boring.go src/crypto/x509/boring_test.go src/crypto/x509/cert_pool.go src/crypto/x509/cert_pool_test.go src/crypto/x509/example_test.go src/crypto/x509/hybrid_pool_test.go src/crypto/x509/name_constraints_test.go src/crypto/x509/notboring.go src/crypto/x509/oid.go src/crypto/x509/oid_test.go src/crypto/x509/parser.go src/crypto/x509/parser_test.go src/crypto/x509/pem_decrypt.go src/crypto/x509/pem_decrypt_test.go src/crypto/x509/pkcs1.go src/crypto/x509/pkcs8.go src/crypto/x509/pkcs8_test.go src/crypto/x509/platform_test.go src/crypto/x509/root.go src/crypto/x509/root_aix.go src/crypto/x509/root_bsd.go src/crypto/x509/root_darwin.go src/crypto/x509/root_darwin_test.go src/crypto/x509/root_linux.go src/crypto/x509/root_plan9.go src/crypto/x509/root_solaris.go src/crypto/x509/root_test.go src/crypto/x509/root_unix.go src/crypto/x509/root_unix_test.go src/crypto/x509/root_wasm.go src/crypto/x509/root_windows.go src/crypto/x509/root_windows_test.go src/crypto/x509/sec1.go src/crypto/x509/sec1_test.go src/crypto/x509/verify.go src/crypto/x509/verify_test.go src/crypto/x509/x509.go src/crypto/x509/x509_test.go src/crypto/x509/x509_test_import.go
+ sed -i -e 's/boringcrypto/!no_openssl/g' src/crypto/internal/boring/fipstls/stub.s src/crypto/internal/boring/fipstls/tls.go
+ sed -i -e 's/boringcrypto/!no_openssl/g' src/cmd/api/api_test.go src/cmd/api/boring_test.go src/cmd/api/main_test.go
+ sed -i -e 's/\!no_openssl/boringcrypto/g' src/crypto/boring/boring.go
+ rm -rf src/crypto/internal/boring/aes.go src/crypto/internal/boring/boring.go src/crypto/internal/boring/boring_test.go src/crypto/internal/boring/doc.go src/crypto/internal/boring/ecdh.go src/crypto/internal/boring/ecdsa.go src/crypto/internal/boring/hmac.go src/crypto/internal/boring/notboring.go src/crypto/internal/boring/rand.go src/crypto/internal/boring/rsa.go src/crypto/internal/boring/sha.go
+ rm src/crypto/boring/notboring_test.go
+ rm src/crypto/boring/boring_test.go
+ echo '// Copyright 2017 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.

// Package boring provides access to BoringCrypto implementation functions.
// Check the constant Enabled to find out whether BoringCrypto is available.
// If BoringCrypto is not available, the functions in this package all panic.
package boring

import "github.com/golang-fips/openssl/v2"

// A BigInt is the raw words from a BigInt.
// This definition allows us to avoid importing math/big.
// Conversion between BigInt and *big.Int is in crypto/internal/boring/bbig.
type BigInt = openssl.BigInt
'
+ cd src
+++ dirname /golang-fips/scripts/create-secondary-patch.sh
++ readlink -f /golang-fips/scripts
+ SCRIPT_DIR=/golang-fips/scripts
+++ dirname /golang-fips/scripts/create-secondary-patch.sh
++ readlink -f /golang-fips/scripts/../config
+ CONFIG_DIR=/golang-fips/config
++ ../bin/go run /golang-fips/scripts/versions.go /golang-fips/config/versions.json github.com/golang-fips/openssl
+ OPENSSL_FIPS_REF=85d31d0d257ce842c8a1e63c4d230ae850348136
+ ../bin/go get github.com/golang-fips/openssl/v2@85d31d0d257ce842c8a1e63c4d230ae850348136
go: downloading github.com/golang-fips/openssl/v2 v2.0.1
go: added github.com/golang-fips/openssl/v2 v2.0.1
+ replace=
+ '[' -n '' ']'
+ ../bin/go mod tidy
go: downloading golang.org/x/net v0.19.0
go: downloading golang.org/x/crypto v0.16.1-0.20231129163542-152cdb1503eb
go: downloading golang.org/x/sys v0.15.0
go: downloading golang.org/x/text v0.14.0
+ ../bin/go mod vendor
+ git add .
+ git diff --cached --binary
+ git reset --hard a10e42f219abb9c5bc4e7d86d9464700a42c7d57
HEAD is now at a10e42f219 [release-branch.go1.22] go1.22.0
+ cleanup
+ '[' 0 '!=' 0 ']'
+ pushd /golang-fips/scripts/../go
/golang-fips/go /golang-fips
++ ls ../patches
+ for patch in $(ls ../patches)
+ git apply -v ../patches/000-initial-setup.patch
Checking patch src/cmd/go/testdata/script/gopath_std_vendor.txt...
Checking patch src/crypto/ecdh/ecdh_test.go...
Checking patch src/crypto/ecdsa/ecdsa_test.go...
Checking patch src/crypto/ecdsa/equal_test.go...
Checking patch src/crypto/ed25519/ed25519_test.go...
Checking patch src/crypto/ed25519/ed25519vectors_test.go...
Checking patch src/crypto/internal/backend/boringtest/config.go...
Checking patch src/crypto/internal/backend/dummy.s...
Checking patch src/crypto/internal/backend/nobackend.go...
Checking patch src/crypto/internal/backend/openssl.go...
Checking patch src/crypto/internal/backend/bbig/big.go...
Checking patch src/crypto/rsa/pkcs1v15_test.go...
Checking patch src/crypto/rsa/pss_test.go...
Checking patch src/crypto/rsa/rsa.go...
Hunk #1 succeeded at 534 (offset 25 lines).
Hunk #2 succeeded at 724 (offset 44 lines).
Checking patch src/crypto/rsa/rsa_test.go...
Hunk #6 succeeded at 677 (offset 10 lines).
Hunk #7 succeeded at 704 (offset 10 lines).
Hunk #8 succeeded at 751 (offset 10 lines).
Hunk #9 succeeded at 770 (offset 10 lines).
Checking patch src/crypto/tls/boring.go...
Checking patch src/crypto/tls/boring_test.go...
Hunk #4 succeeded at 234 (offset -2 lines).
Hunk #5 succeeded at 330 (offset -2 lines).
Hunk #6 succeeded at 367 (offset -2 lines).
Hunk #7 succeeded at 398 (offset -2 lines).
Hunk #8 succeeded at 430 (offset -2 lines).
Hunk #9 succeeded at 452 (offset -2 lines).
Hunk #10 succeeded at 460 (offset -2 lines).
Hunk #11 succeeded at 484 (offset -2 lines).
Hunk #12 succeeded at 510 (offset -2 lines).
Hunk #13 succeeded at 537 (offset -2 lines).
Hunk #14 succeeded at 559 (offset -2 lines).
Hunk #15 succeeded at 596 (offset -2 lines).
Checking patch src/crypto/tls/cipher_suites.go...
Hunk #1 succeeded at 378 (offset 24 lines).
Checking patch src/crypto/tls/common.go...
Hunk #2 succeeded at 1041 (offset 46 lines).
Checking patch src/crypto/tls/handshake_client_test.go...
Hunk #1 succeeded at 2198 (offset 42 lines).
Checking patch src/crypto/tls/key_schedule.go...
Hunk #2 succeeded at 60 (offset 1 line).
Hunk #3 succeeded at 91 (offset 1 line).
Checking patch src/crypto/x509/boring_test.go...
Checking patch src/crypto/x509/x509_test.go...
Hunk #2 succeeded at 129 (offset 2 lines).
Hunk #3 succeeded at 236 (offset 2 lines).
Hunk #4 succeeded at 655 (offset 2 lines).
Hunk #5 succeeded at 3716 (offset 78 lines).
Checking patch src/go/build/deps_test.go...
Hunk #1 succeeded at 436 (offset 40 lines).
Hunk #2 succeeded at 469 (offset 40 lines).
Hunk #3 succeeded at 717 (offset 84 lines).
Hunk #4 succeeded at 760 (offset 84 lines).
Hunk #5 succeeded at 770 (offset 84 lines).
Checking patch src/runtime/pprof/proto_test.go...
Hunk #3 succeeded at 145 (offset -5 lines).
Checking patch src/runtime/runtime_boring.go...
Applied patch src/cmd/go/testdata/script/gopath_std_vendor.txt cleanly.
Applied patch src/crypto/ecdh/ecdh_test.go cleanly.
Applied patch src/crypto/ecdsa/ecdsa_test.go cleanly.
Applied patch src/crypto/ecdsa/equal_test.go cleanly.
Applied patch src/crypto/ed25519/ed25519_test.go cleanly.
Applied patch src/crypto/ed25519/ed25519vectors_test.go cleanly.
Applied patch src/crypto/internal/backend/boringtest/config.go cleanly.
Applied patch src/crypto/internal/backend/dummy.s cleanly.
Applied patch src/crypto/internal/backend/nobackend.go cleanly.
Applied patch src/crypto/internal/backend/openssl.go cleanly.
Applied patch src/crypto/internal/backend/bbig/big.go cleanly.
Applied patch src/crypto/rsa/pkcs1v15_test.go cleanly.
Applied patch src/crypto/rsa/pss_test.go cleanly.
Applied patch src/crypto/rsa/rsa.go cleanly.
Applied patch src/crypto/rsa/rsa_test.go cleanly.
Applied patch src/crypto/tls/boring.go cleanly.
Applied patch src/crypto/tls/boring_test.go cleanly.
Applied patch src/crypto/tls/cipher_suites.go cleanly.
Applied patch src/crypto/tls/common.go cleanly.
Applied patch src/crypto/tls/handshake_client_test.go cleanly.
Applied patch src/crypto/tls/key_schedule.go cleanly.
Applied patch src/crypto/x509/boring_test.go cleanly.
Applied patch src/crypto/x509/x509_test.go cleanly.
Applied patch src/go/build/deps_test.go cleanly.
Applied patch src/runtime/pprof/proto_test.go cleanly.
Applied patch src/runtime/runtime_boring.go cleanly.
+ git add -A
+ git commit -am 000-initial-setup.patch
[detached HEAD 7c831585b3] 000-initial-setup.patch
 25 files changed, 739 insertions(+), 69 deletions(-)
 create mode 100644 src/crypto/internal/backend/bbig/big.go
 create mode 100644 src/crypto/internal/backend/boringtest/config.go
 create mode 100644 src/crypto/internal/backend/dummy.s
 create mode 100644 src/crypto/internal/backend/nobackend.go
 create mode 100644 src/crypto/internal/backend/openssl.go
+ for patch in $(ls ../patches)
+ git apply -v ../patches/001-initial-openssl-for-fips.patch
../patches/001-initial-openssl-for-fips.patch:6102: trailing whitespace.
    EVP_default_properties_is_fips_enabled = (int (*)(void*))dlsym(handle, "EVP_default_properties_is_fips_enabled"); 
../patches/001-initial-openssl-for-fips.patch:6103: trailing whitespace.
    OSSL_PROVIDER_available = (int (*)(void*, const char*))dlsym(handle, "OSSL_PROVIDER_available"); 
../patches/001-initial-openssl-for-fips.patch:6202: trailing whitespace.
} 
../patches/001-initial-openssl-for-fips.patch:6244: trailing whitespace.
    
../patches/001-initial-openssl-for-fips.patch:8406: trailing whitespace.
    void *engine;             
Checking patch src/cmd/api/boring_test.go...
Checking patch src/crypto/aes/cipher.go...
Checking patch src/crypto/aes/cipher_asm.go...
Checking patch src/crypto/boring/boring.go...
Checking patch src/crypto/boring/boring_test.go...
Checking patch src/crypto/boring/notboring_test.go...
Checking patch src/crypto/ecdh/ecdh.go...
Checking patch src/crypto/ecdh/ecdh_test.go...
Checking patch src/crypto/ecdh/nist.go...
Checking patch src/crypto/ecdsa/boring.go...
Checking patch src/crypto/ecdsa/ecdsa.go...
Checking patch src/crypto/ecdsa/ecdsa_test.go...
Checking patch src/crypto/ecdsa/equal_test.go...
Checking patch src/crypto/ecdsa/notboring.go...
Checking patch src/crypto/ed25519/ed25519_test.go...
Checking patch src/crypto/hmac/hmac.go...
Checking patch src/crypto/hmac/hmac_test.go...
Checking patch src/crypto/internal/boring/aes.go...
Checking patch src/crypto/internal/boring/boring.go...
Checking patch src/crypto/internal/boring/boring_test.go...
Checking patch src/crypto/internal/boring/doc.go...
Checking patch src/crypto/internal/boring/ecdh.go...
Checking patch src/crypto/internal/boring/ecdsa.go...
Checking patch src/crypto/internal/boring/fipstls/stub.s...
Checking patch src/crypto/internal/boring/fipstls/tls.go...
Checking patch src/crypto/internal/boring/hmac.go...
Checking patch src/crypto/internal/boring/notboring.go...
Checking patch src/crypto/internal/boring/rand.go...
Checking patch src/crypto/internal/boring/rsa.go...
Checking patch src/crypto/internal/boring/sha.go...
Checking patch src/crypto/rand/rand_unix.go...
Checking patch src/crypto/rsa/boring.go...
Checking patch src/crypto/rsa/boring_test.go...
Checking patch src/crypto/rsa/notboring.go...
Checking patch src/crypto/rsa/pkcs1v15.go...
Checking patch src/crypto/rsa/pkcs1v15_test.go...
Checking patch src/crypto/rsa/pss.go...
Checking patch src/crypto/rsa/pss_test.go...
Checking patch src/crypto/rsa/rsa.go...
Checking patch src/crypto/rsa/rsa_test.go...
Checking patch src/crypto/sha1/sha1.go...
Checking patch src/crypto/sha1/sha1_test.go...
Checking patch src/crypto/sha256/sha256.go...
Checking patch src/crypto/sha256/sha256_test.go...
Checking patch src/crypto/sha512/sha512.go...
Checking patch src/crypto/sha512/sha512_test.go...
Checking patch src/crypto/tls/boring.go...
Checking patch src/crypto/tls/boring_test.go...
Checking patch src/crypto/tls/cipher_suites.go...
Checking patch src/crypto/tls/common.go...
Checking patch src/crypto/tls/key_schedule.go...
Checking patch src/crypto/tls/notboring.go...
Checking patch src/crypto/x509/boring.go...
Checking patch src/crypto/x509/boring_test.go...
Checking patch src/crypto/x509/notboring.go...
Checking patch src/crypto/x509/x509_test.go...
Checking patch src/go.mod...
Checking patch src/go.sum...
Checking patch src/vendor/github.com/golang-fips/openssl/v2/.gitleaks.toml...
Checking patch src/vendor/github.com/golang-fips/openssl/v2/LICENSE...
Checking patch src/vendor/github.com/golang-fips/openssl/v2/README.md...
Checking patch src/vendor/github.com/golang-fips/openssl/v2/aes.go...
Checking patch src/vendor/github.com/golang-fips/openssl/v2/bbig/big.go...
Checking patch src/vendor/github.com/golang-fips/openssl/v2/big.go...
Checking patch src/vendor/github.com/golang-fips/openssl/v2/cipher.go...
Checking patch src/vendor/github.com/golang-fips/openssl/v2/des.go...
Checking patch src/vendor/github.com/golang-fips/openssl/v2/ec.go...
Checking patch src/vendor/github.com/golang-fips/openssl/v2/ecdh.go...
Checking patch src/vendor/github.com/golang-fips/openssl/v2/ecdsa.go...
Checking patch src/vendor/github.com/golang-fips/openssl/v2/ed25519.go...
Checking patch src/vendor/github.com/golang-fips/openssl/v2/evp.go...
Checking patch src/vendor/github.com/golang-fips/openssl/v2/goopenssl.c...
Checking patch src/vendor/github.com/golang-fips/openssl/v2/goopenssl.h...
Checking patch src/vendor/github.com/golang-fips/openssl/v2/hash.go...
Checking patch src/vendor/github.com/golang-fips/openssl/v2/hkdf.go...
Checking patch src/vendor/github.com/golang-fips/openssl/v2/hmac.go...
Checking patch src/vendor/github.com/golang-fips/openssl/v2/init.go...
Checking patch src/vendor/github.com/golang-fips/openssl/v2/init_unix.go...
Checking patch src/vendor/github.com/golang-fips/openssl/v2/init_windows.go...
Checking patch src/vendor/github.com/golang-fips/openssl/v2/openssl.go...
Checking patch src/vendor/github.com/golang-fips/openssl/v2/pbkdf2.go...
Checking patch src/vendor/github.com/golang-fips/openssl/v2/port_evp_md5_sha1.c...
Checking patch src/vendor/github.com/golang-fips/openssl/v2/rand.go...
Checking patch src/vendor/github.com/golang-fips/openssl/v2/rc4.go...
Checking patch src/vendor/github.com/golang-fips/openssl/v2/rsa.go...
Checking patch src/vendor/github.com/golang-fips/openssl/v2/shims.h...
Checking patch src/vendor/github.com/golang-fips/openssl/v2/thread_setup.go...
Checking patch src/vendor/github.com/golang-fips/openssl/v2/thread_setup.h...
Checking patch src/vendor/github.com/golang-fips/openssl/v2/thread_setup_unix.c...
Checking patch src/vendor/github.com/golang-fips/openssl/v2/thread_setup_windows.c...
Checking patch src/vendor/github.com/golang-fips/openssl/v2/tls1prf.go...
Checking patch src/vendor/modules.txt...
Applied patch src/cmd/api/boring_test.go cleanly.
Applied patch src/crypto/aes/cipher.go cleanly.
Applied patch src/crypto/aes/cipher_asm.go cleanly.
Applied patch src/crypto/boring/boring.go cleanly.
Applied patch src/crypto/boring/boring_test.go cleanly.
Applied patch src/crypto/boring/notboring_test.go cleanly.
Applied patch src/crypto/ecdh/ecdh.go cleanly.
Applied patch src/crypto/ecdh/ecdh_test.go cleanly.
Applied patch src/crypto/ecdh/nist.go cleanly.
Applied patch src/crypto/ecdsa/boring.go cleanly.
Applied patch src/crypto/ecdsa/ecdsa.go cleanly.
Applied patch src/crypto/ecdsa/ecdsa_test.go cleanly.
Applied patch src/crypto/ecdsa/equal_test.go cleanly.
Applied patch src/crypto/ecdsa/notboring.go cleanly.
Applied patch src/crypto/ed25519/ed25519_test.go cleanly.
Applied patch src/crypto/hmac/hmac.go cleanly.
Applied patch src/crypto/hmac/hmac_test.go cleanly.
Applied patch src/crypto/internal/boring/aes.go cleanly.
Applied patch src/crypto/internal/boring/boring.go cleanly.
Applied patch src/crypto/internal/boring/boring_test.go cleanly.
Applied patch src/crypto/internal/boring/doc.go cleanly.
Applied patch src/crypto/internal/boring/ecdh.go cleanly.
Applied patch src/crypto/internal/boring/ecdsa.go cleanly.
Applied patch src/crypto/internal/boring/fipstls/stub.s cleanly.
Applied patch src/crypto/internal/boring/fipstls/tls.go cleanly.
Applied patch src/crypto/internal/boring/hmac.go cleanly.
Applied patch src/crypto/internal/boring/notboring.go cleanly.
Applied patch src/crypto/internal/boring/rand.go cleanly.
Applied patch src/crypto/internal/boring/rsa.go cleanly.
Applied patch src/crypto/internal/boring/sha.go cleanly.
Applied patch src/crypto/rand/rand_unix.go cleanly.
Applied patch src/crypto/rsa/boring.go cleanly.
Applied patch src/crypto/rsa/boring_test.go cleanly.
Applied patch src/crypto/rsa/notboring.go cleanly.
Applied patch src/crypto/rsa/pkcs1v15.go cleanly.
Applied patch src/crypto/rsa/pkcs1v15_test.go cleanly.
Applied patch src/crypto/rsa/pss.go cleanly.
Applied patch src/crypto/rsa/pss_test.go cleanly.
Applied patch src/crypto/rsa/rsa.go cleanly.
Applied patch src/crypto/rsa/rsa_test.go cleanly.
Applied patch src/crypto/sha1/sha1.go cleanly.
Applied patch src/crypto/sha1/sha1_test.go cleanly.
Applied patch src/crypto/sha256/sha256.go cleanly.
Applied patch src/crypto/sha256/sha256_test.go cleanly.
Applied patch src/crypto/sha512/sha512.go cleanly.
Applied patch src/crypto/sha512/sha512_test.go cleanly.
Applied patch src/crypto/tls/boring.go cleanly.
Applied patch src/crypto/tls/boring_test.go cleanly.
Applied patch src/crypto/tls/cipher_suites.go cleanly.
Applied patch src/crypto/tls/common.go cleanly.
Applied patch src/crypto/tls/key_schedule.go cleanly.
Applied patch src/crypto/tls/notboring.go cleanly.
Applied patch src/crypto/x509/boring.go cleanly.
Applied patch src/crypto/x509/boring_test.go cleanly.
Applied patch src/crypto/x509/notboring.go cleanly.
Applied patch src/crypto/x509/x509_test.go cleanly.
Applied patch src/go.mod cleanly.
Applied patch src/go.sum cleanly.
Applied patch src/vendor/github.com/golang-fips/openssl/v2/.gitleaks.toml cleanly.
Applied patch src/vendor/github.com/golang-fips/openssl/v2/LICENSE cleanly.
Applied patch src/vendor/github.com/golang-fips/openssl/v2/README.md cleanly.
Applied patch src/vendor/github.com/golang-fips/openssl/v2/aes.go cleanly.
Applied patch src/vendor/github.com/golang-fips/openssl/v2/bbig/big.go cleanly.
Applied patch src/vendor/github.com/golang-fips/openssl/v2/big.go cleanly.
Applied patch src/vendor/github.com/golang-fips/openssl/v2/cipher.go cleanly.
Applied patch src/vendor/github.com/golang-fips/openssl/v2/des.go cleanly.
Applied patch src/vendor/github.com/golang-fips/openssl/v2/ec.go cleanly.
Applied patch src/vendor/github.com/golang-fips/openssl/v2/ecdh.go cleanly.
Applied patch src/vendor/github.com/golang-fips/openssl/v2/ecdsa.go cleanly.
Applied patch src/vendor/github.com/golang-fips/openssl/v2/ed25519.go cleanly.
Applied patch src/vendor/github.com/golang-fips/openssl/v2/evp.go cleanly.
Applied patch src/vendor/github.com/golang-fips/openssl/v2/goopenssl.c cleanly.
Applied patch src/vendor/github.com/golang-fips/openssl/v2/goopenssl.h cleanly.
Applied patch src/vendor/github.com/golang-fips/openssl/v2/hash.go cleanly.
Applied patch src/vendor/github.com/golang-fips/openssl/v2/hkdf.go cleanly.
Applied patch src/vendor/github.com/golang-fips/openssl/v2/hmac.go cleanly.
Applied patch src/vendor/github.com/golang-fips/openssl/v2/init.go cleanly.
Applied patch src/vendor/github.com/golang-fips/openssl/v2/init_unix.go cleanly.
Applied patch src/vendor/github.com/golang-fips/openssl/v2/init_windows.go cleanly.
Applied patch src/vendor/github.com/golang-fips/openssl/v2/openssl.go cleanly.
Applied patch src/vendor/github.com/golang-fips/openssl/v2/pbkdf2.go cleanly.
Applied patch src/vendor/github.com/golang-fips/openssl/v2/port_evp_md5_sha1.c cleanly.
Applied patch src/vendor/github.com/golang-fips/openssl/v2/rand.go cleanly.
Applied patch src/vendor/github.com/golang-fips/openssl/v2/rc4.go cleanly.
Applied patch src/vendor/github.com/golang-fips/openssl/v2/rsa.go cleanly.
Applied patch src/vendor/github.com/golang-fips/openssl/v2/shims.h cleanly.
Applied patch src/vendor/github.com/golang-fips/openssl/v2/thread_setup.go cleanly.
Applied patch src/vendor/github.com/golang-fips/openssl/v2/thread_setup.h cleanly.
Applied patch src/vendor/github.com/golang-fips/openssl/v2/thread_setup_unix.c cleanly.
Applied patch src/vendor/github.com/golang-fips/openssl/v2/thread_setup_windows.c cleanly.
Applied patch src/vendor/github.com/golang-fips/openssl/v2/tls1prf.go cleanly.
Applied patch src/vendor/modules.txt cleanly.
warning: squelched 3 whitespace errors
warning: 8 lines add whitespace errors.
+ git add -A
+ git commit -am 001-initial-openssl-for-fips.patch
[detached HEAD f410730518] 001-initial-openssl-for-fips.patch
 92 files changed, 5903 insertions(+), 2405 deletions(-)
 delete mode 100644 src/crypto/boring/boring_test.go
 delete mode 100644 src/crypto/boring/notboring_test.go
 delete mode 100644 src/crypto/internal/boring/aes.go
 delete mode 100644 src/crypto/internal/boring/boring.go
 delete mode 100644 src/crypto/internal/boring/boring_test.go
 delete mode 100644 src/crypto/internal/boring/ecdh.go
 delete mode 100644 src/crypto/internal/boring/ecdsa.go
 delete mode 100644 src/crypto/internal/boring/hmac.go
 delete mode 100644 src/crypto/internal/boring/notboring.go
 delete mode 100644 src/crypto/internal/boring/rand.go
 delete mode 100644 src/crypto/internal/boring/rsa.go
 delete mode 100644 src/crypto/internal/boring/sha.go
 create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/.gitleaks.toml
 create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/LICENSE
 create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/README.md
 create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/aes.go
 create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/bbig/big.go
 create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/big.go
 create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/cipher.go
 create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/des.go
 create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/ec.go
 create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/ecdh.go
 create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/ecdsa.go
 create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/ed25519.go
 create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/evp.go
 create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/goopenssl.c
 create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/goopenssl.h
 create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/hash.go
 create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/hkdf.go
 create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/hmac.go
 create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/init.go
 create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/init_unix.go
 create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/init_windows.go
 create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/openssl.go
 create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/pbkdf2.go
 create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/port_evp_md5_sha1.c
 create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/rand.go
 create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/rc4.go
 create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/rsa.go
 create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/shims.h
 create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/thread_setup.go
 create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/thread_setup.h
 create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/thread_setup_unix.c
 create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/thread_setup_windows.c
 create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/tls1prf.go
+ for patch in $(ls ../patches)
+ git apply -v ../patches/002-strict-fips-runtime-detection.patch
Checking patch src/crypto/internal/backend/hostfips.go...
Checking patch src/crypto/internal/backend/nobackend.go...
Checking patch src/crypto/internal/backend/not_strict_fips.go...
Checking patch src/crypto/internal/backend/openssl.go...
Checking patch src/crypto/internal/backend/strict_fips.go...
Checking patch src/internal/goexperiment/exp_strictfipsruntime_off.go...
Checking patch src/internal/goexperiment/exp_strictfipsruntime_on.go...
Checking patch src/internal/goexperiment/flags.go...
Hunk #1 succeeded at 127 (offset 27 lines).
Applied patch src/crypto/internal/backend/hostfips.go cleanly.
Applied patch src/crypto/internal/backend/nobackend.go cleanly.
Applied patch src/crypto/internal/backend/not_strict_fips.go cleanly.
Applied patch src/crypto/internal/backend/openssl.go cleanly.
Applied patch src/crypto/internal/backend/strict_fips.go cleanly.
Applied patch src/internal/goexperiment/exp_strictfipsruntime_off.go cleanly.
Applied patch src/internal/goexperiment/exp_strictfipsruntime_on.go cleanly.
Applied patch src/internal/goexperiment/flags.go cleanly.
+ git add -A
+ git commit -am 002-strict-fips-runtime-detection.patch
[detached HEAD ae9699cdfb] 002-strict-fips-runtime-detection.patch
 8 files changed, 88 insertions(+), 8 deletions(-)
 create mode 100644 src/crypto/internal/backend/hostfips.go
 create mode 100644 src/crypto/internal/backend/not_strict_fips.go
 create mode 100644 src/crypto/internal/backend/strict_fips.go
 create mode 100644 src/internal/goexperiment/exp_strictfipsruntime_off.go
 create mode 100644 src/internal/goexperiment/exp_strictfipsruntime_on.go
+ for patch in $(ls ../patches)
+ git apply -v ../patches/003-init-openssl-v2-backend.patch
Checking patch src/crypto/internal/backend/openssl.go...
Checking patch src/crypto/internal/backend/nobackend.go...
Applied patch src/crypto/internal/backend/openssl.go cleanly.
Applied patch src/crypto/internal/backend/nobackend.go cleanly.
+ git add -A
+ git commit -am 003-init-openssl-v2-backend.patch
[detached HEAD b2ba9d9971] 003-init-openssl-v2-backend.patch
 2 files changed, 55 insertions(+), 5 deletions(-)
+ for patch in $(ls ../patches)
+ git apply -v ../patches/004-fixes.patch
Checking patch api/go1.16.txt...
Checking patch src/crypto/rsa/boring_test.go...
Checking patch src/crypto/rsa/equal_test.go...
Checking patch src/crypto/rsa/pss_test.go...
Checking patch src/crypto/rsa/rsa.go...
Hunk #1 succeeded at 276 (offset 12 lines).
Hunk #2 succeeded at 297 (offset 12 lines).
Hunk #3 succeeded at 369 (offset 26 lines).
Checking patch src/crypto/rsa/rsa_test.go...
Checking patch src/crypto/tls/boring_test.go...
Hunk #1 succeeded at 327 (offset -2 lines).
Hunk #2 succeeded at 351 (offset -2 lines).
Hunk #3 succeeded at 513 (offset -2 lines).
Checking patch src/crypto/x509/boring_test.go...
Checking patch src/crypto/x509/x509_test.go...
Hunk #1 succeeded at 3004 (offset 77 lines).
Hunk #2 succeeded at 3167 (offset 77 lines).
Applied patch api/go1.16.txt cleanly.
Applied patch src/crypto/rsa/boring_test.go cleanly.
Applied patch src/crypto/rsa/equal_test.go cleanly.
Applied patch src/crypto/rsa/pss_test.go cleanly.
Applied patch src/crypto/rsa/rsa.go cleanly.
Applied patch src/crypto/rsa/rsa_test.go cleanly.
Applied patch src/crypto/tls/boring_test.go cleanly.
Applied patch src/crypto/x509/boring_test.go cleanly.
Applied patch src/crypto/x509/x509_test.go cleanly.
+ git add -A
+ git commit -am 004-fixes.patch
[detached HEAD 6b9b56a886] 004-fixes.patch
 9 files changed, 75 insertions(+), 13 deletions(-)
+ for patch in $(ls ../patches)
+ git apply -v ../patches/005-fixes-2.patch
Checking patch src/crypto/internal/backend/nobackend.go...
Checking patch src/crypto/internal/backend/not_strict_fips.go...
Checking patch src/crypto/internal/backend/openssl.go...
Checking patch src/crypto/internal/backend/strict_fips.go...
Applied patch src/crypto/internal/backend/nobackend.go cleanly.
Applied patch src/crypto/internal/backend/not_strict_fips.go cleanly.
Applied patch src/crypto/internal/backend/openssl.go cleanly.
Applied patch src/crypto/internal/backend/strict_fips.go cleanly.
+ git add -A
+ git commit -am 005-fixes-2.patch
[detached HEAD fc1a88ae03] 005-fixes-2.patch
 4 files changed, 15 insertions(+), 3 deletions(-)
+ for patch in $(ls ../patches)
+ git apply -v ../patches/006-fixes-3.patch
Checking patch src/crypto/internal/backend/openssl.go...
Checking patch src/crypto/tls/boring_test.go...
Hunk #2 succeeded at 215 (offset -2 lines).
Hunk #3 succeeded at 331 (offset -2 lines).
Checking patch src/crypto/x509/boring_test.go...
Applied patch src/crypto/internal/backend/openssl.go cleanly.
Applied patch src/crypto/tls/boring_test.go cleanly.
Applied patch src/crypto/x509/boring_test.go cleanly.
+ git add -A
+ git commit -am 006-fixes-3.patch
[detached HEAD ea73447e46] 006-fixes-3.patch
 3 files changed, 14 insertions(+), 7 deletions(-)
+ for patch in $(ls ../patches)
+ git apply -v ../patches/007-fixes-4.patch
Checking patch src/crypto/internal/backend/openssl.go...
Applied patch src/crypto/internal/backend/openssl.go cleanly.
+ git add -A
+ git commit -am 007-fixes-4.patch
[detached HEAD bba71fe32a] 007-fixes-4.patch
 1 file changed, 3 insertions(+)
+ for patch in $(ls ../patches)
+ git apply -v ../patches/008-fixes-5.patch
Checking patch src/crypto/rsa/pkcs1v15_test.go...
Applied patch src/crypto/rsa/pkcs1v15_test.go cleanly.
+ git add -A
+ git commit -am 008-fixes-5.patch
[detached HEAD c9c7efe806] 008-fixes-5.patch
 1 file changed, 5 insertions(+), 6 deletions(-)
+ for patch in $(ls ../patches)
+ git apply -v ../patches/009-fixes-6.patch
Checking patch src/crypto/x509/x509_test.go...
Hunk #1 succeeded at 3640 (offset 3 lines).
Checking patch src/crypto/x509/x509_test_import.go...
Applied patch src/crypto/x509/x509_test.go cleanly.
Applied patch src/crypto/x509/x509_test_import.go cleanly.
+ git add -A
+ git commit -am 009-fixes-6.patch
[detached HEAD cb0611dd7e] 009-fixes-6.patch
 2 files changed, 35 insertions(+), 8 deletions(-)
+ for patch in $(ls ../patches)
+ git apply -v ../patches/010-fixes-7.patch
Checking patch src/crypto/x509/verify_test.go...
Hunk #2 succeeded at 40 (offset 2 lines).
Hunk #3 succeeded at 148 (offset 2 lines).
Hunk #4 succeeded at 161 (offset 2 lines).
Hunk #5 succeeded at 174 (offset 2 lines).
Hunk #6 succeeded at 236 (offset 2 lines).
Hunk #7 succeeded at 566 (offset 2 lines).
Applied patch src/crypto/x509/verify_test.go cleanly.
+ git add -A
+ git commit -am 010-fixes-7.patch
[detached HEAD 76b0f77624] 010-fixes-7.patch
 1 file changed, 10 insertions(+)
+ for patch in $(ls ../patches)
+ git apply -v ../patches/011-122-fixes.patch
Checking patch src/crypto/tls/boring_test.go...
Hunk #2 succeeded at 353 (offset -1 lines).
Hunk #3 succeeded at 514 (offset -1 lines).
Hunk #4 succeeded at 526 (offset -1 lines).
Checking patch src/crypto/tls/handshake_client_tls13.go...
Checking patch src/crypto/tls/handshake_server_tls13.go...
Applied patch src/crypto/tls/boring_test.go cleanly.
Applied patch src/crypto/tls/handshake_client_tls13.go cleanly.
Applied patch src/crypto/tls/handshake_server_tls13.go cleanly.
+ git add -A
+ git commit -am 011-122-fixes.patch
[detached HEAD 46477f9758] 011-122-fixes.patch
 3 files changed, 5 insertions(+), 9 deletions(-)
+ for patch in $(ls ../patches)
+ git apply -v ../patches/012-fixes.patch
Checking patch src/crypto/rsa/pkcs1v15_test.go...
Applied patch src/crypto/rsa/pkcs1v15_test.go cleanly.
+ git add -A
+ git commit -am 012-fixes.patch
[detached HEAD 5028386060] 012-fixes.patch
 1 file changed, 3 insertions(+), 1 deletion(-)
+ for patch in $(ls ../patches)
+ git apply -v ../patches/013-fixes.patch
Checking patch src/crypto/tls/boring.go...
Checking patch src/crypto/tls/boring_test.go...
Checking patch src/crypto/tls/handshake_client.go...
Hunk #1 succeeded at 139 (offset -2 lines).
Checking patch src/crypto/tls/handshake_client_tls13.go...
Checking patch src/crypto/tls/handshake_server_tls13.go...
Hunk #1 succeeded at 159 (offset -2 lines).
Applied patch src/crypto/tls/boring.go cleanly.
Applied patch src/crypto/tls/boring_test.go cleanly.
Applied patch src/crypto/tls/handshake_client.go cleanly.
Applied patch src/crypto/tls/handshake_client_tls13.go cleanly.
Applied patch src/crypto/tls/handshake_server_tls13.go cleanly.
+ git add -A
+ git commit -am 013-fixes.patch
[detached HEAD 31b8489799] 013-fixes.patch
 5 files changed, 13 insertions(+), 4 deletions(-)
+ for patch in $(ls ../patches)
+ git apply -v ../patches/014-fix-RHEL-34924.patch
Checking patch src/crypto/tls/notboring.go...
Applied patch src/crypto/tls/notboring.go cleanly.
+ git add -A
+ git commit -am 014-fix-RHEL-34924.patch
[detached HEAD 4d8e5e4e71] 014-fix-RHEL-34924.patch
 1 file changed, 1 insertion(+)
+ popd
/golang-fips
Building Go cmd/dist using /usr/lib/golang. (go1.20.12 linux/amd64)
warning: --no-clean is deprecated and has no effect; use 'go install std cmd' instead
Building Go toolchain1 using /usr/lib/golang.
Building Go bootstrap cmd/go (go_bootstrap) using Go toolchain1.
Building Go toolchain2 using go_bootstrap and Go toolchain1.
Building Go toolchain3 using go_bootstrap and Go toolchain2.
Building packages and commands for linux/amd64.
---
Installed Go for linux/amd64 in /golang-fips/go
Installed commands in /golang-fips/go/bin

@sipasing
Copy link
Contributor Author

sipasing commented May 6, 2024
edited
Loading

@dbenoit17 @derekparker Let me know if you need any other information.

I think for some reason the openssl library is NOT getting linked to make.bash which is why we dont see the openssl patches in the final go binary (maybe some cgo issue). I just cant seem to pin point the issue. maybe its a config issue or a platform issue and NOT a golang-fips script issue. working on this for a couple of weeks now without making any progress , so thought maybe should ask for help.

@derekparker
Copy link
Contributor

derekparker commented May 10, 2024
edited
Loading

@sipasing this is due to the following upstream change: https://go-review.googlesource.com/c/go/+/454836.

This means that only cmd/go and the like are built without the OpenSSL backend, but programs built using the toolchain will contain the OpenSSL backend.

Regardless, this is something we should consider reverting within this repo. Note that we do end up reverting this change in our downstream RHEL builds.

@sipasing
Copy link
Contributor Author

sipasing commented May 12, 2024
edited
Loading

Note that we do end up reverting this change in our downstream RHEL builds.

oh interesting. When we tested with RHEL 8.9 and RHEL 8.10 beta from OpenELA , linkage issue was seen.

I tried reverting the patch and yes that in fact fixes the linkage problem. I poked inside the patch, and instead of reverting the entire patch, if instead i set the toolenv to CGO_ENABLED=1 in
https://go-review.googlesource.com/c/go/+/454836/12/src/cmd/dist/build.go in line 1300.

var toolenv = []string{"CGO_ENABLED=1"}

That also works. Although not an efficient solution, but just thought should share.

@sipasing sipasing mentioned this issue May 14, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix linkage issue in RH builds sipasing/golang-fips
3 participants
@derekparker @dbenoit17 @sipasing