From 4a3cef2036097d323b6cc0bbe90fc4d8c7588660 Mon Sep 17 00:00:00 2001 From: Russ Cox Date: Wed, 20 Nov 2024 09:03:35 -0500 Subject: [PATCH] all: rename crypto/internal/fips to crypto/internal/fips140 Sometimes we've used the 140 suffix (GOFIPS140, crypto/fips140) and sometimes not (crypto/internal/fips, cmd/go/internal/fips). Use it always, to avoid having to remember which is which. Also, there are other FIPS standards, like AES (FIPS 197), SHA-2 (FIPS 180), and so on, which have nothing to do with FIPS 140. Best to be clear. For #70123. Change-Id: I33b29dabd9e8b2703d2af25e428f88bc81c7c307 Reviewed-on: https://go-review.googlesource.com/c/go/+/630115 Reviewed-by: Filippo Valsorda LUCI-TryBot-Result: Go LUCI Auto-Submit: Russ Cox Reviewed-by: Roland Shoemaker --- lib/fips140/Makefile | 6 +- lib/fips140/README.md | 4 +- lib/fips140/fips140.sum | 2 +- .../compile/internal/ssa/stmtlines_test.go | 2 +- src/cmd/dist/test.go | 6 +- .../{fips/fips.go => fips140/fips140.go} | 47 +++++++------ .../internal/{fips => fips140}/fips_test.go | 2 +- .../go/internal/{fips => fips140}/mkzip.go | 12 ++-- src/cmd/go/internal/load/godebug.go | 4 +- src/cmd/go/internal/load/pkg.go | 22 +++---- src/cmd/go/internal/modload/init.go | 6 +- src/cmd/go/internal/modload/load.go | 4 +- src/cmd/go/internal/work/buildid.go | 6 +- src/cmd/go/internal/work/gc.go | 4 +- src/cmd/go/testdata/script/fipssnap.txt | 24 +++---- src/cmd/internal/obj/{fips.go => fips140.go} | 28 ++++---- .../link/internal/ld/{fips.go => fips140.go} | 8 +-- src/cmd/link/internal/loader/loader.go | 2 +- src/crypto/aes/aes.go | 2 +- src/crypto/cipher/cbc.go | 4 +- src/crypto/cipher/cfb.go | 2 +- src/crypto/cipher/ctr.go | 4 +- src/crypto/cipher/ctr_aes_test.go | 2 +- src/crypto/cipher/gcm.go | 10 +-- src/crypto/cipher/gcm_test.go | 10 +-- src/crypto/cipher/ofb.go | 2 +- src/crypto/des/cipher.go | 2 +- src/crypto/ecdh/nist.go | 2 +- src/crypto/ecdh/x25519.go | 2 +- src/crypto/ecdsa/ecdsa.go | 2 +- src/crypto/ed25519/ed25519.go | 2 +- src/crypto/elliptic/nistec.go | 2 +- src/crypto/elliptic/nistec_p256.go | 2 +- src/crypto/hmac/hmac.go | 2 +- src/crypto/internal/entropy/entropy.go | 2 +- .../internal/fips/check/checktest/asm.s | 6 -- .../aes/_asm/ctr/ctr_amd64_asm.go | 0 .../{fips => fips140}/aes/_asm/ctr/go.mod | 0 .../{fips => fips140}/aes/_asm/ctr/go.sum | 0 .../aes/_asm/standard/aes_amd64.go | 0 .../aes/_asm/standard/go.mod | 0 .../aes/_asm/standard/go.sum | 0 .../internal/{fips => fips140}/aes/aes.go | 8 +-- .../{fips => fips140}/aes/aes_amd64.s | 0 .../{fips => fips140}/aes/aes_arm64.s | 0 .../internal/{fips => fips140}/aes/aes_asm.go | 4 +- .../{fips => fips140}/aes/aes_generic.go | 2 +- .../{fips => fips140}/aes/aes_noasm.go | 0 .../{fips => fips140}/aes/aes_ppc64x.s | 0 .../{fips => fips140}/aes/aes_s390x.go | 2 +- .../{fips => fips140}/aes/aes_s390x.s | 0 .../{fips => fips140}/aes/aes_test.go | 0 .../internal/{fips => fips140}/aes/cast.go | 6 +- .../internal/{fips => fips140}/aes/cbc.go | 4 +- .../{fips => fips140}/aes/cbc_noasm.go | 0 .../{fips => fips140}/aes/cbc_ppc64x.go | 0 .../{fips => fips140}/aes/cbc_s390x.go | 0 .../internal/{fips => fips140}/aes/const.go | 0 .../internal/{fips => fips140}/aes/ctr.go | 6 +- .../{fips => fips140}/aes/ctr_amd64.s | 0 .../{fips => fips140}/aes/ctr_arm64.s | 0 .../{fips => fips140}/aes/ctr_arm64_gen.go | 0 .../internal/{fips => fips140}/aes/ctr_asm.go | 0 .../{fips => fips140}/aes/ctr_noasm.go | 0 .../{fips => fips140}/aes/ctr_s390x.go | 4 +- .../aes/gcm/_asm/gcm/gcm_amd64_asm.go | 0 .../{fips => fips140}/aes/gcm/_asm/gcm/go.mod | 0 .../{fips => fips140}/aes/gcm/_asm/gcm/go.sum | 0 .../{fips => fips140}/aes/gcm/cast.go | 10 +-- .../{fips => fips140}/aes/gcm/cmac.go | 8 +-- .../{fips => fips140}/aes/gcm/ctrkdf.go | 6 +- .../internal/{fips => fips140}/aes/gcm/gcm.go | 10 +-- .../{fips => fips140}/aes/gcm/gcm_amd64.s | 0 .../{fips => fips140}/aes/gcm/gcm_arm64.s | 0 .../{fips => fips140}/aes/gcm/gcm_asm.go | 6 +- .../{fips => fips140}/aes/gcm/gcm_generic.go | 6 +- .../{fips => fips140}/aes/gcm/gcm_noasm.go | 0 .../{fips => fips140}/aes/gcm/gcm_nonces.go | 28 ++++---- .../{fips => fips140}/aes/gcm/gcm_ppc64x.go | 8 +-- .../{fips => fips140}/aes/gcm/gcm_ppc64x.s | 0 .../{fips => fips140}/aes/gcm/gcm_s390x.go | 8 +-- .../{fips => fips140}/aes/gcm/gcm_s390x.s | 0 .../{fips => fips140}/aes/gcm/ghash.go | 6 +- .../aes/gcm/interface_test.go | 2 +- .../{fips => fips140}/aes/interface_test.go | 2 +- .../internal/{fips => fips140}/alias/alias.go | 0 .../{fips => fips140}/bigmod/_asm/go.mod | 2 +- .../{fips => fips140}/bigmod/_asm/go.sum | 0 .../bigmod/_asm/nat_amd64_asm.go | 2 +- .../internal/{fips => fips140}/bigmod/nat.go | 4 +- .../{fips => fips140}/bigmod/nat_386.s | 0 .../{fips => fips140}/bigmod/nat_amd64.s | 0 .../{fips => fips140}/bigmod/nat_arm.s | 0 .../{fips => fips140}/bigmod/nat_arm64.s | 0 .../{fips => fips140}/bigmod/nat_asm.go | 2 +- .../{fips => fips140}/bigmod/nat_loong64.s | 2 +- .../{fips => fips140}/bigmod/nat_noasm.go | 0 .../{fips => fips140}/bigmod/nat_ppc64x.s | 0 .../{fips => fips140}/bigmod/nat_riscv64.s | 0 .../{fips => fips140}/bigmod/nat_s390x.s | 0 .../{fips => fips140}/bigmod/nat_test.go | 0 .../{fips => fips140}/bigmod/nat_wasm.go | 0 src/crypto/internal/{fips => fips140}/cast.go | 8 +-- .../internal/{fips => fips140}/check/asan.go | 0 .../internal/{fips => fips140}/check/check.go | 12 ++-- .../internal/fips140/check/checktest/asm.s | 6 ++ .../{fips => fips140}/check/checktest/test.go | 6 +- .../{fips => fips140}/check/noasan.go | 0 .../internal/{fips => fips140}/drbg/cast.go | 6 +- .../{fips => fips140}/drbg/ctrdrbg.go | 14 ++-- .../internal/{fips => fips140}/drbg/rand.go | 4 +- .../internal/{fips => fips140}/ecdh/cast.go | 8 +-- .../internal/{fips => fips140}/ecdh/ecdh.go | 44 ++++++------- .../{fips => fips140}/ecdh/order_test.go | 0 .../internal/{fips => fips140}/ecdsa/cast.go | 12 ++-- .../internal/{fips => fips140}/ecdsa/ecdsa.go | 26 ++++---- .../{fips => fips140}/ecdsa/ecdsa_noasm.go | 0 .../{fips => fips140}/ecdsa/ecdsa_s390x.go | 4 +- .../{fips => fips140}/ecdsa/ecdsa_s390x.s | 0 .../{fips => fips140}/ecdsa/ecdsa_test.go | 2 +- .../{fips => fips140}/ecdsa/hmacdrbg.go | 10 +-- .../{fips => fips140}/ed25519/cast.go | 8 +-- .../{fips => fips140}/ed25519/ed25519.go | 28 ++++---- .../{fips => fips140}/edwards25519/doc.go | 0 .../edwards25519/edwards25519.go | 4 +- .../edwards25519/edwards25519_test.go | 2 +- .../edwards25519/field/_asm/fe_amd64_asm.go | 2 +- .../edwards25519/field/_asm/go.mod | 2 +- .../edwards25519/field/_asm/go.sum | 0 .../edwards25519/field/fe.go | 6 +- .../edwards25519/field/fe_alias_test.go | 0 .../edwards25519/field/fe_amd64.go | 0 .../edwards25519/field/fe_amd64.s | 0 .../edwards25519/field/fe_amd64_noasm.go | 0 .../edwards25519/field/fe_arm64.go | 0 .../edwards25519/field/fe_arm64.s | 0 .../edwards25519/field/fe_arm64_noasm.go | 0 .../edwards25519/field/fe_bench_test.go | 0 .../edwards25519/field/fe_generic.go | 0 .../edwards25519/field/fe_test.go | 0 .../{fips => fips140}/edwards25519/scalar.go | 2 +- .../edwards25519/scalar_alias_test.go | 0 .../edwards25519/scalar_fiat.go | 0 .../edwards25519/scalar_test.go | 0 .../edwards25519/scalarmult.go | 0 .../edwards25519/scalarmult_test.go | 0 .../{fips => fips140}/edwards25519/tables.go | 2 +- .../edwards25519/tables_test.go | 0 .../{fips/fips.go => fips140/fips140.go} | 4 +- src/crypto/internal/{fips => fips140}/hash.go | 2 +- .../internal/{fips => fips140}/hkdf/cast.go | 8 +-- .../internal/{fips => fips140}/hkdf/hkdf.go | 12 ++-- .../internal/{fips => fips140}/hmac/cast.go | 6 +- .../internal/{fips => fips140}/hmac/hmac.go | 18 ++--- .../internal/{fips => fips140}/indicator.go | 6 +- .../internal/{fips => fips140}/mlkem/cast.go | 6 +- .../internal/{fips => fips140}/mlkem/field.go | 4 +- .../{fips => fips140}/mlkem/field_test.go | 0 .../{fips => fips140}/mlkem/generate1024.go | 0 .../{fips => fips140}/mlkem/mlkem1024.go | 20 +++--- .../{fips => fips140}/mlkem/mlkem768.go | 20 +++--- .../{fips => fips140}/nistec/_asm/go.mod | 2 +- .../{fips => fips140}/nistec/_asm/go.sum | 0 .../{fips => fips140}/nistec/_asm/p256_asm.go | 2 +- .../nistec/benchmark_test.go | 2 +- .../{fips => fips140}/nistec/fiat/Dockerfile | 0 .../{fips => fips140}/nistec/fiat/README | 0 .../nistec/fiat/benchmark_test.go | 2 +- .../{fips => fips140}/nistec/fiat/cast.go | 2 +- .../{fips => fips140}/nistec/fiat/generate.go | 2 +- .../{fips => fips140}/nistec/fiat/p224.go | 2 +- .../nistec/fiat/p224_fiat64.go | 0 .../nistec/fiat/p224_invert.go | 0 .../{fips => fips140}/nistec/fiat/p256.go | 2 +- .../nistec/fiat/p256_fiat64.go | 0 .../nistec/fiat/p256_invert.go | 0 .../{fips => fips140}/nistec/fiat/p384.go | 2 +- .../nistec/fiat/p384_fiat64.go | 0 .../nistec/fiat/p384_invert.go | 0 .../{fips => fips140}/nistec/fiat/p521.go | 2 +- .../nistec/fiat/p521_fiat64.go | 0 .../nistec/fiat/p521_invert.go | 0 .../{fips => fips140}/nistec/generate.go | 4 +- .../{fips => fips140}/nistec/nistec.go | 2 +- .../internal/{fips => fips140}/nistec/p224.go | 4 +- .../{fips => fips140}/nistec/p224_sqrt.go | 2 +- .../internal/{fips => fips140}/nistec/p256.go | 8 +-- .../{fips => fips140}/nistec/p256_asm.go | 2 +- .../{fips => fips140}/nistec/p256_asm_amd64.s | 0 .../{fips => fips140}/nistec/p256_asm_arm64.s | 0 .../nistec/p256_asm_ppc64le.s | 0 .../{fips => fips140}/nistec/p256_asm_s390x.s | 0 .../{fips => fips140}/nistec/p256_asm_test.go | 0 .../{fips => fips140}/nistec/p256_ordinv.go | 0 .../nistec/p256_ordinv_noasm.go | 0 .../{fips => fips140}/nistec/p256_table.go | 0 .../nistec/p256_table_test.go | 2 +- .../internal/{fips => fips140}/nistec/p384.go | 4 +- .../internal/{fips => fips140}/nistec/p521.go | 4 +- .../internal/{fips => fips140}/rsa/cast.go | 8 +-- .../{fips => fips140}/rsa/pkcs1v15.go | 8 +-- .../{fips => fips140}/rsa/pkcs1v15_test.go | 0 .../{fips => fips140}/rsa/pkcs1v22.go | 54 +++++++-------- .../{fips => fips140}/rsa/pkcs1v22_test.go | 0 .../internal/{fips => fips140}/rsa/rsa.go | 18 ++--- .../{fips => fips140}/sha256/_asm/go.mod | 0 .../{fips => fips140}/sha256/_asm/go.sum | 0 .../sha256/_asm/sha256block_amd64_asm.go | 2 +- .../sha256/_asm/sha256block_amd64_avx2.go | 0 .../sha256/_asm/sha256block_amd64_shani.go | 0 .../internal/{fips => fips140}/sha256/cast.go | 4 +- .../{fips => fips140}/sha256/sha256.go | 6 +- .../{fips => fips140}/sha256/sha256block.go | 0 .../sha256/sha256block_386.s | 0 .../sha256/sha256block_amd64.go | 2 +- .../sha256/sha256block_amd64.s | 0 .../sha256/sha256block_arm64.go | 2 +- .../sha256/sha256block_arm64.s | 0 .../sha256/sha256block_asm.go | 0 .../sha256/sha256block_loong64.s | 0 .../sha256/sha256block_noasm.go | 0 .../sha256/sha256block_ppc64x.go | 2 +- .../sha256/sha256block_ppc64x.s | 0 .../sha256/sha256block_riscv64.s | 0 .../sha256/sha256block_s390x.go | 2 +- .../sha256/sha256block_s390x.s | 0 .../{fips => fips140}/sha3/_asm/go.mod | 0 .../{fips => fips140}/sha3/_asm/go.sum | 0 .../sha3/_asm/keccakf_amd64_asm.go | 2 +- .../internal/{fips => fips140}/sha3/cast.go | 4 +- .../internal/{fips => fips140}/sha3/hashes.go | 0 .../{fips => fips140}/sha3/keccakf.go | 4 +- .../internal/{fips => fips140}/sha3/sha3.go | 6 +- .../{fips => fips140}/sha3/sha3_amd64.go | 0 .../{fips => fips140}/sha3/sha3_amd64.s | 0 .../{fips => fips140}/sha3/sha3_noasm.go | 0 .../{fips => fips140}/sha3/sha3_s390x.go | 4 +- .../{fips => fips140}/sha3/sha3_s390x.s | 0 .../internal/{fips => fips140}/sha3/shake.go | 6 +- .../{fips => fips140}/sha512/_asm/go.mod | 0 .../{fips => fips140}/sha512/_asm/go.sum | 0 .../sha512/_asm/sha512block_amd64_asm.go | 2 +- .../internal/{fips => fips140}/sha512/cast.go | 4 +- .../{fips => fips140}/sha512/sha512.go | 6 +- .../{fips => fips140}/sha512/sha512block.go | 0 .../sha512/sha512block_amd64.go | 2 +- .../sha512/sha512block_amd64.s | 0 .../sha512/sha512block_arm64.go | 2 +- .../sha512/sha512block_arm64.s | 0 .../sha512/sha512block_asm.go | 0 .../sha512/sha512block_loong64.s | 0 .../sha512/sha512block_noasm.go | 0 .../sha512/sha512block_ppc64x.go | 2 +- .../sha512/sha512block_ppc64x.s | 0 .../sha512/sha512block_riscv64.s | 0 .../sha512/sha512block_s390x.go | 2 +- .../sha512/sha512block_s390x.s | 0 .../internal/{fips => fips140}/ssh/kdf.go | 6 +- .../{fips => fips140}/subtle/constant_time.go | 0 .../internal/{fips => fips140}/subtle/xor.go | 2 +- .../{fips => fips140}/subtle/xor_amd64.go | 0 .../{fips => fips140}/subtle/xor_amd64.s | 0 .../{fips => fips140}/subtle/xor_arm64.go | 0 .../{fips => fips140}/subtle/xor_arm64.s | 0 .../{fips => fips140}/subtle/xor_generic.go | 0 .../{fips => fips140}/subtle/xor_loong64.go | 0 .../{fips => fips140}/subtle/xor_loong64.s | 0 .../{fips => fips140}/subtle/xor_ppc64x.go | 0 .../{fips => fips140}/subtle/xor_ppc64x.s | 0 .../internal/{fips => fips140}/tls12/cast.go | 8 +-- .../internal/{fips => fips140}/tls12/tls12.go | 20 +++--- .../internal/{fips => fips140}/tls13/cast.go | 8 +-- .../internal/{fips => fips140}/tls13/tls13.go | 40 +++++------ .../byteorder/byteorder.go | 0 .../{fipsdeps => fips140deps}/cpu/cpu.go | 0 .../{fipsdeps => fips140deps}/fipsdeps.go | 2 +- .../fipsdeps_test.go | 30 ++++----- .../godebug/godebug.go | 0 .../acvp_capabilities.json | 0 .../acvp_test.config.json | 0 .../{fipstest => fips140test}/acvp_test.go | 38 +++++------ .../{fipstest => fips140test}/alias_test.go | 2 +- .../{fipstest => fips140test}/cast_test.go | 38 +++++------ .../{fipstest => fips140test}/check_test.go | 4 +- .../{fipstest => fips140test}/cmac_test.go | 4 +- .../{fipstest => fips140test}/ctrdrbg_test.go | 4 +- .../edwards25519_test.go | 2 +- .../{fipstest => fips140test}/fips_test.go | 2 +- .../{fipstest => fips140test}/hkdf_test.go | 16 ++--- .../indicator_test.go | 62 ++++++++--------- .../{fipstest => fips140test}/mlkem_test.go | 4 +- .../nistec_ordinv_test.go | 2 +- .../{fipstest => fips140test}/nistec_test.go | 2 +- .../{fipstest => fips140test}/sha3_test.go | 8 +-- .../{fipstest => fips140test}/sshkdf_test.go | 2 +- .../{fipstest => fips140test}/xaes_test.go | 8 +-- src/crypto/internal/hpke/hpke.go | 2 +- src/crypto/rand/rand.go | 6 +- src/crypto/rc4/rc4.go | 2 +- src/crypto/rsa/fips.go | 2 +- src/crypto/rsa/pkcs1v15.go | 2 +- src/crypto/rsa/pss_test.go | 4 +- src/crypto/rsa/rsa.go | 4 +- src/crypto/rsa/rsa_test.go | 4 +- src/crypto/sha256/sha256.go | 2 +- src/crypto/sha512/sha512.go | 2 +- src/crypto/subtle/constant_time.go | 2 +- src/crypto/subtle/xor.go | 2 +- src/crypto/tls/cipher_suites.go | 6 +- src/crypto/tls/handshake_client.go | 4 +- src/crypto/tls/handshake_client_tls13.go | 6 +- src/crypto/tls/handshake_server_tls13.go | 4 +- src/crypto/tls/key_schedule.go | 6 +- src/crypto/tls/key_schedule_test.go | 4 +- src/crypto/tls/prf.go | 2 +- src/go/build/deps_test.go | 66 +++++++++---------- src/runtime/panic.go | 2 +- src/runtime/runtime1.go | 4 +- src/slices/slices.go | 2 +- 319 files changed, 689 insertions(+), 692 deletions(-) rename src/cmd/go/internal/{fips/fips.go => fips140/fips140.go} (88%) rename src/cmd/go/internal/{fips => fips140}/fips_test.go (99%) rename src/cmd/go/internal/{fips => fips140}/mkzip.go (89%) rename src/cmd/internal/obj/{fips.go => fips140.go} (94%) rename src/cmd/link/internal/ld/{fips.go => fips140.go} (98%) delete mode 100644 src/crypto/internal/fips/check/checktest/asm.s rename src/crypto/internal/{fips => fips140}/aes/_asm/ctr/ctr_amd64_asm.go (100%) rename src/crypto/internal/{fips => fips140}/aes/_asm/ctr/go.mod (100%) rename src/crypto/internal/{fips => fips140}/aes/_asm/ctr/go.sum (100%) rename src/crypto/internal/{fips => fips140}/aes/_asm/standard/aes_amd64.go (100%) rename src/crypto/internal/{fips => fips140}/aes/_asm/standard/go.mod (100%) rename src/crypto/internal/{fips => fips140}/aes/_asm/standard/go.sum (100%) rename src/crypto/internal/{fips => fips140}/aes/aes.go (96%) rename src/crypto/internal/{fips => fips140}/aes/aes_amd64.s (100%) rename src/crypto/internal/{fips => fips140}/aes/aes_arm64.s (100%) rename src/crypto/internal/{fips => fips140}/aes/aes_asm.go (97%) rename src/crypto/internal/{fips => fips140}/aes/aes_generic.go (99%) rename src/crypto/internal/{fips => fips140}/aes/aes_noasm.go (100%) rename src/crypto/internal/{fips => fips140}/aes/aes_ppc64x.s (100%) rename src/crypto/internal/{fips => fips140}/aes/aes_s390x.go (98%) rename src/crypto/internal/{fips => fips140}/aes/aes_s390x.s (100%) rename src/crypto/internal/{fips => fips140}/aes/aes_test.go (100%) rename src/crypto/internal/{fips => fips140}/aes/cast.go (91%) rename src/crypto/internal/{fips => fips140}/aes/cbc.go (97%) rename src/crypto/internal/{fips => fips140}/aes/cbc_noasm.go (100%) rename src/crypto/internal/{fips => fips140}/aes/cbc_ppc64x.go (100%) rename src/crypto/internal/{fips => fips140}/aes/cbc_s390x.go (100%) rename src/crypto/internal/{fips => fips140}/aes/const.go (100%) rename src/crypto/internal/{fips => fips140}/aes/ctr.go (97%) rename src/crypto/internal/{fips => fips140}/aes/ctr_amd64.s (100%) rename src/crypto/internal/{fips => fips140}/aes/ctr_arm64.s (100%) rename src/crypto/internal/{fips => fips140}/aes/ctr_arm64_gen.go (100%) rename src/crypto/internal/{fips => fips140}/aes/ctr_asm.go (100%) rename src/crypto/internal/{fips => fips140}/aes/ctr_noasm.go (100%) rename src/crypto/internal/{fips => fips140}/aes/ctr_s390x.go (94%) rename src/crypto/internal/{fips => fips140}/aes/gcm/_asm/gcm/gcm_amd64_asm.go (100%) rename src/crypto/internal/{fips => fips140}/aes/gcm/_asm/gcm/go.mod (100%) rename src/crypto/internal/{fips => fips140}/aes/gcm/_asm/gcm/go.sum (100%) rename src/crypto/internal/{fips => fips140}/aes/gcm/cast.go (85%) rename src/crypto/internal/{fips => fips140}/aes/gcm/cmac.go (93%) rename src/crypto/internal/{fips => fips140}/aes/gcm/ctrkdf.go (94%) rename src/crypto/internal/{fips => fips140}/aes/gcm/gcm.go (96%) rename src/crypto/internal/{fips => fips140}/aes/gcm/gcm_amd64.s (100%) rename src/crypto/internal/{fips => fips140}/aes/gcm/gcm_arm64.s (100%) rename src/crypto/internal/{fips => fips140}/aes/gcm/gcm_asm.go (97%) rename src/crypto/internal/{fips => fips140}/aes/gcm/gcm_generic.go (97%) rename src/crypto/internal/{fips => fips140}/aes/gcm/gcm_noasm.go (100%) rename src/crypto/internal/{fips => fips140}/aes/gcm/gcm_nonces.go (94%) rename src/crypto/internal/{fips => fips140}/aes/gcm/gcm_ppc64x.go (97%) rename src/crypto/internal/{fips => fips140}/aes/gcm/gcm_ppc64x.s (100%) rename src/crypto/internal/{fips => fips140}/aes/gcm/gcm_s390x.go (98%) rename src/crypto/internal/{fips => fips140}/aes/gcm/gcm_s390x.s (100%) rename src/crypto/internal/{fips => fips140}/aes/gcm/ghash.go (98%) rename src/crypto/internal/{fips => fips140}/aes/gcm/interface_test.go (87%) rename src/crypto/internal/{fips => fips140}/aes/interface_test.go (92%) rename src/crypto/internal/{fips => fips140}/alias/alias.go (100%) rename src/crypto/internal/{fips => fips140}/bigmod/_asm/go.mod (86%) rename src/crypto/internal/{fips => fips140}/bigmod/_asm/go.sum (100%) rename src/crypto/internal/{fips => fips140}/bigmod/_asm/nat_amd64_asm.go (98%) rename src/crypto/internal/{fips => fips140}/bigmod/nat.go (99%) rename src/crypto/internal/{fips => fips140}/bigmod/nat_386.s (100%) rename src/crypto/internal/{fips => fips140}/bigmod/nat_amd64.s (100%) rename src/crypto/internal/{fips => fips140}/bigmod/nat_arm.s (100%) rename src/crypto/internal/{fips => fips140}/bigmod/nat_arm64.s (100%) rename src/crypto/internal/{fips => fips140}/bigmod/nat_asm.go (96%) rename src/crypto/internal/{fips => fips140}/bigmod/nat_loong64.s (97%) rename src/crypto/internal/{fips => fips140}/bigmod/nat_noasm.go (100%) rename src/crypto/internal/{fips => fips140}/bigmod/nat_ppc64x.s (100%) rename src/crypto/internal/{fips => fips140}/bigmod/nat_riscv64.s (100%) rename src/crypto/internal/{fips => fips140}/bigmod/nat_s390x.s (100%) rename src/crypto/internal/{fips => fips140}/bigmod/nat_test.go (100%) rename src/crypto/internal/{fips => fips140}/bigmod/nat_wasm.go (100%) rename src/crypto/internal/{fips => fips140}/cast.go (92%) rename src/crypto/internal/{fips => fips140}/check/asan.go (100%) rename src/crypto/internal/{fips => fips140}/check/check.go (92%) create mode 100644 src/crypto/internal/fips140/check/checktest/asm.s rename src/crypto/internal/{fips => fips140}/check/checktest/test.go (88%) rename src/crypto/internal/{fips => fips140}/check/noasan.go (100%) rename src/crypto/internal/{fips => fips140}/drbg/cast.go (94%) rename src/crypto/internal/{fips => fips140}/drbg/ctrdrbg.go (93%) rename src/crypto/internal/{fips => fips140}/drbg/rand.go (97%) rename src/crypto/internal/{fips => fips140}/ecdh/cast.go (90%) rename src/crypto/internal/{fips => fips140}/ecdh/ecdh.go (94%) rename src/crypto/internal/{fips => fips140}/ecdh/order_test.go (100%) rename src/crypto/internal/{fips => fips140}/ecdsa/cast.go (93%) rename src/crypto/internal/{fips => fips140}/ecdsa/ecdsa.go (96%) rename src/crypto/internal/{fips => fips140}/ecdsa/ecdsa_noasm.go (100%) rename src/crypto/internal/{fips => fips140}/ecdsa/ecdsa_s390x.go (98%) rename src/crypto/internal/{fips => fips140}/ecdsa/ecdsa_s390x.s (100%) rename src/crypto/internal/{fips => fips140}/ecdsa/ecdsa_test.go (98%) rename src/crypto/internal/{fips => fips140}/ecdsa/hmacdrbg.go (94%) rename src/crypto/internal/{fips => fips140}/ed25519/cast.go (92%) rename src/crypto/internal/{fips => fips140}/ed25519/ed25519.go (96%) rename src/crypto/internal/{fips => fips140}/edwards25519/doc.go (100%) rename src/crypto/internal/{fips => fips140}/edwards25519/edwards25519.go (99%) rename src/crypto/internal/{fips => fips140}/edwards25519/edwards25519_test.go (99%) rename src/crypto/internal/{fips => fips140}/edwards25519/field/_asm/fe_amd64_asm.go (99%) rename src/crypto/internal/{fips => fips140}/edwards25519/field/_asm/go.mod (83%) rename src/crypto/internal/{fips => fips140}/edwards25519/field/_asm/go.sum (100%) rename src/crypto/internal/{fips => fips140}/edwards25519/field/fe.go (99%) rename src/crypto/internal/{fips => fips140}/edwards25519/field/fe_alias_test.go (100%) rename src/crypto/internal/{fips => fips140}/edwards25519/field/fe_amd64.go (100%) rename src/crypto/internal/{fips => fips140}/edwards25519/field/fe_amd64.s (100%) rename src/crypto/internal/{fips => fips140}/edwards25519/field/fe_amd64_noasm.go (100%) rename src/crypto/internal/{fips => fips140}/edwards25519/field/fe_arm64.go (100%) rename src/crypto/internal/{fips => fips140}/edwards25519/field/fe_arm64.s (100%) rename src/crypto/internal/{fips => fips140}/edwards25519/field/fe_arm64_noasm.go (100%) rename src/crypto/internal/{fips => fips140}/edwards25519/field/fe_bench_test.go (100%) rename src/crypto/internal/{fips => fips140}/edwards25519/field/fe_generic.go (100%) rename src/crypto/internal/{fips => fips140}/edwards25519/field/fe_test.go (100%) rename src/crypto/internal/{fips => fips140}/edwards25519/scalar.go (99%) rename src/crypto/internal/{fips => fips140}/edwards25519/scalar_alias_test.go (100%) rename src/crypto/internal/{fips => fips140}/edwards25519/scalar_fiat.go (100%) rename src/crypto/internal/{fips => fips140}/edwards25519/scalar_test.go (100%) rename src/crypto/internal/{fips => fips140}/edwards25519/scalarmult.go (100%) rename src/crypto/internal/{fips => fips140}/edwards25519/scalarmult_test.go (100%) rename src/crypto/internal/{fips => fips140}/edwards25519/tables.go (99%) rename src/crypto/internal/{fips => fips140}/edwards25519/tables_test.go (100%) rename src/crypto/internal/{fips/fips.go => fips140/fips140.go} (84%) rename src/crypto/internal/{fips => fips140}/hash.go (98%) rename src/crypto/internal/{fips => fips140}/hkdf/cast.go (83%) rename src/crypto/internal/{fips => fips140}/hkdf/hkdf.go (74%) rename src/crypto/internal/{fips => fips140}/hmac/cast.go (87%) rename src/crypto/internal/{fips => fips140}/hmac/hmac.go (92%) rename src/crypto/internal/{fips => fips140}/indicator.go (93%) rename src/crypto/internal/{fips => fips140}/mlkem/cast.go (93%) rename src/crypto/internal/{fips => fips140}/mlkem/field.go (99%) rename src/crypto/internal/{fips => fips140}/mlkem/field_test.go (100%) rename src/crypto/internal/{fips => fips140}/mlkem/generate1024.go (100%) rename src/crypto/internal/{fips => fips140}/mlkem/mlkem1024.go (96%) rename src/crypto/internal/{fips => fips140}/mlkem/mlkem768.go (96%) rename src/crypto/internal/{fips => fips140}/nistec/_asm/go.mod (80%) rename src/crypto/internal/{fips => fips140}/nistec/_asm/go.sum (100%) rename src/crypto/internal/{fips => fips140}/nistec/_asm/p256_asm.go (99%) rename src/crypto/internal/{fips => fips140}/nistec/benchmark_test.go (98%) rename src/crypto/internal/{fips => fips140}/nistec/fiat/Dockerfile (100%) rename src/crypto/internal/{fips => fips140}/nistec/fiat/README (100%) rename src/crypto/internal/{fips => fips140}/nistec/fiat/benchmark_test.go (96%) rename src/crypto/internal/{fips => fips140}/nistec/fiat/cast.go (80%) rename src/crypto/internal/{fips => fips140}/nistec/fiat/generate.go (99%) rename src/crypto/internal/{fips => fips140}/nistec/fiat/p224.go (99%) rename src/crypto/internal/{fips => fips140}/nistec/fiat/p224_fiat64.go (100%) rename src/crypto/internal/{fips => fips140}/nistec/fiat/p224_invert.go (100%) rename src/crypto/internal/{fips => fips140}/nistec/fiat/p256.go (99%) rename src/crypto/internal/{fips => fips140}/nistec/fiat/p256_fiat64.go (100%) rename src/crypto/internal/{fips => fips140}/nistec/fiat/p256_invert.go (100%) rename src/crypto/internal/{fips => fips140}/nistec/fiat/p384.go (99%) rename src/crypto/internal/{fips => fips140}/nistec/fiat/p384_fiat64.go (100%) rename src/crypto/internal/{fips => fips140}/nistec/fiat/p384_invert.go (100%) rename src/crypto/internal/{fips => fips140}/nistec/fiat/p521.go (99%) rename src/crypto/internal/{fips => fips140}/nistec/fiat/p521_fiat64.go (100%) rename src/crypto/internal/{fips => fips140}/nistec/fiat/p521_invert.go (100%) rename src/crypto/internal/{fips => fips140}/nistec/generate.go (99%) rename src/crypto/internal/{fips => fips140}/nistec/nistec.go (94%) rename src/crypto/internal/{fips => fips140}/nistec/p224.go (99%) rename src/crypto/internal/{fips => fips140}/nistec/p224_sqrt.go (98%) rename src/crypto/internal/{fips => fips140}/nistec/p256.go (99%) rename src/crypto/internal/{fips => fips140}/nistec/p256_asm.go (99%) rename src/crypto/internal/{fips => fips140}/nistec/p256_asm_amd64.s (100%) rename src/crypto/internal/{fips => fips140}/nistec/p256_asm_arm64.s (100%) rename src/crypto/internal/{fips => fips140}/nistec/p256_asm_ppc64le.s (100%) rename src/crypto/internal/{fips => fips140}/nistec/p256_asm_s390x.s (100%) rename src/crypto/internal/{fips => fips140}/nistec/p256_asm_test.go (100%) rename src/crypto/internal/{fips => fips140}/nistec/p256_ordinv.go (100%) rename src/crypto/internal/{fips => fips140}/nistec/p256_ordinv_noasm.go (100%) rename src/crypto/internal/{fips => fips140}/nistec/p256_table.go (100%) rename src/crypto/internal/{fips => fips140}/nistec/p256_table_test.go (96%) rename src/crypto/internal/{fips => fips140}/nistec/p384.go (99%) rename src/crypto/internal/{fips => fips140}/nistec/p521.go (99%) rename src/crypto/internal/{fips => fips140}/rsa/cast.go (98%) rename src/crypto/internal/{fips => fips140}/rsa/pkcs1v15.go (97%) rename src/crypto/internal/{fips => fips140}/rsa/pkcs1v15_test.go (100%) rename src/crypto/internal/{fips => fips140}/rsa/pkcs1v22.go (89%) rename src/crypto/internal/{fips => fips140}/rsa/pkcs1v22_test.go (100%) rename src/crypto/internal/{fips => fips140}/rsa/rsa.go (94%) rename src/crypto/internal/{fips => fips140}/sha256/_asm/go.mod (100%) rename src/crypto/internal/{fips => fips140}/sha256/_asm/go.sum (100%) rename src/crypto/internal/{fips => fips140}/sha256/_asm/sha256block_amd64_asm.go (99%) rename src/crypto/internal/{fips => fips140}/sha256/_asm/sha256block_amd64_avx2.go (100%) rename src/crypto/internal/{fips => fips140}/sha256/_asm/sha256block_amd64_shani.go (100%) rename src/crypto/internal/{fips => fips140}/sha256/cast.go (91%) rename src/crypto/internal/{fips => fips140}/sha256/sha256.go (98%) rename src/crypto/internal/{fips => fips140}/sha256/sha256block.go (100%) rename src/crypto/internal/{fips => fips140}/sha256/sha256block_386.s (100%) rename src/crypto/internal/{fips => fips140}/sha256/sha256block_amd64.go (95%) rename src/crypto/internal/{fips => fips140}/sha256/sha256block_amd64.s (100%) rename src/crypto/internal/{fips => fips140}/sha256/sha256block_arm64.go (93%) rename src/crypto/internal/{fips => fips140}/sha256/sha256block_arm64.s (100%) rename src/crypto/internal/{fips => fips140}/sha256/sha256block_asm.go (100%) rename src/crypto/internal/{fips => fips140}/sha256/sha256block_loong64.s (100%) rename src/crypto/internal/{fips => fips140}/sha256/sha256block_noasm.go (100%) rename src/crypto/internal/{fips => fips140}/sha256/sha256block_ppc64x.go (95%) rename src/crypto/internal/{fips => fips140}/sha256/sha256block_ppc64x.s (100%) rename src/crypto/internal/{fips => fips140}/sha256/sha256block_riscv64.s (100%) rename src/crypto/internal/{fips => fips140}/sha256/sha256block_s390x.go (94%) rename src/crypto/internal/{fips => fips140}/sha256/sha256block_s390x.s (100%) rename src/crypto/internal/{fips => fips140}/sha3/_asm/go.mod (100%) rename src/crypto/internal/{fips => fips140}/sha3/_asm/go.sum (100%) rename src/crypto/internal/{fips => fips140}/sha3/_asm/keccakf_amd64_asm.go (99%) rename src/crypto/internal/{fips => fips140}/sha3/cast.go (91%) rename src/crypto/internal/{fips => fips140}/sha3/hashes.go (100%) rename src/crypto/internal/{fips => fips140}/sha3/keccakf.go (99%) rename src/crypto/internal/{fips => fips140}/sha3/sha3.go (98%) rename src/crypto/internal/{fips => fips140}/sha3/sha3_amd64.go (100%) rename src/crypto/internal/{fips => fips140}/sha3/sha3_amd64.s (100%) rename src/crypto/internal/{fips => fips140}/sha3/sha3_noasm.go (100%) rename src/crypto/internal/{fips => fips140}/sha3/sha3_s390x.go (98%) rename src/crypto/internal/{fips => fips140}/sha3/sha3_s390x.s (100%) rename src/crypto/internal/{fips => fips140}/sha3/shake.go (97%) rename src/crypto/internal/{fips => fips140}/sha512/_asm/go.mod (100%) rename src/crypto/internal/{fips => fips140}/sha512/_asm/go.sum (100%) rename src/crypto/internal/{fips => fips140}/sha512/_asm/sha512block_amd64_asm.go (99%) rename src/crypto/internal/{fips => fips140}/sha512/cast.go (93%) rename src/crypto/internal/{fips => fips140}/sha512/sha512.go (98%) rename src/crypto/internal/{fips => fips140}/sha512/sha512block.go (100%) rename src/crypto/internal/{fips => fips140}/sha512/sha512block_amd64.go (94%) rename src/crypto/internal/{fips => fips140}/sha512/sha512block_amd64.s (100%) rename src/crypto/internal/{fips => fips140}/sha512/sha512block_arm64.go (93%) rename src/crypto/internal/{fips => fips140}/sha512/sha512block_arm64.s (100%) rename src/crypto/internal/{fips => fips140}/sha512/sha512block_asm.go (100%) rename src/crypto/internal/{fips => fips140}/sha512/sha512block_loong64.s (100%) rename src/crypto/internal/{fips => fips140}/sha512/sha512block_noasm.go (100%) rename src/crypto/internal/{fips => fips140}/sha512/sha512block_ppc64x.go (95%) rename src/crypto/internal/{fips => fips140}/sha512/sha512block_ppc64x.s (100%) rename src/crypto/internal/{fips => fips140}/sha512/sha512block_riscv64.s (100%) rename src/crypto/internal/{fips => fips140}/sha512/sha512block_s390x.go (94%) rename src/crypto/internal/{fips => fips140}/sha512/sha512block_s390x.s (100%) rename src/crypto/internal/{fips => fips140}/ssh/kdf.go (90%) rename src/crypto/internal/{fips => fips140}/subtle/constant_time.go (100%) rename src/crypto/internal/{fips => fips140}/subtle/xor.go (95%) rename src/crypto/internal/{fips => fips140}/subtle/xor_amd64.go (100%) rename src/crypto/internal/{fips => fips140}/subtle/xor_amd64.s (100%) rename src/crypto/internal/{fips => fips140}/subtle/xor_arm64.go (100%) rename src/crypto/internal/{fips => fips140}/subtle/xor_arm64.s (100%) rename src/crypto/internal/{fips => fips140}/subtle/xor_generic.go (100%) rename src/crypto/internal/{fips => fips140}/subtle/xor_loong64.go (100%) rename src/crypto/internal/{fips => fips140}/subtle/xor_loong64.s (100%) rename src/crypto/internal/{fips => fips140}/subtle/xor_ppc64x.go (100%) rename src/crypto/internal/{fips => fips140}/subtle/xor_ppc64x.s (100%) rename src/crypto/internal/{fips => fips140}/tls12/cast.go (86%) rename src/crypto/internal/{fips => fips140}/tls12/tls12.go (75%) rename src/crypto/internal/{fips => fips140}/tls13/cast.go (85%) rename src/crypto/internal/{fips => fips140}/tls13/tls13.go (83%) rename src/crypto/internal/{fipsdeps => fips140deps}/byteorder/byteorder.go (100%) rename src/crypto/internal/{fipsdeps => fips140deps}/cpu/cpu.go (100%) rename src/crypto/internal/{fipsdeps => fips140deps}/fipsdeps.go (96%) rename src/crypto/internal/{fipsdeps => fips140deps}/fipsdeps_test.go (77%) rename src/crypto/internal/{fipsdeps => fips140deps}/godebug/godebug.go (100%) rename src/crypto/internal/{fipstest => fips140test}/acvp_capabilities.json (100%) rename src/crypto/internal/{fipstest => fips140test}/acvp_test.config.json (100%) rename src/crypto/internal/{fipstest => fips140test}/acvp_test.go (92%) rename src/crypto/internal/{fipstest => fips140test}/alias_test.go (97%) rename src/crypto/internal/{fipstest => fips140test}/cast_test.go (77%) rename src/crypto/internal/{fipstest => fips140test}/check_test.go (98%) rename src/crypto/internal/{fipstest => fips140test}/cmac_test.go (93%) rename src/crypto/internal/{fipstest => fips140test}/ctrdrbg_test.go (97%) rename src/crypto/internal/{fipstest => fips140test}/edwards25519_test.go (93%) rename src/crypto/internal/{fipstest => fips140test}/fips_test.go (91%) rename src/crypto/internal/{fipstest => fips140test}/hkdf_test.go (97%) rename src/crypto/internal/{fipstest => fips140test}/indicator_test.go (52%) rename src/crypto/internal/{fipstest => fips140test}/mlkem_test.go (99%) rename src/crypto/internal/{fipstest => fips140test}/nistec_ordinv_test.go (98%) rename src/crypto/internal/{fipstest => fips140test}/nistec_test.go (99%) rename src/crypto/internal/{fipstest => fips140test}/sha3_test.go (99%) rename src/crypto/internal/{fipstest => fips140test}/sshkdf_test.go (98%) rename src/crypto/internal/{fipstest => fips140test}/xaes_test.go (97%) diff --git a/lib/fips140/Makefile b/lib/fips140/Makefile index 7a97eb6557946f..cd657ae72fd248 100644 --- a/lib/fips140/Makefile +++ b/lib/fips140/Makefile @@ -13,7 +13,7 @@ # # Note that once published a snapshot zip file should never # be modified. We record the sha256 hashes of the zip files -# in fips140.sum, and the cmd/go/internal/fips test checks +# in fips140.sum, and the cmd/go/internal/fips140 test checks # that the zips match. # # When the zip file is finalized, run 'make updatesum' to update @@ -27,7 +27,7 @@ default: # copy and edit the 'go run' command by hand to use a different branch. v%.zip: git fetch origin master - go run ../../src/cmd/go/internal/fips/mkzip.go -b master v$* + go run ../../src/cmd/go/internal/fips140/mkzip.go -b master v$* # normally mkzip refuses to overwrite an existing zip file. # make v1.2.3.rm removes the zip file and and unpacked @@ -43,4 +43,4 @@ v%.test: # make updatesum updates the fips140.sum file. updatesum: - go test cmd/go/internal/fips -update + go test cmd/go/internal/fips140 -update diff --git a/lib/fips140/README.md b/lib/fips140/README.md index 6427ddb7a9b5c7..38ca130d6fa22e 100644 --- a/lib/fips140/README.md +++ b/lib/fips140/README.md @@ -1,9 +1,9 @@ -This directory holds snapshots of the crypto/internal/fips tree +This directory holds snapshots of the crypto/internal/fips140 tree that are being validated and certified for FIPS-140 use. The file x.txt (for example, inprocess.txt, certified.txt) defines the meaning of the FIPS version alias x, listing the exact version to use. -The zip files are created by cmd/go/internal/fips/mkzip.go. +The zip files are created by cmd/go/internal/fips140/mkzip.go. The fips140.sum file lists checksums for the zip files. See the Makefile for recipes. diff --git a/lib/fips140/fips140.sum b/lib/fips140/fips140.sum index 3dd9146ff5a478..013112d9e58d0d 100644 --- a/lib/fips140/fips140.sum +++ b/lib/fips140/fips140.sum @@ -7,5 +7,5 @@ # remove zip files from the list when they are removed from # this directory. To update this file: # -# go test cmd/go/internal/fips -update +# go test cmd/go/internal/fips140 -update # diff --git a/src/cmd/compile/internal/ssa/stmtlines_test.go b/src/cmd/compile/internal/ssa/stmtlines_test.go index f04ca706b65e43..e17a5402af818d 100644 --- a/src/cmd/compile/internal/ssa/stmtlines_test.go +++ b/src/cmd/compile/internal/ssa/stmtlines_test.go @@ -103,7 +103,7 @@ func TestStmtLines(t *testing.T) { if pkgname == "runtime" { continue } - if pkgname == "crypto/internal/fips/nistec/fiat" { + if pkgname == "crypto/internal/fips140/nistec/fiat" { continue // golang.org/issue/49372 } if e.Val(dwarf.AttrStmtList) == nil { diff --git a/src/cmd/dist/test.go b/src/cmd/dist/test.go index ebcf61f8f11c79..b52af6edc4cd35 100644 --- a/src/cmd/dist/test.go +++ b/src/cmd/dist/test.go @@ -834,7 +834,7 @@ func (t *tester) registerTests() { buildmode: "pie", ldflags: "-linkmode=internal", env: []string{"CGO_ENABLED=0"}, - pkg: "crypto/internal/fips/check", + pkg: "crypto/internal/fips140/check", }) // Also test a cgo package. if t.cgoEnabled && t.internalLink() && !disablePIE { @@ -857,7 +857,7 @@ func (t *tester) registerTests() { buildmode: "exe", ldflags: "-linkmode=external", env: []string{"CGO_ENABLED=1"}, - pkg: "crypto/internal/fips/check", + pkg: "crypto/internal/fips140/check", }) if t.externalLinkPIE() && !disablePIE { t.registerTest("external linking, -buildmode=pie", @@ -867,7 +867,7 @@ func (t *tester) registerTests() { buildmode: "pie", ldflags: "-linkmode=external", env: []string{"CGO_ENABLED=1"}, - pkg: "crypto/internal/fips/check", + pkg: "crypto/internal/fips140/check", }) } } diff --git a/src/cmd/go/internal/fips/fips.go b/src/cmd/go/internal/fips140/fips140.go similarity index 88% rename from src/cmd/go/internal/fips/fips.go rename to src/cmd/go/internal/fips140/fips140.go index 0c7a22e39a37b1..7c04a94dd1fea3 100644 --- a/src/cmd/go/internal/fips/fips.go +++ b/src/cmd/go/internal/fips140/fips140.go @@ -9,8 +9,8 @@ // - Whether binaries are built to default to running in FIPS-140 mode, // meaning whether they default to GODEBUG=fips140=on or =off. // -// - Which copy of the crypto/internal/fips source code to use. -// The default is obviously GOROOT/src/crypto/internal/fips, +// - Which copy of the crypto/internal/fips140 source code to use. +// The default is obviously GOROOT/src/crypto/internal/fips140, // but earlier snapshots that have differing levels of external // validation and certification are stored in GOROOT/lib/fips140 // and can be substituted into the build instead. @@ -51,7 +51,7 @@ // // When GOFIPS140 is set to something besides off and latest, [Snapshot] // returns true, indicating that the build should replace the latest copy -// of crypto/internal/fips with an earlier snapshot. The reason to do +// of crypto/internal/fips140 with an earlier snapshot. The reason to do // this is to use a copy that has been through additional lab validation // (an "in-process" module) or NIST certification (a "certified" module). // The snapshots are stored in GOROOT/lib/fips140 in module zip form. @@ -60,19 +60,19 @@ // // A FIPS snapshot like v1.2.3 is integrated into the build in two different ways. // -// First, the snapshot's fips140 directory replaces crypto/internal/fips -// using fsys.Bind. The effect is to appear to have deleted crypto/internal/fips +// First, the snapshot's fips140 directory replaces crypto/internal/fips140 +// using fsys.Bind. The effect is to appear to have deleted crypto/internal/fips140 // and everything below it, replacing it with the single subdirectory -// crypto/internal/fips/v1.2.3, which now has the FIPS packages. +// crypto/internal/fips140/v1.2.3, which now has the FIPS packages. // This virtual file system replacement makes patterns like std and crypto... // automatically see the snapshot packages instead of the original packages -// as they walk GOROOT/src/crypto/internal/fips. +// as they walk GOROOT/src/crypto/internal/fips140. // -// Second, ResolveImport is called to resolve an import like crypto/internal/fips/sha256. +// Second, ResolveImport is called to resolve an import like crypto/internal/fips140/sha256. // When snapshot v1.2.3 is being used, ResolveImport translates that path to -// crypto/internal/fips/v1.2.3/sha256 and returns the actual source directory +// crypto/internal/fips140/v1.2.3/sha256 and returns the actual source directory // in the unpacked snapshot. Using the actual directory instead of the -// virtual directory GOROOT/src/crypto/internal/fips/v1.2.3 makes sure +// virtual directory GOROOT/src/crypto/internal/fips140/v1.2.3 makes sure // that other tools using go list -json output can find the sources, // as well as making sure builds have a real directory in which to run the // assembler, compiler, and so on. The translation of the import path happens @@ -83,15 +83,12 @@ // a snapshot - we could make things work without doing that - but including // the v1.2.3 gives a different version of the code a different name, which is // always a good general rule. In particular, it will mean that govulncheck need -// not have any special cases for crypto/internal/fips at all. The reports simply +// not have any special cases for crypto/internal/fips140 at all. The reports simply // need to list the relevant symbols in a given Go version. (For example, if a bug // is only in the in-tree copy but not the snapshots, it doesn't list the snapshot // symbols; if it's in any snapshots, it has to list the specific snapshot symbols // in addition to the “normal” symbol.) -// -// TODO: crypto/internal/fips is going to move to crypto/internal/fips140, -// at which point all the crypto/internal/fips references need to be updated. -package fips +package fips140 import ( "cmd/go/internal/base" @@ -120,7 +117,7 @@ func Init() { initVersion() initDir() if Snapshot() { - fsys.Bind(Dir(), filepath.Join(cfg.GOROOT, "src/crypto/internal/fips")) + fsys.Bind(Dir(), filepath.Join(cfg.GOROOT, "src/crypto/internal/fips140")) } } @@ -150,7 +147,7 @@ func Enabled() bool { } // Snapshot reports whether FIPS mode is using a source snapshot -// rather than $GOROOT/src/crypto/internal/fips. +// rather than $GOROOT/src/crypto/internal/fips140. // That is, it reports whether GOFIPS140 is set to something besides "latest" or "off". func Snapshot() bool { checkInit() @@ -200,11 +197,11 @@ func initVersion() { base.Fatalf("go: unknown GOFIPS140 version %q", v) } -// Dir reports the directory containing the crypto/internal/fips source code. -// If Snapshot() is false, Dir returns GOROOT/src/crypto/internal/fips. +// Dir reports the directory containing the crypto/internal/fips140 source code. +// If Snapshot() is false, Dir returns GOROOT/src/crypto/internal/fips140. // Otherwise Dir ensures that the snapshot has been unpacked into the // module cache and then returns the directory in the module cache -// corresponding to the crypto/internal/fips directory. +// corresponding to the crypto/internal/fips140 directory. func Dir() string { checkInit() return dir @@ -215,7 +212,7 @@ var dir string func initDir() { v := version if v == "latest" || v == "off" { - dir = filepath.Join(cfg.GOROOT, "src/crypto/internal/fips") + dir = filepath.Join(cfg.GOROOT, "src/crypto/internal/fips140") return } @@ -230,15 +227,15 @@ func initDir() { } // ResolveImport resolves the import path imp. -// If it is of the form crypto/internal/fips/foo -// (not crypto/internal/fips/v1.2.3/foo) +// If it is of the form crypto/internal/fips140/foo +// (not crypto/internal/fips140/v1.2.3/foo) // and we are using a snapshot, then LookupImport -// rewrites the path to crypto/internal/fips/v1.2.3/foo +// rewrites the path to crypto/internal/fips140/v1.2.3/foo // and returns that path and its location in the unpacked // FIPS snapshot. func ResolveImport(imp string) (newPath, dir string, ok bool) { checkInit() - const fips = "crypto/internal/fips" + const fips = "crypto/internal/fips140" if !Snapshot() || !str.HasPathPrefix(imp, fips) { return "", "", false } diff --git a/src/cmd/go/internal/fips/fips_test.go b/src/cmd/go/internal/fips140/fips_test.go similarity index 99% rename from src/cmd/go/internal/fips/fips_test.go rename to src/cmd/go/internal/fips140/fips_test.go index a2f0acba2b55e1..53f0c9ab582260 100644 --- a/src/cmd/go/internal/fips/fips_test.go +++ b/src/cmd/go/internal/fips140/fips_test.go @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -package fips +package fips140 import ( "crypto/sha256" diff --git a/src/cmd/go/internal/fips/mkzip.go b/src/cmd/go/internal/fips140/mkzip.go similarity index 89% rename from src/cmd/go/internal/fips/mkzip.go rename to src/cmd/go/internal/fips140/mkzip.go index 384be51083ad88..1fb1a14e736868 100644 --- a/src/cmd/go/internal/fips/mkzip.go +++ b/src/cmd/go/internal/fips140/mkzip.go @@ -11,7 +11,7 @@ // Usage: // // cd GOROOT/lib/fips140 -// go run ../../src/cmd/go/internal/fips/mkzip.go [-b branch] v1.2.3 +// go run ../../src/cmd/go/internal/fips140/mkzip.go [-b branch] v1.2.3 // // Mkzip creates a zip file named for the version on the command line // using the sources in the named branch (default origin/master, @@ -73,21 +73,21 @@ func main() { // and it is the path where the zip file will be unpacked in the module cache. // The path must begin with a domain name to satisfy the module validation rules, // but otherwise the path is not used. The cmd/go code using these zips - // knows that the zip contains crypto/internal/fips. + // knows that the zip contains crypto/internal/fips140. goroot := "../.." var zbuf bytes.Buffer err = modzip.CreateFromVCS(&zbuf, module.Version{Path: "golang.org/fips140", Version: version}, - goroot, *flagBranch, "src/crypto/internal/fips") + goroot, *flagBranch, "src/crypto/internal/fips140") if err != nil { log.Fatal(err) } // Write new zip file with longer paths: fips140/v1.2.3/foo.go instead of foo.go. // That way we can bind the fips140 directory onto the - // GOROOT/src/crypto/internal/fips directory and get a - // crypto/internal/fips/v1.2.3 with the snapshot code - // and an otherwise empty crypto/internal/fips directory. + // GOROOT/src/crypto/internal/fips140 directory and get a + // crypto/internal/fips140/v1.2.3 with the snapshot code + // and an otherwise empty crypto/internal/fips140 directory. zr, err := zip.NewReader(bytes.NewReader(zbuf.Bytes()), int64(zbuf.Len())) if err != nil { log.Fatal(err) diff --git a/src/cmd/go/internal/load/godebug.go b/src/cmd/go/internal/load/godebug.go index db73c73a156b1f..8ea8ffab1aea1f 100644 --- a/src/cmd/go/internal/load/godebug.go +++ b/src/cmd/go/internal/load/godebug.go @@ -14,7 +14,7 @@ import ( "strconv" "strings" - "cmd/go/internal/fips" + "cmd/go/internal/fips140" "cmd/go/internal/gover" "cmd/go/internal/modload" ) @@ -65,7 +65,7 @@ func defaultGODEBUG(p *Package, directives, testDirectives, xtestDirectives []bu // If GOFIPS140 is set to anything but "off", // default to GODEBUG=fips140=on. - if fips.Enabled() { + if fips140.Enabled() { if m == nil { m = make(map[string]string) } diff --git a/src/cmd/go/internal/load/pkg.go b/src/cmd/go/internal/load/pkg.go index b7e8565e5f4258..4daa0df45c0a6f 100644 --- a/src/cmd/go/internal/load/pkg.go +++ b/src/cmd/go/internal/load/pkg.go @@ -32,7 +32,7 @@ import ( "cmd/go/internal/base" "cmd/go/internal/cfg" - "cmd/go/internal/fips" + "cmd/go/internal/fips140" "cmd/go/internal/fsys" "cmd/go/internal/gover" "cmd/go/internal/imports" @@ -407,7 +407,7 @@ func (p *Package) copyBuild(opts PackageOpts, pp *build.Package) { p.BinaryOnly = pp.BinaryOnly // TODO? Target - p.Goroot = pp.Goroot || fips.Snapshot() && str.HasFilePathPrefix(p.Dir, fips.Dir()) + p.Goroot = pp.Goroot || fips140.Snapshot() && str.HasFilePathPrefix(p.Dir, fips140.Dir()) p.Standard = p.Goroot && p.ImportPath != "" && search.IsStandardImportPath(p.ImportPath) p.GoFiles = pp.GoFiles p.CgoFiles = pp.CgoFiles @@ -885,7 +885,7 @@ func loadPackageData(ctx context.Context, path, parentPath, parentDir, parentRoo } r := resolvedImportCache.Do(importKey, func() resolvedImport { var r resolvedImport - if newPath, dir, ok := fips.ResolveImport(path); ok { + if newPath, dir, ok := fips140.ResolveImport(path); ok { r.path = newPath r.dir = dir } else if cfg.ModulesEnabled { @@ -1523,15 +1523,15 @@ func disallowInternal(ctx context.Context, srcDir string, importer *Package, imp // directory, so the usual directory rules don't work apply, or rather they // apply differently depending on whether we are using a snapshot or the // in-tree copy of the code. We apply a consistent rule here: - // crypto/internal/fips can only see crypto/internal, never top-of-tree internal. - // Similarly, crypto/... can see crypto/internal/fips even though the usual rules + // crypto/internal/fips140 can only see crypto/internal, never top-of-tree internal. + // Similarly, crypto/... can see crypto/internal/fips140 even though the usual rules // would not allow it in snapshot mode. - if str.HasPathPrefix(importerPath, "crypto") && str.HasPathPrefix(p.ImportPath, "crypto/internal/fips") { - return nil // crypto can use crypto/internal/fips + if str.HasPathPrefix(importerPath, "crypto") && str.HasPathPrefix(p.ImportPath, "crypto/internal/fips140") { + return nil // crypto can use crypto/internal/fips140 } - if str.HasPathPrefix(importerPath, "crypto/internal/fips") { + if str.HasPathPrefix(importerPath, "crypto/internal/fips140") { if str.HasPathPrefix(p.ImportPath, "crypto/internal") { - return nil // crypto/internal/fips can use crypto/internal + return nil // crypto/internal/fips140 can use crypto/internal } // TODO: Delete this switch once the usages are removed. switch p.ImportPath { @@ -2462,8 +2462,8 @@ func (p *Package) setBuildInfo(ctx context.Context, autoVCS bool) { if cfg.RawGOEXPERIMENT != "" { appendSetting("GOEXPERIMENT", cfg.RawGOEXPERIMENT) } - if fips.Enabled() { - appendSetting("GOFIPS140", fips.Version()) + if fips140.Enabled() { + appendSetting("GOFIPS140", fips140.Version()) } appendSetting("GOOS", cfg.BuildContext.GOOS) if key, val, _ := cfg.GetArchEnv(); key != "" && val != "" { diff --git a/src/cmd/go/internal/modload/init.go b/src/cmd/go/internal/modload/init.go index 2142291445e122..c1bca7e73294e4 100644 --- a/src/cmd/go/internal/modload/init.go +++ b/src/cmd/go/internal/modload/init.go @@ -23,7 +23,7 @@ import ( "cmd/go/internal/base" "cmd/go/internal/cfg" - "cmd/go/internal/fips" + "cmd/go/internal/fips140" "cmd/go/internal/fsys" "cmd/go/internal/gover" "cmd/go/internal/lockedfile" @@ -356,7 +356,7 @@ func BinDir() string { // for example 'go mod tidy', that don't operate in workspace mode. func InitWorkfile() { // Initialize fsys early because we need overlay to read go.work file. - fips.Init() + fips140.Init() if err := fsys.Init(); err != nil { base.Fatal(err) } @@ -416,7 +416,7 @@ func Init() { } initialized = true - fips.Init() + fips140.Init() // Keep in sync with WillBeEnabled. We perform extra validation here, and // there are lots of diagnostics and side effects, so we can't use diff --git a/src/cmd/go/internal/modload/load.go b/src/cmd/go/internal/modload/load.go index e25e45c38dc3d6..746cefd256d376 100644 --- a/src/cmd/go/internal/modload/load.go +++ b/src/cmd/go/internal/modload/load.go @@ -115,7 +115,7 @@ import ( "cmd/go/internal/base" "cmd/go/internal/cfg" - "cmd/go/internal/fips" + "cmd/go/internal/fips140" "cmd/go/internal/fsys" "cmd/go/internal/gover" "cmd/go/internal/imports" @@ -1958,7 +1958,7 @@ func (ld *loader) pkgTest(ctx context.Context, pkg *loadPkg, testFlags loadPkgFl // stdVendor returns the canonical import path for the package with the given // path when imported from the standard-library package at parentPath. func (ld *loader) stdVendor(parentPath, path string) string { - if p, _, ok := fips.ResolveImport(path); ok { + if p, _, ok := fips140.ResolveImport(path); ok { return p } if search.IsStandardImportPath(path) { diff --git a/src/cmd/go/internal/work/buildid.go b/src/cmd/go/internal/work/buildid.go index d6121fbb19007d..56248ffdc4018d 100644 --- a/src/cmd/go/internal/work/buildid.go +++ b/src/cmd/go/internal/work/buildid.go @@ -15,7 +15,7 @@ import ( "cmd/go/internal/base" "cmd/go/internal/cache" "cmd/go/internal/cfg" - "cmd/go/internal/fips" + "cmd/go/internal/fips140" "cmd/go/internal/fsys" "cmd/go/internal/str" "cmd/internal/buildid" @@ -457,7 +457,7 @@ func (b *Builder) useCache(a *Action, actionHash cache.ActionID, target string, // to $WORK/b001 from the cache, // but we went years without caching binaries anyway, // so not caching them for FIPS will be fine, at least to start. - if a.Mode == "link" && fips.Enabled() && a.Package != nil && !strings.HasSuffix(a.Package.ImportPath, ".test") { + if a.Mode == "link" && fips140.Enabled() && a.Package != nil && !strings.HasSuffix(a.Package.ImportPath, ".test") { return false } @@ -520,7 +520,7 @@ func (b *Builder) useCache(a *Action, actionHash cache.ActionID, target string, oldBuildID := a.buildID a.buildID = id[1] + buildIDSeparator + id[2] linkID := buildid.HashToString(b.linkActionID(a.triggers[0])) - if id[0] == linkID && !fips.Enabled() { + if id[0] == linkID && !fips140.Enabled() { // Best effort attempt to display output from the compile and link steps. // If it doesn't work, it doesn't work: reusing the cached binary is more // important than reprinting diagnostic information. diff --git a/src/cmd/go/internal/work/gc.go b/src/cmd/go/internal/work/gc.go index 573554e8bf0633..3a173efee88ae4 100644 --- a/src/cmd/go/internal/work/gc.go +++ b/src/cmd/go/internal/work/gc.go @@ -19,7 +19,7 @@ import ( "cmd/go/internal/base" "cmd/go/internal/cfg" - "cmd/go/internal/fips" + "cmd/go/internal/fips140" "cmd/go/internal/fsys" "cmd/go/internal/gover" "cmd/go/internal/load" @@ -615,7 +615,7 @@ func (gcToolchain) ld(b *Builder, root *Action, targetPath, importcfg, mainpkg s if cfg.BuildBuildmode == "plugin" { ldflags = append(ldflags, "-pluginpath", pluginPath(root)) } - if fips.Enabled() { + if fips140.Enabled() { ldflags = append(ldflags, "-fipso", filepath.Join(root.Objdir, "fips.o")) } diff --git a/src/cmd/go/testdata/script/fipssnap.txt b/src/cmd/go/testdata/script/fipssnap.txt index 83e36f5365ffc6..17a9d647a1845b 100644 --- a/src/cmd/go/testdata/script/fipssnap.txt +++ b/src/cmd/go/testdata/script/fipssnap.txt @@ -13,15 +13,15 @@ stdout fips140=on # std lists fips snapshot and not regular fips go list std -stdout crypto/internal/fips/$snap/sha256 -! stdout crypto/internal/fips/sha256 -! stdout crypto/internal/fips/check +stdout crypto/internal/fips140/$snap/sha256 +! stdout crypto/internal/fips140/sha256 +! stdout crypto/internal/fips140/check # build does not use regular fips go list -json -test -stdout crypto/internal/fips/$snap/sha256 -! stdout crypto/internal/fips/sha256 -! stdout crypto/internal/fips/check +stdout crypto/internal/fips140/$snap/sha256 +! stdout crypto/internal/fips140/sha256 +! stdout crypto/internal/fips140/check # again with GOFIPS140=$alias env GOFIPS140=$alias @@ -32,15 +32,15 @@ stdout fips140=on # std lists fips snapshot and not regular fips go list std -stdout crypto/internal/fips/$snap/sha256 -! stdout crypto/internal/fips/sha256 -! stdout crypto/internal/fips/check +stdout crypto/internal/fips140/$snap/sha256 +! stdout crypto/internal/fips140/sha256 +! stdout crypto/internal/fips140/check # build does not use regular fips go list -json -test -stdout crypto/internal/fips/$snap/sha256 -! stdout crypto/internal/fips/sha256 -! stdout crypto/internal/fips/check +stdout crypto/internal/fips140/$snap/sha256 +! stdout crypto/internal/fips140/sha256 +! stdout crypto/internal/fips140/check [short] skip diff --git a/src/cmd/internal/obj/fips.go b/src/cmd/internal/obj/fips140.go similarity index 94% rename from src/cmd/internal/obj/fips.go rename to src/cmd/internal/obj/fips140.go index 978028f70a892d..326301aa879561 100644 --- a/src/cmd/internal/obj/fips.go +++ b/src/cmd/internal/obj/fips140.go @@ -26,14 +26,14 @@ restrict those to the actual cryptographic packages. Since we're not hashing the whole binary, we need to record the parts of the binary that contain FIPS code, specifically the part of the -binary corresponding to the crypto/internal/fips package subtree. +binary corresponding to the crypto/internal/fips140 package subtree. To do that, we create special symbol types STEXTFIPS, SRODATAFIPS, SNOPTRDATAFIPS, and SDATAFIPS, which those packages use instead of STEXT, SRODATA, SNOPTRDATA, and SDATA. The linker groups symbols by their type, so that naturally makes the FIPS parts contiguous within a given type. The linker then writes out in a special symbol the start and end of each of these FIPS-specific sections, alongside the -expected HMAC-SHA256 of them. At startup, the crypto/internal/fips/check +expected HMAC-SHA256 of them. At startup, the crypto/internal/fips140/check package has an init function that recomputes the hash and checks it against the recorded expectation. @@ -74,11 +74,11 @@ A similar issue happens with: The compiler invents an anonymous array and then treats the code as in the first example. In both cases, a load-time relocation applied -before the crypto/internal/fips/check init function would invalidate +before the crypto/internal/fips140/check init function would invalidate the hash. Instead, we disable the “link time initialization” optimizations in the compiler (package staticinit) for the fips packages. That way, the slice initialization is deferred to its own init function. -As long as the package in question imports crypto/internal/fips/check, +As long as the package in question imports crypto/internal/fips140/check, the hash check will happen before the package's own init function runs, and so the hash check will see the slice header written by the linker, with a slice base pointer predictably nil instead of the @@ -95,11 +95,11 @@ for every new relocation in a symbol in a FIPS package (as reported by The cryptographic code+data must be included in the hash-verified data. In general we accomplish that by putting all symbols from -crypto/internal/fips/... packages into the hash-verified data. +crypto/internal/fips140/... packages into the hash-verified data. But not all. Note that wrapper code that layers a Go API atop the cryptographic -core is unverified. For example, crypto/internal/fips/sha256 is part of +core is unverified. For example, crypto/internal/fips140/sha256 is part of the FIPS module and verified but the crypto/sha256 package that wraps it is outside the module and unverified. Also, runtime support like the implementation of malloc and garbage collection is outside the @@ -146,7 +146,7 @@ import ( const enableFIPS = true -// IsFIPS reports whether we are compiling one of the crypto/internal/fips/... packages. +// IsFIPS reports whether we are compiling one of the crypto/internal/fips140/... packages. func (ctxt *Link) IsFIPS() bool { if strings.HasSuffix(ctxt.Pkgpath, "_test") { // External test packages are outside the FIPS hash scope. @@ -154,7 +154,7 @@ func (ctxt *Link) IsFIPS() bool { // emit absolute relocations in the global data. return false } - return ctxt.Pkgpath == "crypto/internal/fips" || strings.HasPrefix(ctxt.Pkgpath, "crypto/internal/fips/") + return ctxt.Pkgpath == "crypto/internal/fips140" || strings.HasPrefix(ctxt.Pkgpath, "crypto/internal/fips140/") } // bisectFIPS controls bisect-based debugging of FIPS symbol assignment. @@ -191,7 +191,7 @@ func EnableFIPS() bool { // It should instead pass -shared to the compiler to get true // position-independent code, at which point FIPS verification // would work fine. FIPS verification does work fine on -buildmode=exe, - // but -buildmode=pie is the default, so crypto/internal/fips/check + // but -buildmode=pie is the default, so crypto/internal/fips140/check // would fail during all.bash if we enabled FIPS here. // Perhaps the default should be changed back to -buildmode=exe, // after which we could remove this case, but until then, @@ -221,11 +221,11 @@ func (s *LSym) setFIPSType(ctxt *Link) { return } - // Name must begin with crypto/internal/fips, then dot or slash. + // Name must begin with crypto/internal/fips140, then dot or slash. // The quick check for 'c' before the string compare is probably overkill, // but this function is called a fair amount, and we don't want to // slow down all the non-FIPS compilations. - const prefix = "crypto/internal/fips" + const prefix = "crypto/internal/fips140" name := s.Name if len(name) <= len(prefix) || (name[len(prefix)] != '.' && name[len(prefix)] != '/') || name[0] != 'c' || name[:len(prefix)] != prefix { return @@ -239,7 +239,7 @@ func (s *LSym) setFIPSType(ctxt *Link) { // Now we're at least handling a FIPS symbol. // It's okay to be slower now, since this code only runs when compiling a few packages. - // Even in the crypto/internal/fips packages, + // Even in the crypto/internal/fips140 packages, // we exclude various Go runtime metadata, // so that it can be allowed to contain data relocations. if strings.Contains(name, ".init") || @@ -257,7 +257,7 @@ func (s *LSym) setFIPSType(ctxt *Link) { // This symbol is linknamed to go:fipsinfo, // so we shouldn't see it, but skip it just in case. - if s.Name == "crypto/internal/fips/check.linkinfo" { + if s.Name == "crypto/internal/fips140/check.linkinfo" { return } @@ -289,7 +289,7 @@ func (s *LSym) setFIPSType(ctxt *Link) { // checkFIPSReloc should be called for every relocation applied to s. // It rejects absolute (non-PC-relative) address relocations when building // with go build -buildmode=pie (which triggers the compiler's -shared flag), -// because those relocations will be applied before crypto/internal/fips/check +// because those relocations will be applied before crypto/internal/fips140/check // can hash-verify the FIPS code+data, which will make the verification fail. func (s *LSym) checkFIPSReloc(ctxt *Link, rel Reloc) { if !ctxt.Flag_shared { diff --git a/src/cmd/link/internal/ld/fips.go b/src/cmd/link/internal/ld/fips140.go similarity index 98% rename from src/cmd/link/internal/ld/fips.go rename to src/cmd/link/internal/ld/fips140.go index a88fdd822ddb54..c1887ee50a337e 100644 --- a/src/cmd/link/internal/ld/fips.go +++ b/src/cmd/link/internal/ld/fips140.go @@ -43,7 +43,7 @@ The new special symbols are created by [loadfips]. Having collated the FIPS symbols, we need to compute the hash and then leave both the expected hash and the FIPS address ranges -for the run-time check in crypto/internal/fips/check. +for the run-time check in crypto/internal/fips140/check. We do that by creating a special symbol named go:fipsinfo of the form struct { @@ -55,7 +55,7 @@ We do that by creating a special symbol named go:fipsinfo of the form } } -The crypto/internal/fips/check uses linkname to access this symbol, +The crypto/internal/fips140/check uses linkname to access this symbol, which is of course not included in the hash. # FIPS Info Calculation @@ -85,7 +85,7 @@ two random 32-byte strings differ. For debugging, the linker flag -fipso can be set to the name of a file (such as /tmp/fips.o) where the linker will write the “FIPS object” that is being hashed. -There is also commented-out code in crypto/internal/fips/check that +There is also commented-out code in crypto/internal/fips140/check that will write /tmp/fipscheck.o during the run-time verification. When the hashes differ, the first step is to uncomment the @@ -151,7 +151,7 @@ func loadfips(ctxt *Link) { if ctxt.BuildMode == BuildModePlugin { // not sure why this doesn't work return } - // Write the fipsinfo symbol, which crypto/internal/fips/check uses. + // Write the fipsinfo symbol, which crypto/internal/fips140/check uses. ldr := ctxt.loader // TODO lock down linkname info := ldr.CreateSymForUpdate("go:fipsinfo", 0) diff --git a/src/cmd/link/internal/loader/loader.go b/src/cmd/link/internal/loader/loader.go index 688971146d1587..6fe895a8409cc3 100644 --- a/src/cmd/link/internal/loader/loader.go +++ b/src/cmd/link/internal/loader/loader.go @@ -2337,7 +2337,7 @@ var blockedLinknames = map[string][]string{ "runtime.coroswitch": {"iter"}, "runtime.newcoro": {"iter"}, // fips info - "go:fipsinfo": {"crypto/internal/fips/check"}, + "go:fipsinfo": {"crypto/internal/fips140/check"}, } // check if a linkname reference to symbol s from pkg is allowed diff --git a/src/crypto/aes/aes.go b/src/crypto/aes/aes.go index 6ddcdf603a2152..5bc2d13d673e0a 100644 --- a/src/crypto/aes/aes.go +++ b/src/crypto/aes/aes.go @@ -16,7 +16,7 @@ package aes import ( "crypto/cipher" "crypto/internal/boring" - "crypto/internal/fips/aes" + "crypto/internal/fips140/aes" "strconv" ) diff --git a/src/crypto/cipher/cbc.go b/src/crypto/cipher/cbc.go index 9f94056833d1e0..b4536aceb9c224 100644 --- a/src/crypto/cipher/cbc.go +++ b/src/crypto/cipher/cbc.go @@ -13,8 +13,8 @@ package cipher import ( "bytes" - "crypto/internal/fips/aes" - "crypto/internal/fips/alias" + "crypto/internal/fips140/aes" + "crypto/internal/fips140/alias" "crypto/subtle" ) diff --git a/src/crypto/cipher/cfb.go b/src/crypto/cipher/cfb.go index 7a18f1c2313e54..eccb1afa7d4383 100644 --- a/src/crypto/cipher/cfb.go +++ b/src/crypto/cipher/cfb.go @@ -7,7 +7,7 @@ package cipher import ( - "crypto/internal/fips/alias" + "crypto/internal/fips140/alias" "crypto/subtle" ) diff --git a/src/crypto/cipher/ctr.go b/src/crypto/cipher/ctr.go index e53e96609b3a1b..c868635b8a7a86 100644 --- a/src/crypto/cipher/ctr.go +++ b/src/crypto/cipher/ctr.go @@ -14,8 +14,8 @@ package cipher import ( "bytes" - "crypto/internal/fips/aes" - "crypto/internal/fips/alias" + "crypto/internal/fips140/aes" + "crypto/internal/fips140/alias" "crypto/subtle" ) diff --git a/src/crypto/cipher/ctr_aes_test.go b/src/crypto/cipher/ctr_aes_test.go index 5260732688cf60..33942467784ad3 100644 --- a/src/crypto/cipher/ctr_aes_test.go +++ b/src/crypto/cipher/ctr_aes_test.go @@ -16,7 +16,7 @@ import ( "crypto/cipher" "crypto/internal/boring" "crypto/internal/cryptotest" - fipsaes "crypto/internal/fips/aes" + fipsaes "crypto/internal/fips140/aes" "encoding/hex" "fmt" "math/rand" diff --git a/src/crypto/cipher/gcm.go b/src/crypto/cipher/gcm.go index c75e8eddd146f5..239e3466caead7 100644 --- a/src/crypto/cipher/gcm.go +++ b/src/crypto/cipher/gcm.go @@ -5,9 +5,9 @@ package cipher import ( - "crypto/internal/fips/aes" - "crypto/internal/fips/aes/gcm" - "crypto/internal/fips/alias" + "crypto/internal/fips140/aes" + "crypto/internal/fips140/aes/gcm" + "crypto/internal/fips140/alias" "crypto/subtle" "errors" "internal/byteorder" @@ -127,7 +127,7 @@ func (g gcmWithRandomNonce) Seal(dst, nonce, plaintext, additionalData []byte) [ // In Seal, we could work through the input backwards or intentionally load // ahead before writing. // - // However, the crypto/internal/fips/aes/gcm APIs also check for exact overlap, + // However, the crypto/internal/fips140/aes/gcm APIs also check for exact overlap, // so for now we just do a memmove if we detect overlap. // // ┌───────────────────────────┬ ─ ─ @@ -209,7 +209,7 @@ func newGCMFallback(cipher Block, nonceSize, tagSize int) (AEAD, error) { // gcmFallback is only used for non-AES ciphers, which regrettably we // theoretically support. It's a copy of the generic implementation from -// crypto/internal/fips/aes/gcm/gcm_generic.go, refer to that file for more details. +// crypto/internal/fips140/aes/gcm/gcm_generic.go, refer to that file for more details. type gcmFallback struct { cipher Block nonceSize int diff --git a/src/crypto/cipher/gcm_test.go b/src/crypto/cipher/gcm_test.go index f6679f3d422772..ea2b4e29e2b67f 100644 --- a/src/crypto/cipher/gcm_test.go +++ b/src/crypto/cipher/gcm_test.go @@ -10,9 +10,9 @@ import ( "crypto/cipher" "crypto/internal/boring" "crypto/internal/cryptotest" - "crypto/internal/fips" - fipsaes "crypto/internal/fips/aes" - "crypto/internal/fips/aes/gcm" + "crypto/internal/fips140" + fipsaes "crypto/internal/fips140/aes" + "crypto/internal/fips140/aes/gcm" "crypto/rand" "encoding/hex" "errors" @@ -744,9 +744,9 @@ func TestFIPSServiceIndicator(t *testing.T) { return aead } tryNonce := func(aead cipher.AEAD, nonce []byte) bool { - fips.ResetServiceIndicator() + fips140.ResetServiceIndicator() aead.Seal(nil, nonce, []byte("x"), nil) - return fips.ServiceIndicator() + return fips140.ServiceIndicator() } expectTrue := func(t *testing.T, aead cipher.AEAD, nonce []byte) { t.Helper() diff --git a/src/crypto/cipher/ofb.go b/src/crypto/cipher/ofb.go index 339864f4e2882a..549dc919629151 100644 --- a/src/crypto/cipher/ofb.go +++ b/src/crypto/cipher/ofb.go @@ -7,7 +7,7 @@ package cipher import ( - "crypto/internal/fips/alias" + "crypto/internal/fips140/alias" "crypto/subtle" ) diff --git a/src/crypto/des/cipher.go b/src/crypto/des/cipher.go index 361b9621fe20c4..a1ed57cdb159c4 100644 --- a/src/crypto/des/cipher.go +++ b/src/crypto/des/cipher.go @@ -6,7 +6,7 @@ package des import ( "crypto/cipher" - "crypto/internal/fips/alias" + "crypto/internal/fips140/alias" "internal/byteorder" "strconv" ) diff --git a/src/crypto/ecdh/nist.go b/src/crypto/ecdh/nist.go index 0a80ca00635d32..903aa2603024e4 100644 --- a/src/crypto/ecdh/nist.go +++ b/src/crypto/ecdh/nist.go @@ -7,7 +7,7 @@ package ecdh import ( "bytes" "crypto/internal/boring" - "crypto/internal/fips/ecdh" + "crypto/internal/fips140/ecdh" "errors" "io" ) diff --git a/src/crypto/ecdh/x25519.go b/src/crypto/ecdh/x25519.go index 336c8e4c471598..73c1120bf306cc 100644 --- a/src/crypto/ecdh/x25519.go +++ b/src/crypto/ecdh/x25519.go @@ -6,7 +6,7 @@ package ecdh import ( "bytes" - "crypto/internal/fips/edwards25519/field" + "crypto/internal/fips140/edwards25519/field" "crypto/internal/randutil" "errors" "io" diff --git a/src/crypto/ecdsa/ecdsa.go b/src/crypto/ecdsa/ecdsa.go index 0c2e0bab45ca4b..0ad669795c56b2 100644 --- a/src/crypto/ecdsa/ecdsa.go +++ b/src/crypto/ecdsa/ecdsa.go @@ -20,7 +20,7 @@ import ( "crypto/elliptic" "crypto/internal/boring" "crypto/internal/boring/bbig" - "crypto/internal/fips/ecdsa" + "crypto/internal/fips140/ecdsa" "crypto/internal/randutil" "crypto/sha512" "crypto/subtle" diff --git a/src/crypto/ed25519/ed25519.go b/src/crypto/ed25519/ed25519.go index 3b033f14a1fd6d..6480463b4ae7a6 100644 --- a/src/crypto/ed25519/ed25519.go +++ b/src/crypto/ed25519/ed25519.go @@ -17,7 +17,7 @@ package ed25519 import ( "crypto" - "crypto/internal/fips/ed25519" + "crypto/internal/fips140/ed25519" cryptorand "crypto/rand" "crypto/subtle" "errors" diff --git a/src/crypto/elliptic/nistec.go b/src/crypto/elliptic/nistec.go index b785b2cca69740..043e57607c0460 100644 --- a/src/crypto/elliptic/nistec.go +++ b/src/crypto/elliptic/nistec.go @@ -5,7 +5,7 @@ package elliptic import ( - "crypto/internal/fips/nistec" + "crypto/internal/fips140/nistec" "errors" "math/big" ) diff --git a/src/crypto/elliptic/nistec_p256.go b/src/crypto/elliptic/nistec_p256.go index 14bf167774f13f..41aace742152ce 100644 --- a/src/crypto/elliptic/nistec_p256.go +++ b/src/crypto/elliptic/nistec_p256.go @@ -7,7 +7,7 @@ package elliptic import ( - "crypto/internal/fips/nistec" + "crypto/internal/fips140/nistec" "math/big" ) diff --git a/src/crypto/hmac/hmac.go b/src/crypto/hmac/hmac.go index b8c909cf015aa7..3b777665cbdf8a 100644 --- a/src/crypto/hmac/hmac.go +++ b/src/crypto/hmac/hmac.go @@ -23,7 +23,7 @@ package hmac import ( "crypto/internal/boring" - "crypto/internal/fips/hmac" + "crypto/internal/fips140/hmac" "crypto/subtle" "hash" ) diff --git a/src/crypto/internal/entropy/entropy.go b/src/crypto/internal/entropy/entropy.go index e27b05bda58313..5319e9e47a7455 100644 --- a/src/crypto/internal/entropy/entropy.go +++ b/src/crypto/internal/entropy/entropy.go @@ -3,7 +3,7 @@ // license that can be found in the LICENSE file. // Package entropy provides the passive entropy source for the FIPS 140-3 -// module. It is only used in FIPS mode by [crypto/internal/fips/drbg.Read]. +// module. It is only used in FIPS mode by [crypto/internal/fips140/drbg.Read]. // // This complies with IG 9.3.A, Additional Comment 12, which until January 1, // 2026 allows new modules to meet an [earlier version] of Resolution 2(b): diff --git a/src/crypto/internal/fips/check/checktest/asm.s b/src/crypto/internal/fips/check/checktest/asm.s deleted file mode 100644 index 090f87b1ec5c3d..00000000000000 --- a/src/crypto/internal/fips/check/checktest/asm.s +++ /dev/null @@ -1,6 +0,0 @@ -//go:build !purego && !wasm - -#include "textflag.h" - -DATA crypto∕internal∕fips∕check∕checktest·RODATA(SB)/4, $2 -GLOBL crypto∕internal∕fips∕check∕checktest·RODATA(SB), RODATA, $4 diff --git a/src/crypto/internal/fips/aes/_asm/ctr/ctr_amd64_asm.go b/src/crypto/internal/fips140/aes/_asm/ctr/ctr_amd64_asm.go similarity index 100% rename from src/crypto/internal/fips/aes/_asm/ctr/ctr_amd64_asm.go rename to src/crypto/internal/fips140/aes/_asm/ctr/ctr_amd64_asm.go diff --git a/src/crypto/internal/fips/aes/_asm/ctr/go.mod b/src/crypto/internal/fips140/aes/_asm/ctr/go.mod similarity index 100% rename from src/crypto/internal/fips/aes/_asm/ctr/go.mod rename to src/crypto/internal/fips140/aes/_asm/ctr/go.mod diff --git a/src/crypto/internal/fips/aes/_asm/ctr/go.sum b/src/crypto/internal/fips140/aes/_asm/ctr/go.sum similarity index 100% rename from src/crypto/internal/fips/aes/_asm/ctr/go.sum rename to src/crypto/internal/fips140/aes/_asm/ctr/go.sum diff --git a/src/crypto/internal/fips/aes/_asm/standard/aes_amd64.go b/src/crypto/internal/fips140/aes/_asm/standard/aes_amd64.go similarity index 100% rename from src/crypto/internal/fips/aes/_asm/standard/aes_amd64.go rename to src/crypto/internal/fips140/aes/_asm/standard/aes_amd64.go diff --git a/src/crypto/internal/fips/aes/_asm/standard/go.mod b/src/crypto/internal/fips140/aes/_asm/standard/go.mod similarity index 100% rename from src/crypto/internal/fips/aes/_asm/standard/go.mod rename to src/crypto/internal/fips140/aes/_asm/standard/go.mod diff --git a/src/crypto/internal/fips/aes/_asm/standard/go.sum b/src/crypto/internal/fips140/aes/_asm/standard/go.sum similarity index 100% rename from src/crypto/internal/fips/aes/_asm/standard/go.sum rename to src/crypto/internal/fips140/aes/_asm/standard/go.sum diff --git a/src/crypto/internal/fips/aes/aes.go b/src/crypto/internal/fips140/aes/aes.go similarity index 96% rename from src/crypto/internal/fips/aes/aes.go rename to src/crypto/internal/fips140/aes/aes.go index 06eff26d0c559b..739f1a3dbe6599 100644 --- a/src/crypto/internal/fips/aes/aes.go +++ b/src/crypto/internal/fips140/aes/aes.go @@ -5,8 +5,8 @@ package aes import ( - "crypto/internal/fips" - "crypto/internal/fips/alias" + "crypto/internal/fips140" + "crypto/internal/fips140/alias" "strconv" ) @@ -103,7 +103,7 @@ func (c *Block) Encrypt(dst, src []byte) { if alias.InexactOverlap(dst[:BlockSize], src[:BlockSize]) { panic("crypto/aes: invalid buffer overlap") } - fips.RecordApproved() + fips140.RecordApproved() encryptBlock(c, dst, src) } @@ -117,6 +117,6 @@ func (c *Block) Decrypt(dst, src []byte) { if alias.InexactOverlap(dst[:BlockSize], src[:BlockSize]) { panic("crypto/aes: invalid buffer overlap") } - fips.RecordApproved() + fips140.RecordApproved() decryptBlock(c, dst, src) } diff --git a/src/crypto/internal/fips/aes/aes_amd64.s b/src/crypto/internal/fips140/aes/aes_amd64.s similarity index 100% rename from src/crypto/internal/fips/aes/aes_amd64.s rename to src/crypto/internal/fips140/aes/aes_amd64.s diff --git a/src/crypto/internal/fips/aes/aes_arm64.s b/src/crypto/internal/fips140/aes/aes_arm64.s similarity index 100% rename from src/crypto/internal/fips/aes/aes_arm64.s rename to src/crypto/internal/fips140/aes/aes_arm64.s diff --git a/src/crypto/internal/fips/aes/aes_asm.go b/src/crypto/internal/fips140/aes/aes_asm.go similarity index 97% rename from src/crypto/internal/fips/aes/aes_asm.go rename to src/crypto/internal/fips140/aes/aes_asm.go index 47aca965437c9f..95a07e7a1ca19e 100644 --- a/src/crypto/internal/fips/aes/aes_asm.go +++ b/src/crypto/internal/fips140/aes/aes_asm.go @@ -7,8 +7,8 @@ package aes import ( - "crypto/internal/fipsdeps/cpu" - "crypto/internal/fipsdeps/godebug" + "crypto/internal/fips140deps/cpu" + "crypto/internal/fips140deps/godebug" "crypto/internal/impl" ) diff --git a/src/crypto/internal/fips/aes/aes_generic.go b/src/crypto/internal/fips140/aes/aes_generic.go similarity index 99% rename from src/crypto/internal/fips/aes/aes_generic.go rename to src/crypto/internal/fips140/aes/aes_generic.go index de7ecb13c2311d..0112c0a675c10d 100644 --- a/src/crypto/internal/fips/aes/aes_generic.go +++ b/src/crypto/internal/fips140/aes/aes_generic.go @@ -36,7 +36,7 @@ package aes -import "crypto/internal/fipsdeps/byteorder" +import "crypto/internal/fips140deps/byteorder" // Encrypt one block from src into dst, using the expanded key xk. func encryptBlockGeneric(c *blockExpanded, dst, src []byte) { diff --git a/src/crypto/internal/fips/aes/aes_noasm.go b/src/crypto/internal/fips140/aes/aes_noasm.go similarity index 100% rename from src/crypto/internal/fips/aes/aes_noasm.go rename to src/crypto/internal/fips140/aes/aes_noasm.go diff --git a/src/crypto/internal/fips/aes/aes_ppc64x.s b/src/crypto/internal/fips140/aes/aes_ppc64x.s similarity index 100% rename from src/crypto/internal/fips/aes/aes_ppc64x.s rename to src/crypto/internal/fips140/aes/aes_ppc64x.s diff --git a/src/crypto/internal/fips/aes/aes_s390x.go b/src/crypto/internal/fips140/aes/aes_s390x.go similarity index 98% rename from src/crypto/internal/fips/aes/aes_s390x.go rename to src/crypto/internal/fips140/aes/aes_s390x.go index 005aacb30058d0..72d7b6f763d169 100644 --- a/src/crypto/internal/fips/aes/aes_s390x.go +++ b/src/crypto/internal/fips140/aes/aes_s390x.go @@ -7,7 +7,7 @@ package aes import ( - "crypto/internal/fipsdeps/cpu" + "crypto/internal/fips140deps/cpu" "crypto/internal/impl" ) diff --git a/src/crypto/internal/fips/aes/aes_s390x.s b/src/crypto/internal/fips140/aes/aes_s390x.s similarity index 100% rename from src/crypto/internal/fips/aes/aes_s390x.s rename to src/crypto/internal/fips140/aes/aes_s390x.s diff --git a/src/crypto/internal/fips/aes/aes_test.go b/src/crypto/internal/fips140/aes/aes_test.go similarity index 100% rename from src/crypto/internal/fips/aes/aes_test.go rename to src/crypto/internal/fips140/aes/aes_test.go diff --git a/src/crypto/internal/fips/aes/cast.go b/src/crypto/internal/fips140/aes/cast.go similarity index 91% rename from src/crypto/internal/fips/aes/cast.go rename to src/crypto/internal/fips140/aes/cast.go index 4a143a43b2eb08..de8f3676527bc4 100644 --- a/src/crypto/internal/fips/aes/cast.go +++ b/src/crypto/internal/fips140/aes/cast.go @@ -6,13 +6,13 @@ package aes import ( "bytes" - "crypto/internal/fips" - _ "crypto/internal/fips/check" + "crypto/internal/fips140" + _ "crypto/internal/fips140/check" "errors" ) func init() { - fips.CAST("AES-CBC", func() error { + fips140.CAST("AES-CBC", func() error { key := []byte{ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, diff --git a/src/crypto/internal/fips/aes/cbc.go b/src/crypto/internal/fips140/aes/cbc.go similarity index 97% rename from src/crypto/internal/fips/aes/cbc.go rename to src/crypto/internal/fips140/aes/cbc.go index d4ec14f1a6cd2b..c7837b9d87d102 100644 --- a/src/crypto/internal/fips/aes/cbc.go +++ b/src/crypto/internal/fips140/aes/cbc.go @@ -5,8 +5,8 @@ package aes import ( - "crypto/internal/fips/alias" - "crypto/internal/fips/subtle" + "crypto/internal/fips140/alias" + "crypto/internal/fips140/subtle" ) type CBCEncrypter struct { diff --git a/src/crypto/internal/fips/aes/cbc_noasm.go b/src/crypto/internal/fips140/aes/cbc_noasm.go similarity index 100% rename from src/crypto/internal/fips/aes/cbc_noasm.go rename to src/crypto/internal/fips140/aes/cbc_noasm.go diff --git a/src/crypto/internal/fips/aes/cbc_ppc64x.go b/src/crypto/internal/fips140/aes/cbc_ppc64x.go similarity index 100% rename from src/crypto/internal/fips/aes/cbc_ppc64x.go rename to src/crypto/internal/fips140/aes/cbc_ppc64x.go diff --git a/src/crypto/internal/fips/aes/cbc_s390x.go b/src/crypto/internal/fips140/aes/cbc_s390x.go similarity index 100% rename from src/crypto/internal/fips/aes/cbc_s390x.go rename to src/crypto/internal/fips140/aes/cbc_s390x.go diff --git a/src/crypto/internal/fips/aes/const.go b/src/crypto/internal/fips140/aes/const.go similarity index 100% rename from src/crypto/internal/fips/aes/const.go rename to src/crypto/internal/fips140/aes/const.go diff --git a/src/crypto/internal/fips/aes/ctr.go b/src/crypto/internal/fips140/aes/ctr.go similarity index 97% rename from src/crypto/internal/fips/aes/ctr.go rename to src/crypto/internal/fips140/aes/ctr.go index 722ec4bc87e0fc..ec1959a225885a 100644 --- a/src/crypto/internal/fips/aes/ctr.go +++ b/src/crypto/internal/fips140/aes/ctr.go @@ -5,9 +5,9 @@ package aes import ( - "crypto/internal/fips/alias" - "crypto/internal/fips/subtle" - "crypto/internal/fipsdeps/byteorder" + "crypto/internal/fips140/alias" + "crypto/internal/fips140/subtle" + "crypto/internal/fips140deps/byteorder" "math/bits" ) diff --git a/src/crypto/internal/fips/aes/ctr_amd64.s b/src/crypto/internal/fips140/aes/ctr_amd64.s similarity index 100% rename from src/crypto/internal/fips/aes/ctr_amd64.s rename to src/crypto/internal/fips140/aes/ctr_amd64.s diff --git a/src/crypto/internal/fips/aes/ctr_arm64.s b/src/crypto/internal/fips140/aes/ctr_arm64.s similarity index 100% rename from src/crypto/internal/fips/aes/ctr_arm64.s rename to src/crypto/internal/fips140/aes/ctr_arm64.s diff --git a/src/crypto/internal/fips/aes/ctr_arm64_gen.go b/src/crypto/internal/fips140/aes/ctr_arm64_gen.go similarity index 100% rename from src/crypto/internal/fips/aes/ctr_arm64_gen.go rename to src/crypto/internal/fips140/aes/ctr_arm64_gen.go diff --git a/src/crypto/internal/fips/aes/ctr_asm.go b/src/crypto/internal/fips140/aes/ctr_asm.go similarity index 100% rename from src/crypto/internal/fips/aes/ctr_asm.go rename to src/crypto/internal/fips140/aes/ctr_asm.go diff --git a/src/crypto/internal/fips/aes/ctr_noasm.go b/src/crypto/internal/fips140/aes/ctr_noasm.go similarity index 100% rename from src/crypto/internal/fips/aes/ctr_noasm.go rename to src/crypto/internal/fips140/aes/ctr_noasm.go diff --git a/src/crypto/internal/fips/aes/ctr_s390x.go b/src/crypto/internal/fips140/aes/ctr_s390x.go similarity index 94% rename from src/crypto/internal/fips/aes/ctr_s390x.go rename to src/crypto/internal/fips140/aes/ctr_s390x.go index aca3fe7ff9caef..2d6e17927e999f 100644 --- a/src/crypto/internal/fips/aes/ctr_s390x.go +++ b/src/crypto/internal/fips140/aes/ctr_s390x.go @@ -7,8 +7,8 @@ package aes import ( - "crypto/internal/fips/subtle" - "crypto/internal/fipsdeps/byteorder" + "crypto/internal/fips140/subtle" + "crypto/internal/fips140deps/byteorder" ) func ctrBlocks1(b *Block, dst, src *[BlockSize]byte, ivlo, ivhi uint64) { diff --git a/src/crypto/internal/fips/aes/gcm/_asm/gcm/gcm_amd64_asm.go b/src/crypto/internal/fips140/aes/gcm/_asm/gcm/gcm_amd64_asm.go similarity index 100% rename from src/crypto/internal/fips/aes/gcm/_asm/gcm/gcm_amd64_asm.go rename to src/crypto/internal/fips140/aes/gcm/_asm/gcm/gcm_amd64_asm.go diff --git a/src/crypto/internal/fips/aes/gcm/_asm/gcm/go.mod b/src/crypto/internal/fips140/aes/gcm/_asm/gcm/go.mod similarity index 100% rename from src/crypto/internal/fips/aes/gcm/_asm/gcm/go.mod rename to src/crypto/internal/fips140/aes/gcm/_asm/gcm/go.mod diff --git a/src/crypto/internal/fips/aes/gcm/_asm/gcm/go.sum b/src/crypto/internal/fips140/aes/gcm/_asm/gcm/go.sum similarity index 100% rename from src/crypto/internal/fips/aes/gcm/_asm/gcm/go.sum rename to src/crypto/internal/fips140/aes/gcm/_asm/gcm/go.sum diff --git a/src/crypto/internal/fips/aes/gcm/cast.go b/src/crypto/internal/fips140/aes/gcm/cast.go similarity index 85% rename from src/crypto/internal/fips/aes/gcm/cast.go rename to src/crypto/internal/fips140/aes/gcm/cast.go index 1373a01944574b..7f1975638ae3b8 100644 --- a/src/crypto/internal/fips/aes/gcm/cast.go +++ b/src/crypto/internal/fips140/aes/gcm/cast.go @@ -5,17 +5,17 @@ package gcm import ( - "crypto/internal/fips" - "crypto/internal/fips/aes" - _ "crypto/internal/fips/check" + "crypto/internal/fips140" + "crypto/internal/fips140/aes" + _ "crypto/internal/fips140/check" "errors" ) func init() { // Counter KDF covers CMAC per IG 10.3.B, and CMAC covers GCM per IG 10.3.A // Resolution 1.d(i). AES decryption is covered by the CBC CAST in package - // crypto/internal/fips/aes. - fips.CAST("CounterKDF", func() error { + // crypto/internal/fips140/aes. + fips140.CAST("CounterKDF", func() error { key := []byte{ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, diff --git a/src/crypto/internal/fips/aes/gcm/cmac.go b/src/crypto/internal/fips140/aes/gcm/cmac.go similarity index 93% rename from src/crypto/internal/fips/aes/gcm/cmac.go rename to src/crypto/internal/fips140/aes/gcm/cmac.go index df87c31e4d7503..e0a9dc43dede7e 100644 --- a/src/crypto/internal/fips/aes/gcm/cmac.go +++ b/src/crypto/internal/fips140/aes/gcm/cmac.go @@ -5,9 +5,9 @@ package gcm import ( - "crypto/internal/fips" - "crypto/internal/fips/aes" - "crypto/internal/fips/subtle" + "crypto/internal/fips140" + "crypto/internal/fips140/aes" + "crypto/internal/fips140/subtle" ) // CMAC implements the CMAC mode from NIST SP 800-38B. @@ -38,7 +38,7 @@ func (c *CMAC) deriveSubkeys() { } func (c *CMAC) MAC(m []byte) [aes.BlockSize]byte { - fips.RecordApproved() + fips140.RecordApproved() _ = c.b // Hoist the nil check out of the loop. var x [aes.BlockSize]byte if len(m) == 0 { diff --git a/src/crypto/internal/fips/aes/gcm/ctrkdf.go b/src/crypto/internal/fips140/aes/gcm/ctrkdf.go similarity index 94% rename from src/crypto/internal/fips/aes/gcm/ctrkdf.go rename to src/crypto/internal/fips140/aes/gcm/ctrkdf.go index 92856337a34bcd..9c7d4971a3e094 100644 --- a/src/crypto/internal/fips/aes/gcm/ctrkdf.go +++ b/src/crypto/internal/fips140/aes/gcm/ctrkdf.go @@ -5,8 +5,8 @@ package gcm import ( - "crypto/internal/fips" - "crypto/internal/fips/aes" + "crypto/internal/fips140" + "crypto/internal/fips140/aes" ) // CounterKDF implements a KDF in Counter Mode instantiated with CMAC-AES, @@ -30,7 +30,7 @@ func NewCounterKDF(b *aes.Block) *CounterKDF { // DeriveKey derives a key from the given label and context. func (kdf *CounterKDF) DeriveKey(label byte, context [12]byte) [32]byte { - fips.RecordApproved() + fips140.RecordApproved() var output [32]byte var input [aes.BlockSize]byte diff --git a/src/crypto/internal/fips/aes/gcm/gcm.go b/src/crypto/internal/fips140/aes/gcm/gcm.go similarity index 96% rename from src/crypto/internal/fips/aes/gcm/gcm.go rename to src/crypto/internal/fips140/aes/gcm/gcm.go index a88f633b096537..20da20c524570c 100644 --- a/src/crypto/internal/fips/aes/gcm/gcm.go +++ b/src/crypto/internal/fips140/aes/gcm/gcm.go @@ -5,9 +5,9 @@ package gcm import ( - "crypto/internal/fips" - "crypto/internal/fips/aes" - "crypto/internal/fips/alias" + "crypto/internal/fips140" + "crypto/internal/fips140/aes" + "crypto/internal/fips140/alias" "errors" ) @@ -61,7 +61,7 @@ func (g *GCM) Overhead() int { } func (g *GCM) Seal(dst, nonce, plaintext, data []byte) []byte { - fips.RecordNonApproved() + fips140.RecordNonApproved() return g.sealAfterIndicator(dst, nonce, plaintext, data) } @@ -115,7 +115,7 @@ func (g *GCM) Open(dst, nonce, ciphertext, data []byte) ([]byte, error) { panic("crypto/cipher: invalid buffer overlap of output and additional data") } - fips.RecordApproved() + fips140.RecordApproved() if err := open(out, g, nonce, ciphertext, data); err != nil { // We sometimes decrypt and authenticate concurrently, so we overwrite // dst in the event of a tag mismatch. To be consistent across platforms diff --git a/src/crypto/internal/fips/aes/gcm/gcm_amd64.s b/src/crypto/internal/fips140/aes/gcm/gcm_amd64.s similarity index 100% rename from src/crypto/internal/fips/aes/gcm/gcm_amd64.s rename to src/crypto/internal/fips140/aes/gcm/gcm_amd64.s diff --git a/src/crypto/internal/fips/aes/gcm/gcm_arm64.s b/src/crypto/internal/fips140/aes/gcm/gcm_arm64.s similarity index 100% rename from src/crypto/internal/fips/aes/gcm/gcm_arm64.s rename to src/crypto/internal/fips140/aes/gcm/gcm_arm64.s diff --git a/src/crypto/internal/fips/aes/gcm/gcm_asm.go b/src/crypto/internal/fips140/aes/gcm/gcm_asm.go similarity index 97% rename from src/crypto/internal/fips/aes/gcm/gcm_asm.go rename to src/crypto/internal/fips140/aes/gcm/gcm_asm.go index f62b7e3f810b4d..d513f77a2f342b 100644 --- a/src/crypto/internal/fips/aes/gcm/gcm_asm.go +++ b/src/crypto/internal/fips140/aes/gcm/gcm_asm.go @@ -7,9 +7,9 @@ package gcm import ( - "crypto/internal/fips/aes" - "crypto/internal/fips/subtle" - "crypto/internal/fipsdeps/cpu" + "crypto/internal/fips140/aes" + "crypto/internal/fips140/subtle" + "crypto/internal/fips140deps/cpu" "crypto/internal/impl" ) diff --git a/src/crypto/internal/fips/aes/gcm/gcm_generic.go b/src/crypto/internal/fips140/aes/gcm/gcm_generic.go similarity index 97% rename from src/crypto/internal/fips/aes/gcm/gcm_generic.go rename to src/crypto/internal/fips140/aes/gcm/gcm_generic.go index 2e5f8b5c1ae40e..778392661dae6e 100644 --- a/src/crypto/internal/fips/aes/gcm/gcm_generic.go +++ b/src/crypto/internal/fips140/aes/gcm/gcm_generic.go @@ -5,9 +5,9 @@ package gcm import ( - "crypto/internal/fips/aes" - "crypto/internal/fips/subtle" - "crypto/internal/fipsdeps/byteorder" + "crypto/internal/fips140/aes" + "crypto/internal/fips140/subtle" + "crypto/internal/fips140deps/byteorder" ) func sealGeneric(out []byte, g *GCM, nonce, plaintext, additionalData []byte) { diff --git a/src/crypto/internal/fips/aes/gcm/gcm_noasm.go b/src/crypto/internal/fips140/aes/gcm/gcm_noasm.go similarity index 100% rename from src/crypto/internal/fips/aes/gcm/gcm_noasm.go rename to src/crypto/internal/fips140/aes/gcm/gcm_noasm.go diff --git a/src/crypto/internal/fips/aes/gcm/gcm_nonces.go b/src/crypto/internal/fips140/aes/gcm/gcm_nonces.go similarity index 94% rename from src/crypto/internal/fips/aes/gcm/gcm_nonces.go rename to src/crypto/internal/fips140/aes/gcm/gcm_nonces.go index db992d14de0cbe..b1ac81528851ac 100644 --- a/src/crypto/internal/fips/aes/gcm/gcm_nonces.go +++ b/src/crypto/internal/fips140/aes/gcm/gcm_nonces.go @@ -5,11 +5,11 @@ package gcm import ( - "crypto/internal/fips" - "crypto/internal/fips/aes" - "crypto/internal/fips/alias" - "crypto/internal/fips/drbg" - "crypto/internal/fipsdeps/byteorder" + "crypto/internal/fips140" + "crypto/internal/fips140/aes" + "crypto/internal/fips140/alias" + "crypto/internal/fips140/drbg" + "crypto/internal/fips140deps/byteorder" "math" ) @@ -37,7 +37,7 @@ func SealWithRandomNonce(g *GCM, nonce, out, plaintext, additionalData []byte) { if alias.AnyOverlap(out, additionalData) { panic("crypto/cipher: invalid buffer overlap of output and additional data") } - fips.RecordApproved() + fips140.RecordApproved() drbg.Read(nonce) seal(out, g, nonce, plaintext, additionalData) } @@ -94,12 +94,12 @@ func (g *GCMWithCounterNonce) Seal(dst, nonce, plaintext, data []byte) []byte { } g.next = counter + 1 - fips.RecordApproved() + fips140.RecordApproved() return g.g.sealAfterIndicator(dst, nonce, plaintext, data) } func (g *GCMWithCounterNonce) Open(dst, nonce, ciphertext, data []byte) ([]byte, error) { - fips.RecordApproved() + fips140.RecordApproved() return g.g.Open(dst, nonce, ciphertext, data) } @@ -141,12 +141,12 @@ func (g *GCMForTLS12) Seal(dst, nonce, plaintext, data []byte) []byte { } g.next = counter + 1 - fips.RecordApproved() + fips140.RecordApproved() return g.g.sealAfterIndicator(dst, nonce, plaintext, data) } func (g *GCMForTLS12) Open(dst, nonce, ciphertext, data []byte) ([]byte, error) { - fips.RecordApproved() + fips140.RecordApproved() return g.g.Open(dst, nonce, ciphertext, data) } @@ -193,12 +193,12 @@ func (g *GCMForTLS13) Seal(dst, nonce, plaintext, data []byte) []byte { } g.next = counter + 1 - fips.RecordApproved() + fips140.RecordApproved() return g.g.sealAfterIndicator(dst, nonce, plaintext, data) } func (g *GCMForTLS13) Open(dst, nonce, ciphertext, data []byte) ([]byte, error) { - fips.RecordApproved() + fips140.RecordApproved() return g.g.Open(dst, nonce, ciphertext, data) } @@ -247,11 +247,11 @@ func (g *GCMForSSH) Seal(dst, nonce, plaintext, data []byte) []byte { } g.next = counter + 1 - fips.RecordApproved() + fips140.RecordApproved() return g.g.sealAfterIndicator(dst, nonce, plaintext, data) } func (g *GCMForSSH) Open(dst, nonce, ciphertext, data []byte) ([]byte, error) { - fips.RecordApproved() + fips140.RecordApproved() return g.g.Open(dst, nonce, ciphertext, data) } diff --git a/src/crypto/internal/fips/aes/gcm/gcm_ppc64x.go b/src/crypto/internal/fips140/aes/gcm/gcm_ppc64x.go similarity index 97% rename from src/crypto/internal/fips/aes/gcm/gcm_ppc64x.go rename to src/crypto/internal/fips140/aes/gcm/gcm_ppc64x.go index b8c798e442d637..5084835e88d315 100644 --- a/src/crypto/internal/fips/aes/gcm/gcm_ppc64x.go +++ b/src/crypto/internal/fips140/aes/gcm/gcm_ppc64x.go @@ -7,10 +7,10 @@ package gcm import ( - "crypto/internal/fips/aes" - "crypto/internal/fips/subtle" - "crypto/internal/fipsdeps/byteorder" - "crypto/internal/fipsdeps/godebug" + "crypto/internal/fips140/aes" + "crypto/internal/fips140/subtle" + "crypto/internal/fips140deps/byteorder" + "crypto/internal/fips140deps/godebug" "crypto/internal/impl" "runtime" ) diff --git a/src/crypto/internal/fips/aes/gcm/gcm_ppc64x.s b/src/crypto/internal/fips140/aes/gcm/gcm_ppc64x.s similarity index 100% rename from src/crypto/internal/fips/aes/gcm/gcm_ppc64x.s rename to src/crypto/internal/fips140/aes/gcm/gcm_ppc64x.s diff --git a/src/crypto/internal/fips/aes/gcm/gcm_s390x.go b/src/crypto/internal/fips140/aes/gcm/gcm_s390x.go similarity index 98% rename from src/crypto/internal/fips/aes/gcm/gcm_s390x.go rename to src/crypto/internal/fips140/aes/gcm/gcm_s390x.go index 2946d0b84b49ba..6d88e1824083be 100644 --- a/src/crypto/internal/fips/aes/gcm/gcm_s390x.go +++ b/src/crypto/internal/fips140/aes/gcm/gcm_s390x.go @@ -7,10 +7,10 @@ package gcm import ( - "crypto/internal/fips/aes" - "crypto/internal/fips/subtle" - "crypto/internal/fipsdeps/byteorder" - "crypto/internal/fipsdeps/cpu" + "crypto/internal/fips140/aes" + "crypto/internal/fips140/subtle" + "crypto/internal/fips140deps/byteorder" + "crypto/internal/fips140deps/cpu" "crypto/internal/impl" ) diff --git a/src/crypto/internal/fips/aes/gcm/gcm_s390x.s b/src/crypto/internal/fips140/aes/gcm/gcm_s390x.s similarity index 100% rename from src/crypto/internal/fips/aes/gcm/gcm_s390x.s rename to src/crypto/internal/fips140/aes/gcm/gcm_s390x.s diff --git a/src/crypto/internal/fips/aes/gcm/ghash.go b/src/crypto/internal/fips140/aes/gcm/ghash.go similarity index 98% rename from src/crypto/internal/fips/aes/gcm/ghash.go rename to src/crypto/internal/fips140/aes/gcm/ghash.go index d06e995c49717e..fb60352246ea86 100644 --- a/src/crypto/internal/fips/aes/gcm/ghash.go +++ b/src/crypto/internal/fips140/aes/gcm/ghash.go @@ -5,8 +5,8 @@ package gcm import ( - "crypto/internal/fips" - "crypto/internal/fipsdeps/byteorder" + "crypto/internal/fips140" + "crypto/internal/fips140deps/byteorder" ) // gcmFieldElement represents a value in GF(2¹²⁸). In order to reflect the GCM @@ -25,7 +25,7 @@ type gcmFieldElement struct { // It is not allowed as a stand-alone operation in FIPS mode because it // is not ACVP tested. func GHASH(key *[16]byte, inputs ...[]byte) []byte { - fips.RecordNonApproved() + fips140.RecordNonApproved() var out [gcmBlockSize]byte ghash(&out, key, inputs...) return out[:] diff --git a/src/crypto/internal/fips/aes/gcm/interface_test.go b/src/crypto/internal/fips140/aes/gcm/interface_test.go similarity index 87% rename from src/crypto/internal/fips/aes/gcm/interface_test.go rename to src/crypto/internal/fips140/aes/gcm/interface_test.go index d5f869e8f6dea7..48f96cad806b5c 100644 --- a/src/crypto/internal/fips/aes/gcm/interface_test.go +++ b/src/crypto/internal/fips140/aes/gcm/interface_test.go @@ -6,7 +6,7 @@ package gcm_test import ( "crypto/cipher" - "crypto/internal/fips/aes/gcm" + "crypto/internal/fips140/aes/gcm" ) var _ cipher.AEAD = (*gcm.GCM)(nil) diff --git a/src/crypto/internal/fips/aes/interface_test.go b/src/crypto/internal/fips140/aes/interface_test.go similarity index 92% rename from src/crypto/internal/fips/aes/interface_test.go rename to src/crypto/internal/fips140/aes/interface_test.go index 17e59b25ff2cac..fdc6fb00a141d7 100644 --- a/src/crypto/internal/fips/aes/interface_test.go +++ b/src/crypto/internal/fips140/aes/interface_test.go @@ -6,7 +6,7 @@ package aes_test import ( "crypto/cipher" - "crypto/internal/fips/aes" + "crypto/internal/fips140/aes" ) var _ cipher.Block = (*aes.Block)(nil) diff --git a/src/crypto/internal/fips/alias/alias.go b/src/crypto/internal/fips140/alias/alias.go similarity index 100% rename from src/crypto/internal/fips/alias/alias.go rename to src/crypto/internal/fips140/alias/alias.go diff --git a/src/crypto/internal/fips/bigmod/_asm/go.mod b/src/crypto/internal/fips140/bigmod/_asm/go.mod similarity index 86% rename from src/crypto/internal/fips/bigmod/_asm/go.mod rename to src/crypto/internal/fips140/bigmod/_asm/go.mod index e51aa3cb2b1803..3773fa5aac1683 100644 --- a/src/crypto/internal/fips/bigmod/_asm/go.mod +++ b/src/crypto/internal/fips140/bigmod/_asm/go.mod @@ -1,4 +1,4 @@ -module crypto/internal/fips/bigmod/_asm +module crypto/internal/fips140/bigmod/_asm go 1.19 diff --git a/src/crypto/internal/fips/bigmod/_asm/go.sum b/src/crypto/internal/fips140/bigmod/_asm/go.sum similarity index 100% rename from src/crypto/internal/fips/bigmod/_asm/go.sum rename to src/crypto/internal/fips140/bigmod/_asm/go.sum diff --git a/src/crypto/internal/fips/bigmod/_asm/nat_amd64_asm.go b/src/crypto/internal/fips140/bigmod/_asm/nat_amd64_asm.go similarity index 98% rename from src/crypto/internal/fips/bigmod/_asm/nat_amd64_asm.go rename to src/crypto/internal/fips140/bigmod/_asm/nat_amd64_asm.go index 8c1bedcc782e18..548216dc482a9b 100644 --- a/src/crypto/internal/fips/bigmod/_asm/nat_amd64_asm.go +++ b/src/crypto/internal/fips140/bigmod/_asm/nat_amd64_asm.go @@ -15,7 +15,7 @@ import ( //go:generate go run . -out ../nat_amd64.s -pkg bigmod func main() { - Package("crypto/internal/fips/bigmod") + Package("crypto/internal/fips140/bigmod") ConstraintExpr("!purego") addMulVVW(1024) diff --git a/src/crypto/internal/fips/bigmod/nat.go b/src/crypto/internal/fips140/bigmod/nat.go similarity index 99% rename from src/crypto/internal/fips/bigmod/nat.go rename to src/crypto/internal/fips140/bigmod/nat.go index 26148390a0a5af..0a305b4ce6e72d 100644 --- a/src/crypto/internal/fips/bigmod/nat.go +++ b/src/crypto/internal/fips140/bigmod/nat.go @@ -5,8 +5,8 @@ package bigmod import ( - _ "crypto/internal/fips/check" - "crypto/internal/fipsdeps/byteorder" + _ "crypto/internal/fips140/check" + "crypto/internal/fips140deps/byteorder" "errors" "math/bits" ) diff --git a/src/crypto/internal/fips/bigmod/nat_386.s b/src/crypto/internal/fips140/bigmod/nat_386.s similarity index 100% rename from src/crypto/internal/fips/bigmod/nat_386.s rename to src/crypto/internal/fips140/bigmod/nat_386.s diff --git a/src/crypto/internal/fips/bigmod/nat_amd64.s b/src/crypto/internal/fips140/bigmod/nat_amd64.s similarity index 100% rename from src/crypto/internal/fips/bigmod/nat_amd64.s rename to src/crypto/internal/fips140/bigmod/nat_amd64.s diff --git a/src/crypto/internal/fips/bigmod/nat_arm.s b/src/crypto/internal/fips140/bigmod/nat_arm.s similarity index 100% rename from src/crypto/internal/fips/bigmod/nat_arm.s rename to src/crypto/internal/fips140/bigmod/nat_arm.s diff --git a/src/crypto/internal/fips/bigmod/nat_arm64.s b/src/crypto/internal/fips140/bigmod/nat_arm64.s similarity index 100% rename from src/crypto/internal/fips/bigmod/nat_arm64.s rename to src/crypto/internal/fips140/bigmod/nat_arm64.s diff --git a/src/crypto/internal/fips/bigmod/nat_asm.go b/src/crypto/internal/fips140/bigmod/nat_asm.go similarity index 96% rename from src/crypto/internal/fips/bigmod/nat_asm.go rename to src/crypto/internal/fips140/bigmod/nat_asm.go index 78ee32ac096dd9..e3d125149ae1a5 100644 --- a/src/crypto/internal/fips/bigmod/nat_asm.go +++ b/src/crypto/internal/fips140/bigmod/nat_asm.go @@ -7,7 +7,7 @@ package bigmod import ( - "crypto/internal/fipsdeps/cpu" + "crypto/internal/fips140deps/cpu" "crypto/internal/impl" ) diff --git a/src/crypto/internal/fips/bigmod/nat_loong64.s b/src/crypto/internal/fips140/bigmod/nat_loong64.s similarity index 97% rename from src/crypto/internal/fips/bigmod/nat_loong64.s rename to src/crypto/internal/fips140/bigmod/nat_loong64.s index d88deb65b1fbec..4e88586da8dd4b 100644 --- a/src/crypto/internal/fips/bigmod/nat_loong64.s +++ b/src/crypto/internal/fips140/bigmod/nat_loong64.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// derived from crypto/internal/fips/bigmod/nat_riscv64.s +// derived from crypto/internal/fips140/bigmod/nat_riscv64.s //go:build !purego diff --git a/src/crypto/internal/fips/bigmod/nat_noasm.go b/src/crypto/internal/fips140/bigmod/nat_noasm.go similarity index 100% rename from src/crypto/internal/fips/bigmod/nat_noasm.go rename to src/crypto/internal/fips140/bigmod/nat_noasm.go diff --git a/src/crypto/internal/fips/bigmod/nat_ppc64x.s b/src/crypto/internal/fips140/bigmod/nat_ppc64x.s similarity index 100% rename from src/crypto/internal/fips/bigmod/nat_ppc64x.s rename to src/crypto/internal/fips140/bigmod/nat_ppc64x.s diff --git a/src/crypto/internal/fips/bigmod/nat_riscv64.s b/src/crypto/internal/fips140/bigmod/nat_riscv64.s similarity index 100% rename from src/crypto/internal/fips/bigmod/nat_riscv64.s rename to src/crypto/internal/fips140/bigmod/nat_riscv64.s diff --git a/src/crypto/internal/fips/bigmod/nat_s390x.s b/src/crypto/internal/fips140/bigmod/nat_s390x.s similarity index 100% rename from src/crypto/internal/fips/bigmod/nat_s390x.s rename to src/crypto/internal/fips140/bigmod/nat_s390x.s diff --git a/src/crypto/internal/fips/bigmod/nat_test.go b/src/crypto/internal/fips140/bigmod/nat_test.go similarity index 100% rename from src/crypto/internal/fips/bigmod/nat_test.go rename to src/crypto/internal/fips140/bigmod/nat_test.go diff --git a/src/crypto/internal/fips/bigmod/nat_wasm.go b/src/crypto/internal/fips140/bigmod/nat_wasm.go similarity index 100% rename from src/crypto/internal/fips/bigmod/nat_wasm.go rename to src/crypto/internal/fips140/bigmod/nat_wasm.go diff --git a/src/crypto/internal/fips/cast.go b/src/crypto/internal/fips140/cast.go similarity index 92% rename from src/crypto/internal/fips/cast.go rename to src/crypto/internal/fips140/cast.go index 4d056de7b582a3..66e21d8a90dbc9 100644 --- a/src/crypto/internal/fips/cast.go +++ b/src/crypto/internal/fips140/cast.go @@ -2,10 +2,10 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -package fips +package fips140 import ( - "crypto/internal/fipsdeps/godebug" + "crypto/internal/fips140deps/godebug" "errors" "strings" _ "unsafe" // for go:linkname @@ -13,7 +13,7 @@ import ( // fatal is [runtime.fatal], pushed via linkname. // -//go:linkname fatal crypto/internal/fips.fatal +//go:linkname fatal crypto/internal/fips140.fatal func fatal(string) // failfipscast is a GODEBUG key allowing simulation of a CAST or PCT failure, @@ -31,7 +31,7 @@ var failfipscast = godebug.Value("#failfipscast") // The name must not contain commas, colons, hashes, or equal signs. // // If a package p calls CAST from its init function, an import of p should also -// be added to crypto/internal/fipstest. If a package p calls CAST on the first +// be added to crypto/internal/fips140test. If a package p calls CAST on the first // use of the algorithm, an invocation of that algorithm should be added to // fipstest.TestConditionals. func CAST(name string, f func() error) { diff --git a/src/crypto/internal/fips/check/asan.go b/src/crypto/internal/fips140/check/asan.go similarity index 100% rename from src/crypto/internal/fips/check/asan.go rename to src/crypto/internal/fips140/check/asan.go diff --git a/src/crypto/internal/fips/check/check.go b/src/crypto/internal/fips140/check/check.go similarity index 92% rename from src/crypto/internal/fips/check/check.go rename to src/crypto/internal/fips140/check/check.go index 7938df814225f2..d8526e151d56bd 100644 --- a/src/crypto/internal/fips/check/check.go +++ b/src/crypto/internal/fips140/check/check.go @@ -4,7 +4,7 @@ // Package check implements the FIPS-140 load-time code+data verification. // Every FIPS package providing cryptographic functionality except hmac and sha256 -// must import crypto/internal/fips/check, so that the verification happens +// must import crypto/internal/fips140/check, so that the verification happens // before initialization of package global variables. // The hmac and sha256 packages are used by this package, so they cannot import it. // Instead, those packages must be careful not to change global variables during init. @@ -13,10 +13,10 @@ package check import ( - "crypto/internal/fips/hmac" - "crypto/internal/fips/sha256" - "crypto/internal/fipsdeps/byteorder" - "crypto/internal/fipsdeps/godebug" + "crypto/internal/fips140/hmac" + "crypto/internal/fips140/sha256" + "crypto/internal/fips140deps/byteorder" + "crypto/internal/fips140deps/godebug" "io" "runtime" "unsafe" @@ -80,7 +80,7 @@ func init() { if asanEnabled { // ASAN disapproves of reading swaths of global memory below. // One option would be to expose runtime.asanunpoison through - // crypto/internal/fipsdeps and then call it to unpoison the range + // crypto/internal/fips140deps and then call it to unpoison the range // before reading it, but it is unclear whether that would then cause // false negatives. For now, FIPS+ASAN doesn't need to work. // If this is made to work, also re-enable the test in check_test.go. diff --git a/src/crypto/internal/fips140/check/checktest/asm.s b/src/crypto/internal/fips140/check/checktest/asm.s new file mode 100644 index 00000000000000..003b14e9dee6bf --- /dev/null +++ b/src/crypto/internal/fips140/check/checktest/asm.s @@ -0,0 +1,6 @@ +//go:build !purego && !wasm + +#include "textflag.h" + +DATA crypto∕internal∕fips140∕check∕checktest·RODATA(SB)/4, $2 +GLOBL crypto∕internal∕fips140∕check∕checktest·RODATA(SB), RODATA, $4 diff --git a/src/crypto/internal/fips/check/checktest/test.go b/src/crypto/internal/fips140/check/checktest/test.go similarity index 88% rename from src/crypto/internal/fips/check/checktest/test.go rename to src/crypto/internal/fips140/check/checktest/test.go index 66efe31a09234c..13429ef4ec5996 100644 --- a/src/crypto/internal/fips/check/checktest/test.go +++ b/src/crypto/internal/fips140/check/checktest/test.go @@ -3,11 +3,11 @@ // license that can be found in the LICENSE file. // Package checktest defines some code and data for use in -// the crypto/internal/fips/check test. +// the crypto/internal/fips140/check test. package checktest import ( - _ "crypto/internal/fips/check" + _ "crypto/internal/fips140/check" "runtime" _ "unsafe" // go:linkname ) @@ -17,7 +17,7 @@ var NOPTRDATA int = 1 // The linkname here disables asan registration of this global, // because asan gets mad about rodata globals. // -//go:linkname RODATA crypto/internal/fips/check/checktest.RODATA +//go:linkname RODATA crypto/internal/fips140/check/checktest.RODATA var RODATA int32 // set to 2 in asm.s // DATA needs to have both a pointer and an int so that _some_ of it gets diff --git a/src/crypto/internal/fips/check/noasan.go b/src/crypto/internal/fips140/check/noasan.go similarity index 100% rename from src/crypto/internal/fips/check/noasan.go rename to src/crypto/internal/fips140/check/noasan.go diff --git a/src/crypto/internal/fips/drbg/cast.go b/src/crypto/internal/fips140/drbg/cast.go similarity index 94% rename from src/crypto/internal/fips/drbg/cast.go rename to src/crypto/internal/fips140/drbg/cast.go index 5f973c7f150957..24c0e0f1088289 100644 --- a/src/crypto/internal/fips/drbg/cast.go +++ b/src/crypto/internal/fips140/drbg/cast.go @@ -6,8 +6,8 @@ package drbg import ( "bytes" - "crypto/internal/fips" - _ "crypto/internal/fips/check" + "crypto/internal/fips140" + _ "crypto/internal/fips140/check" "errors" ) @@ -15,7 +15,7 @@ func init() { // Per IG 10.3.A, Resolution 7: "A KAT of a DRBG may be performed by: // Instantiate with known data, Reseed with other known data, Generate and // then compare the result to a pre-computed value." - fips.CAST("CTR_DRBG", func() error { + fips140.CAST("CTR_DRBG", func() error { entropy := &[SeedSize]byte{ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, diff --git a/src/crypto/internal/fips/drbg/ctrdrbg.go b/src/crypto/internal/fips140/drbg/ctrdrbg.go similarity index 93% rename from src/crypto/internal/fips/drbg/ctrdrbg.go rename to src/crypto/internal/fips140/drbg/ctrdrbg.go index fb05bf9ca8d1ae..cd1b40d10ca3ab 100644 --- a/src/crypto/internal/fips/drbg/ctrdrbg.go +++ b/src/crypto/internal/fips140/drbg/ctrdrbg.go @@ -5,10 +5,10 @@ package drbg import ( - "crypto/internal/fips" - "crypto/internal/fips/aes" - "crypto/internal/fips/subtle" - "crypto/internal/fipsdeps/byteorder" + "crypto/internal/fips140" + "crypto/internal/fips140/aes" + "crypto/internal/fips140/subtle" + "crypto/internal/fips140deps/byteorder" "math/bits" ) @@ -37,7 +37,7 @@ const ( func NewCounter(entropy *[SeedSize]byte) *Counter { // CTR_DRBG_Instantiate_algorithm, per Section 10.2.1.3.1. - fips.RecordApproved() + fips140.RecordApproved() K := make([]byte, keySize) V := make([]byte, aes.BlockSize) @@ -87,7 +87,7 @@ func increment(v *[aes.BlockSize]byte) { func (c *Counter) Reseed(entropy, additionalInput *[SeedSize]byte) { // CTR_DRBG_Reseed_algorithm, per Section 10.2.1.4.1. - fips.RecordApproved() + fips140.RecordApproved() var seed [SeedSize]byte subtle.XORBytes(seed[:], entropy[:], additionalInput[:]) @@ -98,7 +98,7 @@ func (c *Counter) Reseed(entropy, additionalInput *[SeedSize]byte) { // Generate produces at most maxRequestSize bytes of random data in out. func (c *Counter) Generate(out []byte, additionalInput *[SeedSize]byte) (reseedRequired bool) { // CTR_DRBG_Generate_algorithm, per Section 10.2.1.5.1. - fips.RecordApproved() + fips140.RecordApproved() if len(out) > maxRequestSize { panic("crypto/drbg: internal error: request size exceeds maximum") diff --git a/src/crypto/internal/fips/drbg/rand.go b/src/crypto/internal/fips140/drbg/rand.go similarity index 97% rename from src/crypto/internal/fips/drbg/rand.go rename to src/crypto/internal/fips140/drbg/rand.go index 4f4a5701aa0d12..736a4b0cc0f4b3 100644 --- a/src/crypto/internal/fips/drbg/rand.go +++ b/src/crypto/internal/fips140/drbg/rand.go @@ -6,7 +6,7 @@ package drbg import ( "crypto/internal/entropy" - "crypto/internal/fips" + "crypto/internal/fips140" "crypto/internal/sysrand" "sync" ) @@ -18,7 +18,7 @@ var drbg *Counter // uses an SP 800-90A Rev. 1 Deterministic Random Bit Generator (DRBG). // Otherwise, it uses the operating system's random number generator. func Read(b []byte) { - if !fips.Enabled { + if !fips140.Enabled { sysrand.Read(b) return } diff --git a/src/crypto/internal/fips/ecdh/cast.go b/src/crypto/internal/fips140/ecdh/cast.go similarity index 90% rename from src/crypto/internal/fips/ecdh/cast.go rename to src/crypto/internal/fips140/ecdh/cast.go index e053bb6461997a..b9b2def3218221 100644 --- a/src/crypto/internal/fips/ecdh/cast.go +++ b/src/crypto/internal/fips140/ecdh/cast.go @@ -6,16 +6,16 @@ package ecdh import ( "bytes" - "crypto/internal/fips" - _ "crypto/internal/fips/check" - "crypto/internal/fips/nistec" + "crypto/internal/fips140" + _ "crypto/internal/fips140/check" + "crypto/internal/fips140/nistec" "errors" "sync" ) var fipsSelfTest = sync.OnceFunc(func() { // Per IG D.F, Scenario 2, path (1). - fips.CAST("KAS-ECC-SSC P-256", func() error { + fips140.CAST("KAS-ECC-SSC P-256", func() error { privateKey := []byte{ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, diff --git a/src/crypto/internal/fips/ecdh/ecdh.go b/src/crypto/internal/fips140/ecdh/ecdh.go similarity index 94% rename from src/crypto/internal/fips/ecdh/ecdh.go rename to src/crypto/internal/fips140/ecdh/ecdh.go index 032f033dea3444..d2757bbf165d8c 100644 --- a/src/crypto/internal/fips/ecdh/ecdh.go +++ b/src/crypto/internal/fips140/ecdh/ecdh.go @@ -6,10 +6,10 @@ package ecdh import ( "bytes" - "crypto/internal/fips" - "crypto/internal/fips/drbg" - "crypto/internal/fips/nistec" - "crypto/internal/fipsdeps/byteorder" + "crypto/internal/fips140" + "crypto/internal/fips140/drbg" + "crypto/internal/fips140/nistec" + "crypto/internal/fips140deps/byteorder" "crypto/internal/randutil" "errors" "io" @@ -33,7 +33,7 @@ type point[T any] interface { // DRBG (and the function runs considerably slower). func GenerateKeyP224(rand io.Reader) (privateKey, publicKey []byte, err error) { fipsSelfTest() - fips.RecordApproved() + fips140.RecordApproved() return generateKey(rand, nistec.NewP224Point, p224Order) } @@ -44,7 +44,7 @@ func GenerateKeyP224(rand io.Reader) (privateKey, publicKey []byte, err error) { // DRBG (and the function runs considerably slower). func GenerateKeyP256(rand io.Reader) (privateKey, publicKey []byte, err error) { fipsSelfTest() - fips.RecordApproved() + fips140.RecordApproved() return generateKey(rand, nistec.NewP256Point, p256Order) } @@ -55,7 +55,7 @@ func GenerateKeyP256(rand io.Reader) (privateKey, publicKey []byte, err error) { // DRBG (and the function runs considerably slower). func GenerateKeyP384(rand io.Reader) (privateKey, publicKey []byte, err error) { fipsSelfTest() - fips.RecordApproved() + fips140.RecordApproved() return generateKey(rand, nistec.NewP384Point, p384Order) } @@ -66,7 +66,7 @@ func GenerateKeyP384(rand io.Reader) (privateKey, publicKey []byte, err error) { // DRBG (and the function runs considerably slower). func GenerateKeyP521(rand io.Reader) (privateKey, publicKey []byte, err error) { fipsSelfTest() - fips.RecordApproved() + fips140.RecordApproved() return generateKey(rand, nistec.NewP521Point, p521Order) } @@ -76,7 +76,7 @@ func generateKey[P point[P]](rand io.Reader, newPoint func() P, scalarOrder []by for { key := make([]byte, len(scalarOrder)) - if fips.Enabled { + if fips140.Enabled { drbg.Read(key) } else { randutil.MaybeReadByte(rand) @@ -105,22 +105,22 @@ func generateKey[P point[P]](rand io.Reader, newPoint func() P, scalarOrder []by } func ImportKeyP224(privateKey []byte) (publicKey []byte, err error) { - fips.RecordNonApproved() + fips140.RecordNonApproved() return checkKeyAndComputePublicKey(privateKey, nistec.NewP224Point, p224Order) } func ImportKeyP256(privateKey []byte) (publicKey []byte, err error) { - fips.RecordNonApproved() + fips140.RecordNonApproved() return checkKeyAndComputePublicKey(privateKey, nistec.NewP256Point, p256Order) } func ImportKeyP384(privateKey []byte) (publicKey []byte, err error) { - fips.RecordNonApproved() + fips140.RecordNonApproved() return checkKeyAndComputePublicKey(privateKey, nistec.NewP384Point, p384Order) } func ImportKeyP521(privateKey []byte) (publicKey []byte, err error) { - fips.RecordNonApproved() + fips140.RecordNonApproved() return checkKeyAndComputePublicKey(privateKey, nistec.NewP521Point, p521Order) } @@ -156,7 +156,7 @@ func checkKeyAndComputePublicKey[P point[P]](key []byte, newPoint func() P, scal // Comment 1 goes out of its way to say that "the PCT shall be performed // consistent [...], even if the underlying standard does not require a // PCT". So we do it. And make ECDH nearly 50% slower (only) in FIPS mode. - if err := fips.PCT("ECDH PCT", func() error { + if err := fips140.PCT("ECDH PCT", func() error { p1, err := newPoint().ScalarBaseMult(key) if err != nil { return err @@ -174,25 +174,25 @@ func checkKeyAndComputePublicKey[P point[P]](key []byte, newPoint func() P, scal func CheckPublicKeyP224(publicKey []byte) error { fipsSelfTest() - fips.RecordApproved() + fips140.RecordApproved() return checkPublicKey(publicKey, nistec.NewP224Point) } func CheckPublicKeyP256(publicKey []byte) error { fipsSelfTest() - fips.RecordApproved() + fips140.RecordApproved() return checkPublicKey(publicKey, nistec.NewP256Point) } func CheckPublicKeyP384(publicKey []byte) error { fipsSelfTest() - fips.RecordApproved() + fips140.RecordApproved() return checkPublicKey(publicKey, nistec.NewP384Point) } func CheckPublicKeyP521(publicKey []byte) error { fipsSelfTest() - fips.RecordApproved() + fips140.RecordApproved() return checkPublicKey(publicKey, nistec.NewP521Point) } @@ -215,25 +215,25 @@ func checkPublicKey[P point[P]](key []byte, newPoint func() P) error { func ECDHP224(privateKey, publicKey []byte) ([]byte, error) { fipsSelfTest() - fips.RecordApproved() + fips140.RecordApproved() return ecdh(privateKey, publicKey, nistec.NewP224Point) } func ECDHP256(privateKey, publicKey []byte) ([]byte, error) { fipsSelfTest() - fips.RecordApproved() + fips140.RecordApproved() return ecdh(privateKey, publicKey, nistec.NewP256Point) } func ECDHP384(privateKey, publicKey []byte) ([]byte, error) { fipsSelfTest() - fips.RecordApproved() + fips140.RecordApproved() return ecdh(privateKey, publicKey, nistec.NewP384Point) } func ECDHP521(privateKey, publicKey []byte) ([]byte, error) { fipsSelfTest() - fips.RecordApproved() + fips140.RecordApproved() return ecdh(privateKey, publicKey, nistec.NewP521Point) } diff --git a/src/crypto/internal/fips/ecdh/order_test.go b/src/crypto/internal/fips140/ecdh/order_test.go similarity index 100% rename from src/crypto/internal/fips/ecdh/order_test.go rename to src/crypto/internal/fips140/ecdh/order_test.go diff --git a/src/crypto/internal/fips/ecdsa/cast.go b/src/crypto/internal/fips140/ecdsa/cast.go similarity index 93% rename from src/crypto/internal/fips/ecdsa/cast.go rename to src/crypto/internal/fips140/ecdsa/cast.go index 6b0c7099723f0c..a324cf929d8bf2 100644 --- a/src/crypto/internal/fips/ecdsa/cast.go +++ b/src/crypto/internal/fips140/ecdsa/cast.go @@ -6,9 +6,9 @@ package ecdsa import ( "bytes" - "crypto/internal/fips" - _ "crypto/internal/fips/check" - "crypto/internal/fips/sha512" + "crypto/internal/fips140" + _ "crypto/internal/fips140/check" + "crypto/internal/fips140/sha512" "errors" "sync" ) @@ -52,7 +52,7 @@ func testHash() []byte { } func fipsPCT[P Point[P]](c *Curve[P], k *PrivateKey) error { - return fips.PCT("ECDSA PCT", func() error { + return fips140.PCT("ECDSA PCT", func() error { hash := testHash() sig, err := Sign(c, sha512.New, k, nil, hash) if err != nil { @@ -63,7 +63,7 @@ func fipsPCT[P Point[P]](c *Curve[P], k *PrivateKey) error { } var fipsSelfTest = sync.OnceFunc(func() { - fips.CAST("ECDSA P-256 SHA2-512 sign and verify", func() error { + fips140.CAST("ECDSA P-256 SHA2-512 sign and verify", func() error { k := testPrivateKey() Z := []byte{ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, @@ -103,7 +103,7 @@ var fipsSelfTest = sync.OnceFunc(func() { }) var fipsSelfTestDeterministic = sync.OnceFunc(func() { - fips.CAST("DetECDSA P-256 SHA2-512 sign", func() error { + fips140.CAST("DetECDSA P-256 SHA2-512 sign", func() error { k := testPrivateKey() hash := testHash() want := &Signature{ diff --git a/src/crypto/internal/fips/ecdsa/ecdsa.go b/src/crypto/internal/fips140/ecdsa/ecdsa.go similarity index 96% rename from src/crypto/internal/fips/ecdsa/ecdsa.go rename to src/crypto/internal/fips140/ecdsa/ecdsa.go index a4834307d4b01f..61b40122a0fab4 100644 --- a/src/crypto/internal/fips/ecdsa/ecdsa.go +++ b/src/crypto/internal/fips140/ecdsa/ecdsa.go @@ -6,10 +6,10 @@ package ecdsa import ( "bytes" - "crypto/internal/fips" - "crypto/internal/fips/bigmod" - "crypto/internal/fips/drbg" - "crypto/internal/fips/nistec" + "crypto/internal/fips140" + "crypto/internal/fips140/bigmod" + "crypto/internal/fips140/drbg" + "crypto/internal/fips140/nistec" "crypto/internal/randutil" "errors" "io" @@ -157,7 +157,7 @@ var p521Order = []byte{0x01, 0xff, 0xbb, 0x6f, 0xb7, 0x1e, 0x91, 0x38, 0x64, 0x09} func NewPrivateKey[P Point[P]](c *Curve[P], D, Q []byte) (*PrivateKey, error) { - fips.RecordApproved() + fips140.RecordApproved() pub, err := NewPublicKey(c, Q) if err != nil { return nil, err @@ -190,10 +190,10 @@ func NewPublicKey[P Point[P]](c *Curve[P], Q []byte) (*PublicKey, error) { // // In FIPS mode, rand is ignored. func GenerateKey[P Point[P]](c *Curve[P], rand io.Reader) (*PrivateKey, error) { - fips.RecordApproved() + fips140.RecordApproved() k, Q, err := randomPoint(c, func(b []byte) error { - if fips.Enabled { + if fips140.Enabled { drbg.Read(b) return nil } else { @@ -283,11 +283,11 @@ type Signature struct { // to that length. // // The signature is randomized. If FIPS mode is enabled, rand is ignored. -func Sign[P Point[P], H fips.Hash](c *Curve[P], h func() H, priv *PrivateKey, rand io.Reader, hash []byte) (*Signature, error) { +func Sign[P Point[P], H fips140.Hash](c *Curve[P], h func() H, priv *PrivateKey, rand io.Reader, hash []byte) (*Signature, error) { if priv.pub.curve != c.curve { return nil, errors.New("ecdsa: private key does not match curve") } - fips.RecordApproved() + fips140.RecordApproved() fipsSelfTest() // Random ECDSA is dangerous, because a failure of the RNG would immediately @@ -296,7 +296,7 @@ func Sign[P Point[P], H fips.Hash](c *Curve[P], h func() H, priv *PrivateKey, ra // advantage of closely resembling Deterministic ECDSA. Z := make([]byte, len(priv.d)) - if fips.Enabled { + if fips140.Enabled { drbg.Read(Z) } else { randutil.MaybeReadByte(rand) @@ -321,11 +321,11 @@ func Sign[P Point[P], H fips.Hash](c *Curve[P], h func() H, priv *PrivateKey, ra // hash is longer than the bit-length of the private key's curve order, the hash // will be truncated to that length. This applies Deterministic ECDSA as // specified in FIPS 186-5 and RFC 6979. -func SignDeterministic[P Point[P], H fips.Hash](c *Curve[P], h func() H, priv *PrivateKey, hash []byte) (*Signature, error) { +func SignDeterministic[P Point[P], H fips140.Hash](c *Curve[P], h func() H, priv *PrivateKey, hash []byte) (*Signature, error) { if priv.pub.curve != c.curve { return nil, errors.New("ecdsa: private key does not match curve") } - fips.RecordApproved() + fips140.RecordApproved() fipsSelfTestDeterministic() drbg := newDRBG(h, priv.d, bits2octets(c, hash), nil) // RFC 6979, Section 3.3 return sign(c, priv, drbg, hash) @@ -457,7 +457,7 @@ func Verify[P Point[P]](c *Curve[P], pub *PublicKey, hash []byte, sig *Signature if pub.curve != c.curve { return errors.New("ecdsa: public key does not match curve") } - fips.RecordApproved() + fips140.RecordApproved() fipsSelfTest() return verify(c, pub, hash, sig) } diff --git a/src/crypto/internal/fips/ecdsa/ecdsa_noasm.go b/src/crypto/internal/fips140/ecdsa/ecdsa_noasm.go similarity index 100% rename from src/crypto/internal/fips/ecdsa/ecdsa_noasm.go rename to src/crypto/internal/fips140/ecdsa/ecdsa_noasm.go diff --git a/src/crypto/internal/fips/ecdsa/ecdsa_s390x.go b/src/crypto/internal/fips140/ecdsa/ecdsa_s390x.go similarity index 98% rename from src/crypto/internal/fips/ecdsa/ecdsa_s390x.go rename to src/crypto/internal/fips140/ecdsa/ecdsa_s390x.go index 01e877067d49f6..01379f998f10e2 100644 --- a/src/crypto/internal/fips/ecdsa/ecdsa_s390x.go +++ b/src/crypto/internal/fips140/ecdsa/ecdsa_s390x.go @@ -7,8 +7,8 @@ package ecdsa import ( - "crypto/internal/fips/bigmod" - "crypto/internal/fipsdeps/cpu" + "crypto/internal/fips140/bigmod" + "crypto/internal/fips140deps/cpu" "crypto/internal/impl" "errors" ) diff --git a/src/crypto/internal/fips/ecdsa/ecdsa_s390x.s b/src/crypto/internal/fips140/ecdsa/ecdsa_s390x.s similarity index 100% rename from src/crypto/internal/fips/ecdsa/ecdsa_s390x.s rename to src/crypto/internal/fips140/ecdsa/ecdsa_s390x.s diff --git a/src/crypto/internal/fips/ecdsa/ecdsa_test.go b/src/crypto/internal/fips140/ecdsa/ecdsa_test.go similarity index 98% rename from src/crypto/internal/fips/ecdsa/ecdsa_test.go rename to src/crypto/internal/fips140/ecdsa/ecdsa_test.go index 583a19de4c5973..1bbdb667d2edda 100644 --- a/src/crypto/internal/fips/ecdsa/ecdsa_test.go +++ b/src/crypto/internal/fips140/ecdsa/ecdsa_test.go @@ -6,7 +6,7 @@ package ecdsa import ( "bytes" - "crypto/internal/fips/bigmod" + "crypto/internal/fips140/bigmod" "crypto/rand" "io" "testing" diff --git a/src/crypto/internal/fips/ecdsa/hmacdrbg.go b/src/crypto/internal/fips140/ecdsa/hmacdrbg.go similarity index 94% rename from src/crypto/internal/fips/ecdsa/hmacdrbg.go rename to src/crypto/internal/fips140/ecdsa/hmacdrbg.go index da3f72e5220e24..6fd7ac697473d4 100644 --- a/src/crypto/internal/fips/ecdsa/hmacdrbg.go +++ b/src/crypto/internal/fips140/ecdsa/hmacdrbg.go @@ -6,8 +6,8 @@ package ecdsa import ( "bytes" - "crypto/internal/fips" - "crypto/internal/fips/hmac" + "crypto/internal/fips140" + "crypto/internal/fips140/hmac" ) // hmacDRBG is an SP 800-90A Rev. 1 HMAC_DRBG. @@ -48,9 +48,9 @@ type personalizationString interface { isPersonalizationString() } -func newDRBG[H fips.Hash](hash func() H, entropy, nonce []byte, s personalizationString) *hmacDRBG { +func newDRBG[H fips140.Hash](hash func() H, entropy, nonce []byte, s personalizationString) *hmacDRBG { // HMAC_DRBG_Instantiate_algorithm, per Section 10.1.2.3. - fips.RecordApproved() + fips140.RecordApproved() d := &hmacDRBG{ newHMAC: func(key []byte) *hmac.HMAC { @@ -126,7 +126,7 @@ func pad000(h *hmac.HMAC, writtenSoFar int) { // Generate produces at most maxRequestSize bytes of random data in out. func (d *hmacDRBG) Generate(out []byte) { // HMAC_DRBG_Generate_algorithm, per Section 10.1.2.5. - fips.RecordApproved() + fips140.RecordApproved() if len(out) > maxRequestSize { panic("ecdsa: internal error: request size exceeds maximum") diff --git a/src/crypto/internal/fips/ed25519/cast.go b/src/crypto/internal/fips140/ed25519/cast.go similarity index 92% rename from src/crypto/internal/fips/ed25519/cast.go rename to src/crypto/internal/fips140/ed25519/cast.go index 8ac7a6f6884165..a680c2514b816e 100644 --- a/src/crypto/internal/fips/ed25519/cast.go +++ b/src/crypto/internal/fips140/ed25519/cast.go @@ -6,14 +6,14 @@ package ed25519 import ( "bytes" - "crypto/internal/fips" - _ "crypto/internal/fips/check" + "crypto/internal/fips140" + _ "crypto/internal/fips140/check" "errors" "sync" ) func fipsPCT(k *PrivateKey) error { - return fips.PCT("Ed25519 sign and verify PCT", func() error { + return fips140.PCT("Ed25519 sign and verify PCT", func() error { return pairwiseTest(k) }) } @@ -43,7 +43,7 @@ func verifyWithoutSelfTest(pub *PublicKey, message, sig []byte) error { } var fipsSelfTest = sync.OnceFunc(func() { - fips.CAST("Ed25519 sign and verify", func() error { + fips140.CAST("Ed25519 sign and verify", func() error { seed := [32]byte{ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, diff --git a/src/crypto/internal/fips/ed25519/ed25519.go b/src/crypto/internal/fips140/ed25519/ed25519.go similarity index 96% rename from src/crypto/internal/fips/ed25519/ed25519.go rename to src/crypto/internal/fips140/ed25519/ed25519.go index 274693362252c2..9824cbdf814926 100644 --- a/src/crypto/internal/fips/ed25519/ed25519.go +++ b/src/crypto/internal/fips140/ed25519/ed25519.go @@ -6,10 +6,10 @@ package ed25519 import ( "bytes" - "crypto/internal/fips" - "crypto/internal/fips/drbg" - "crypto/internal/fips/edwards25519" - "crypto/internal/fips/sha512" + "crypto/internal/fips140" + "crypto/internal/fips140/drbg" + "crypto/internal/fips140/edwards25519" + "crypto/internal/fips140/sha512" "errors" "io" "strconv" @@ -71,8 +71,8 @@ func GenerateKey(rand io.Reader) (*PrivateKey, error) { } func generateKey(priv *PrivateKey, rand io.Reader) (*PrivateKey, error) { - fips.RecordApproved() - if fips.Enabled { + fips140.RecordApproved() + if fips140.Enabled { drbg.Read(priv.seed[:]) } else { if _, err := io.ReadFull(rand, priv.seed[:]); err != nil { @@ -93,7 +93,7 @@ func NewPrivateKeyFromSeed(seed []byte) (*PrivateKey, error) { } func newPrivateKeyFromSeed(priv *PrivateKey, seed []byte) (*PrivateKey, error) { - fips.RecordApproved() + fips140.RecordApproved() if l := len(seed); l != seedSize { return nil, errors.New("ed25519: bad seed length: " + strconv.Itoa(l)) } @@ -127,7 +127,7 @@ func NewPrivateKey(priv []byte) (*PrivateKey, error) { } func newPrivateKey(priv *PrivateKey, privBytes []byte) (*PrivateKey, error) { - fips.RecordApproved() + fips140.RecordApproved() if l := len(privBytes); l != privateKeySize { return nil, errors.New("ed25519: bad private key length: " + strconv.Itoa(l)) } @@ -196,7 +196,7 @@ func Sign(priv *PrivateKey, message []byte) []byte { func sign(signature []byte, priv *PrivateKey, message []byte) []byte { fipsSelfTest() - fips.RecordApproved() + fips140.RecordApproved() return signWithDom(signature, priv, message, domPrefixPure, "") } @@ -209,7 +209,7 @@ func SignPH(priv *PrivateKey, message []byte, context string) ([]byte, error) { func signPH(signature []byte, priv *PrivateKey, message []byte, context string) ([]byte, error) { fipsSelfTest() - fips.RecordApproved() + fips140.RecordApproved() if l := len(message); l != sha512Size { return nil, errors.New("ed25519: bad Ed25519ph message hash length: " + strconv.Itoa(l)) } @@ -229,7 +229,7 @@ func SignCtx(priv *PrivateKey, message []byte, context string) ([]byte, error) { func signCtx(signature []byte, priv *PrivateKey, message []byte, context string) ([]byte, error) { fipsSelfTest() // FIPS 186-5 specifies Ed25519 and Ed25519ph (with context), but not Ed25519ctx. - fips.RecordNonApproved() + fips140.RecordNonApproved() // Note that per RFC 8032, Section 5.1, the context SHOULD NOT be empty. if l := len(context); l > 255 { return nil, errors.New("ed25519: bad Ed25519ctx context length: " + strconv.Itoa(l)) @@ -285,13 +285,13 @@ func Verify(pub *PublicKey, message, sig []byte) error { func verify(pub *PublicKey, message, sig []byte) error { fipsSelfTest() - fips.RecordApproved() + fips140.RecordApproved() return verifyWithDom(pub, message, sig, domPrefixPure, "") } func VerifyPH(pub *PublicKey, message []byte, sig []byte, context string) error { fipsSelfTest() - fips.RecordApproved() + fips140.RecordApproved() if l := len(message); l != sha512Size { return errors.New("ed25519: bad Ed25519ph message hash length: " + strconv.Itoa(l)) } @@ -304,7 +304,7 @@ func VerifyPH(pub *PublicKey, message []byte, sig []byte, context string) error func VerifyCtx(pub *PublicKey, message []byte, sig []byte, context string) error { fipsSelfTest() // FIPS 186-5 specifies Ed25519 and Ed25519ph (with context), but not Ed25519ctx. - fips.RecordNonApproved() + fips140.RecordNonApproved() if l := len(context); l > 255 { return errors.New("ed25519: bad Ed25519ctx context length: " + strconv.Itoa(l)) } diff --git a/src/crypto/internal/fips/edwards25519/doc.go b/src/crypto/internal/fips140/edwards25519/doc.go similarity index 100% rename from src/crypto/internal/fips/edwards25519/doc.go rename to src/crypto/internal/fips140/edwards25519/doc.go diff --git a/src/crypto/internal/fips/edwards25519/edwards25519.go b/src/crypto/internal/fips140/edwards25519/edwards25519.go similarity index 99% rename from src/crypto/internal/fips/edwards25519/edwards25519.go rename to src/crypto/internal/fips140/edwards25519/edwards25519.go index b190290af30b04..395cf18adbcaef 100644 --- a/src/crypto/internal/fips/edwards25519/edwards25519.go +++ b/src/crypto/internal/fips140/edwards25519/edwards25519.go @@ -5,8 +5,8 @@ package edwards25519 import ( - _ "crypto/internal/fips/check" - "crypto/internal/fips/edwards25519/field" + _ "crypto/internal/fips140/check" + "crypto/internal/fips140/edwards25519/field" "errors" ) diff --git a/src/crypto/internal/fips/edwards25519/edwards25519_test.go b/src/crypto/internal/fips140/edwards25519/edwards25519_test.go similarity index 99% rename from src/crypto/internal/fips/edwards25519/edwards25519_test.go rename to src/crypto/internal/fips140/edwards25519/edwards25519_test.go index f2c6f8694fb80f..5f85e397ec51f4 100644 --- a/src/crypto/internal/fips/edwards25519/edwards25519_test.go +++ b/src/crypto/internal/fips140/edwards25519/edwards25519_test.go @@ -5,7 +5,7 @@ package edwards25519 import ( - "crypto/internal/fips/edwards25519/field" + "crypto/internal/fips140/edwards25519/field" "encoding/hex" "reflect" "testing" diff --git a/src/crypto/internal/fips/edwards25519/field/_asm/fe_amd64_asm.go b/src/crypto/internal/fips140/edwards25519/field/_asm/fe_amd64_asm.go similarity index 99% rename from src/crypto/internal/fips/edwards25519/field/_asm/fe_amd64_asm.go rename to src/crypto/internal/fips140/edwards25519/field/_asm/fe_amd64_asm.go index 36df39fca0c7fb..e5090521605d7b 100644 --- a/src/crypto/internal/fips/edwards25519/field/_asm/fe_amd64_asm.go +++ b/src/crypto/internal/fips140/edwards25519/field/_asm/fe_amd64_asm.go @@ -16,7 +16,7 @@ import ( //go:generate go run . -out ../fe_amd64.s -stubs ../fe_amd64.go -pkg field func main() { - Package("crypto/internal/fips/edwards25519/field") + Package("crypto/internal/fips140/edwards25519/field") ConstraintExpr("!purego") feMul() feSquare() diff --git a/src/crypto/internal/fips/edwards25519/field/_asm/go.mod b/src/crypto/internal/fips140/edwards25519/field/_asm/go.mod similarity index 83% rename from src/crypto/internal/fips/edwards25519/field/_asm/go.mod rename to src/crypto/internal/fips140/edwards25519/field/_asm/go.mod index 273b1f5473b5ff..6eb11fe7cdd5ae 100644 --- a/src/crypto/internal/fips/edwards25519/field/_asm/go.mod +++ b/src/crypto/internal/fips140/edwards25519/field/_asm/go.mod @@ -1,4 +1,4 @@ -module crypto/internal/fips/edwards25519/field/_asm +module crypto/internal/fips140/edwards25519/field/_asm go 1.19 diff --git a/src/crypto/internal/fips/edwards25519/field/_asm/go.sum b/src/crypto/internal/fips140/edwards25519/field/_asm/go.sum similarity index 100% rename from src/crypto/internal/fips/edwards25519/field/_asm/go.sum rename to src/crypto/internal/fips140/edwards25519/field/_asm/go.sum diff --git a/src/crypto/internal/fips/edwards25519/field/fe.go b/src/crypto/internal/fips140/edwards25519/field/fe.go similarity index 99% rename from src/crypto/internal/fips/edwards25519/field/fe.go rename to src/crypto/internal/fips140/edwards25519/field/fe.go index d0fafdad50dc9c..2d76ba72740b80 100644 --- a/src/crypto/internal/fips/edwards25519/field/fe.go +++ b/src/crypto/internal/fips140/edwards25519/field/fe.go @@ -6,9 +6,9 @@ package field import ( - _ "crypto/internal/fips/check" - "crypto/internal/fips/subtle" - "crypto/internal/fipsdeps/byteorder" + _ "crypto/internal/fips140/check" + "crypto/internal/fips140/subtle" + "crypto/internal/fips140deps/byteorder" "errors" "math/bits" ) diff --git a/src/crypto/internal/fips/edwards25519/field/fe_alias_test.go b/src/crypto/internal/fips140/edwards25519/field/fe_alias_test.go similarity index 100% rename from src/crypto/internal/fips/edwards25519/field/fe_alias_test.go rename to src/crypto/internal/fips140/edwards25519/field/fe_alias_test.go diff --git a/src/crypto/internal/fips/edwards25519/field/fe_amd64.go b/src/crypto/internal/fips140/edwards25519/field/fe_amd64.go similarity index 100% rename from src/crypto/internal/fips/edwards25519/field/fe_amd64.go rename to src/crypto/internal/fips140/edwards25519/field/fe_amd64.go diff --git a/src/crypto/internal/fips/edwards25519/field/fe_amd64.s b/src/crypto/internal/fips140/edwards25519/field/fe_amd64.s similarity index 100% rename from src/crypto/internal/fips/edwards25519/field/fe_amd64.s rename to src/crypto/internal/fips140/edwards25519/field/fe_amd64.s diff --git a/src/crypto/internal/fips/edwards25519/field/fe_amd64_noasm.go b/src/crypto/internal/fips140/edwards25519/field/fe_amd64_noasm.go similarity index 100% rename from src/crypto/internal/fips/edwards25519/field/fe_amd64_noasm.go rename to src/crypto/internal/fips140/edwards25519/field/fe_amd64_noasm.go diff --git a/src/crypto/internal/fips/edwards25519/field/fe_arm64.go b/src/crypto/internal/fips140/edwards25519/field/fe_arm64.go similarity index 100% rename from src/crypto/internal/fips/edwards25519/field/fe_arm64.go rename to src/crypto/internal/fips140/edwards25519/field/fe_arm64.go diff --git a/src/crypto/internal/fips/edwards25519/field/fe_arm64.s b/src/crypto/internal/fips140/edwards25519/field/fe_arm64.s similarity index 100% rename from src/crypto/internal/fips/edwards25519/field/fe_arm64.s rename to src/crypto/internal/fips140/edwards25519/field/fe_arm64.s diff --git a/src/crypto/internal/fips/edwards25519/field/fe_arm64_noasm.go b/src/crypto/internal/fips140/edwards25519/field/fe_arm64_noasm.go similarity index 100% rename from src/crypto/internal/fips/edwards25519/field/fe_arm64_noasm.go rename to src/crypto/internal/fips140/edwards25519/field/fe_arm64_noasm.go diff --git a/src/crypto/internal/fips/edwards25519/field/fe_bench_test.go b/src/crypto/internal/fips140/edwards25519/field/fe_bench_test.go similarity index 100% rename from src/crypto/internal/fips/edwards25519/field/fe_bench_test.go rename to src/crypto/internal/fips140/edwards25519/field/fe_bench_test.go diff --git a/src/crypto/internal/fips/edwards25519/field/fe_generic.go b/src/crypto/internal/fips140/edwards25519/field/fe_generic.go similarity index 100% rename from src/crypto/internal/fips/edwards25519/field/fe_generic.go rename to src/crypto/internal/fips140/edwards25519/field/fe_generic.go diff --git a/src/crypto/internal/fips/edwards25519/field/fe_test.go b/src/crypto/internal/fips140/edwards25519/field/fe_test.go similarity index 100% rename from src/crypto/internal/fips/edwards25519/field/fe_test.go rename to src/crypto/internal/fips140/edwards25519/field/fe_test.go diff --git a/src/crypto/internal/fips/edwards25519/scalar.go b/src/crypto/internal/fips140/edwards25519/scalar.go similarity index 99% rename from src/crypto/internal/fips/edwards25519/scalar.go rename to src/crypto/internal/fips140/edwards25519/scalar.go index ec2c7fa39849eb..9d60146d794d68 100644 --- a/src/crypto/internal/fips/edwards25519/scalar.go +++ b/src/crypto/internal/fips140/edwards25519/scalar.go @@ -5,7 +5,7 @@ package edwards25519 import ( - "crypto/internal/fipsdeps/byteorder" + "crypto/internal/fips140deps/byteorder" "errors" ) diff --git a/src/crypto/internal/fips/edwards25519/scalar_alias_test.go b/src/crypto/internal/fips140/edwards25519/scalar_alias_test.go similarity index 100% rename from src/crypto/internal/fips/edwards25519/scalar_alias_test.go rename to src/crypto/internal/fips140/edwards25519/scalar_alias_test.go diff --git a/src/crypto/internal/fips/edwards25519/scalar_fiat.go b/src/crypto/internal/fips140/edwards25519/scalar_fiat.go similarity index 100% rename from src/crypto/internal/fips/edwards25519/scalar_fiat.go rename to src/crypto/internal/fips140/edwards25519/scalar_fiat.go diff --git a/src/crypto/internal/fips/edwards25519/scalar_test.go b/src/crypto/internal/fips140/edwards25519/scalar_test.go similarity index 100% rename from src/crypto/internal/fips/edwards25519/scalar_test.go rename to src/crypto/internal/fips140/edwards25519/scalar_test.go diff --git a/src/crypto/internal/fips/edwards25519/scalarmult.go b/src/crypto/internal/fips140/edwards25519/scalarmult.go similarity index 100% rename from src/crypto/internal/fips/edwards25519/scalarmult.go rename to src/crypto/internal/fips140/edwards25519/scalarmult.go diff --git a/src/crypto/internal/fips/edwards25519/scalarmult_test.go b/src/crypto/internal/fips140/edwards25519/scalarmult_test.go similarity index 100% rename from src/crypto/internal/fips/edwards25519/scalarmult_test.go rename to src/crypto/internal/fips140/edwards25519/scalarmult_test.go diff --git a/src/crypto/internal/fips/edwards25519/tables.go b/src/crypto/internal/fips140/edwards25519/tables.go similarity index 99% rename from src/crypto/internal/fips/edwards25519/tables.go rename to src/crypto/internal/fips140/edwards25519/tables.go index 4d2a653d435529..801b76771d1ea3 100644 --- a/src/crypto/internal/fips/edwards25519/tables.go +++ b/src/crypto/internal/fips140/edwards25519/tables.go @@ -5,7 +5,7 @@ package edwards25519 import ( - "crypto/internal/fips/subtle" + "crypto/internal/fips140/subtle" ) // A dynamic lookup table for variable-base, constant-time scalar muls. diff --git a/src/crypto/internal/fips/edwards25519/tables_test.go b/src/crypto/internal/fips140/edwards25519/tables_test.go similarity index 100% rename from src/crypto/internal/fips/edwards25519/tables_test.go rename to src/crypto/internal/fips140/edwards25519/tables_test.go diff --git a/src/crypto/internal/fips/fips.go b/src/crypto/internal/fips140/fips140.go similarity index 84% rename from src/crypto/internal/fips/fips.go rename to src/crypto/internal/fips140/fips140.go index 30c8ba86731341..cec9d13e35bb82 100644 --- a/src/crypto/internal/fips/fips.go +++ b/src/crypto/internal/fips140/fips140.go @@ -2,9 +2,9 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -package fips +package fips140 -import "crypto/internal/fipsdeps/godebug" +import "crypto/internal/fips140deps/godebug" var Enabled bool diff --git a/src/crypto/internal/fips/hash.go b/src/crypto/internal/fips140/hash.go similarity index 98% rename from src/crypto/internal/fips/hash.go rename to src/crypto/internal/fips140/hash.go index abea8187919b1b..bc6c7ca2f5ffc4 100644 --- a/src/crypto/internal/fips/hash.go +++ b/src/crypto/internal/fips140/hash.go @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -package fips +package fips140 import "io" diff --git a/src/crypto/internal/fips/hkdf/cast.go b/src/crypto/internal/fips140/hkdf/cast.go similarity index 83% rename from src/crypto/internal/fips/hkdf/cast.go rename to src/crypto/internal/fips140/hkdf/cast.go index 98f6c9713993b9..422ca9e309f90e 100644 --- a/src/crypto/internal/fips/hkdf/cast.go +++ b/src/crypto/internal/fips140/hkdf/cast.go @@ -6,14 +6,14 @@ package hkdf import ( "bytes" - "crypto/internal/fips" - _ "crypto/internal/fips/check" - "crypto/internal/fips/sha256" + "crypto/internal/fips140" + _ "crypto/internal/fips140/check" + "crypto/internal/fips140/sha256" "errors" ) func init() { - fips.CAST("HKDF-SHA2-256", func() error { + fips140.CAST("HKDF-SHA2-256", func() error { input := []byte{ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, diff --git a/src/crypto/internal/fips/hkdf/hkdf.go b/src/crypto/internal/fips140/hkdf/hkdf.go similarity index 74% rename from src/crypto/internal/fips/hkdf/hkdf.go rename to src/crypto/internal/fips140/hkdf/hkdf.go index 745a0525bbda5c..982775129b2805 100644 --- a/src/crypto/internal/fips/hkdf/hkdf.go +++ b/src/crypto/internal/fips140/hkdf/hkdf.go @@ -5,13 +5,13 @@ package hkdf import ( - "crypto/internal/fips" - "crypto/internal/fips/hmac" + "crypto/internal/fips140" + "crypto/internal/fips140/hmac" ) -func Extract[H fips.Hash](h func() H, secret, salt []byte) []byte { +func Extract[H fips140.Hash](h func() H, secret, salt []byte) []byte { if len(secret) < 112/8 { - fips.RecordNonApproved() + fips140.RecordNonApproved() } if salt == nil { salt = make([]byte, h().Size()) @@ -22,7 +22,7 @@ func Extract[H fips.Hash](h func() H, secret, salt []byte) []byte { return extractor.Sum(nil) } -func Expand[H fips.Hash](h func() H, pseudorandomKey, info []byte, keyLen int) []byte { +func Expand[H fips140.Hash](h func() H, pseudorandomKey, info []byte, keyLen int) []byte { out := make([]byte, 0, keyLen) expander := hmac.New(h, pseudorandomKey) hmac.MarkAsUsedInHKDF(expander) @@ -49,7 +49,7 @@ func Expand[H fips.Hash](h func() H, pseudorandomKey, info []byte, keyLen int) [ return out } -func Key[H fips.Hash](h func() H, secret, salt, info []byte, keyLen int) []byte { +func Key[H fips140.Hash](h func() H, secret, salt, info []byte, keyLen int) []byte { prk := Extract(h, secret, salt) return Expand(h, prk, info, keyLen) } diff --git a/src/crypto/internal/fips/hmac/cast.go b/src/crypto/internal/fips140/hmac/cast.go similarity index 87% rename from src/crypto/internal/fips/hmac/cast.go rename to src/crypto/internal/fips140/hmac/cast.go index 292e31112394ce..9573e39e5b72b6 100644 --- a/src/crypto/internal/fips/hmac/cast.go +++ b/src/crypto/internal/fips140/hmac/cast.go @@ -6,13 +6,13 @@ package hmac import ( "bytes" - "crypto/internal/fips" - "crypto/internal/fips/sha256" + "crypto/internal/fips140" + "crypto/internal/fips140/sha256" "errors" ) func init() { - fips.CAST("HMAC-SHA2-256", func() error { + fips140.CAST("HMAC-SHA2-256", func() error { input := []byte{ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, diff --git a/src/crypto/internal/fips/hmac/hmac.go b/src/crypto/internal/fips140/hmac/hmac.go similarity index 92% rename from src/crypto/internal/fips/hmac/hmac.go rename to src/crypto/internal/fips140/hmac/hmac.go index e47de385df2729..320d78f2685574 100644 --- a/src/crypto/internal/fips/hmac/hmac.go +++ b/src/crypto/internal/fips140/hmac/hmac.go @@ -8,10 +8,10 @@ package hmac import ( - "crypto/internal/fips" - "crypto/internal/fips/sha256" - "crypto/internal/fips/sha3" - "crypto/internal/fips/sha512" + "crypto/internal/fips140" + "crypto/internal/fips140/sha256" + "crypto/internal/fips140/sha3" + "crypto/internal/fips140/sha512" ) // key is zero padded to the block size of the hash function @@ -29,7 +29,7 @@ type marshalable interface { type HMAC struct { opad, ipad []byte - outer, inner fips.Hash + outer, inner fips140.Hash // If marshaled is true, then opad and ipad do not contain a padded // copy of the key, but rather the marshaled state of outer/inner after @@ -46,12 +46,12 @@ func (h *HMAC) Sum(in []byte) []byte { // legacy use (i.e. verification only) and we don't support that. However, // HKDF uses the HMAC key for the salt, which is allowed to be shorter. if h.keyLen < 112/8 && !h.forHKDF { - fips.RecordNonApproved() + fips140.RecordNonApproved() } switch h.inner.(type) { case *sha256.Digest, *sha512.Digest, *sha3.Digest: default: - fips.RecordNonApproved() + fips140.RecordNonApproved() } origLen := len(in) @@ -127,8 +127,8 @@ func (h *HMAC) Reset() { h.marshaled = true } -// New returns a new HMAC hash using the given [fips.Hash] type and key. -func New[H fips.Hash](h func() H, key []byte) *HMAC { +// New returns a new HMAC hash using the given [fips140.Hash] type and key. +func New[H fips140.Hash](h func() H, key []byte) *HMAC { hm := &HMAC{keyLen: len(key)} hm.outer = h() hm.inner = h() diff --git a/src/crypto/internal/fips/indicator.go b/src/crypto/internal/fips140/indicator.go similarity index 93% rename from src/crypto/internal/fips/indicator.go rename to src/crypto/internal/fips140/indicator.go index 984b39ad2e4b51..229e0715e73057 100644 --- a/src/crypto/internal/fips/indicator.go +++ b/src/crypto/internal/fips140/indicator.go @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -package fips +package fips140 import _ "unsafe" // for go:linkname @@ -16,10 +16,10 @@ import _ "unsafe" // for go:linkname // negative. Finally, we expose indicatorUnset as negative to the user, so that // we don't need to explicitly annotate fully non-approved services. -//go:linkname getIndicator crypto/internal/fips.getIndicator +//go:linkname getIndicator crypto/internal/fips140.getIndicator func getIndicator() uint8 -//go:linkname setIndicator crypto/internal/fips.setIndicator +//go:linkname setIndicator crypto/internal/fips140.setIndicator func setIndicator(uint8) const ( diff --git a/src/crypto/internal/fips/mlkem/cast.go b/src/crypto/internal/fips140/mlkem/cast.go similarity index 93% rename from src/crypto/internal/fips/mlkem/cast.go rename to src/crypto/internal/fips140/mlkem/cast.go index a2162ee8ab5323..d3ae84ec3f1122 100644 --- a/src/crypto/internal/fips/mlkem/cast.go +++ b/src/crypto/internal/fips140/mlkem/cast.go @@ -6,13 +6,13 @@ package mlkem import ( "bytes" - "crypto/internal/fips" - _ "crypto/internal/fips/check" + "crypto/internal/fips140" + _ "crypto/internal/fips140/check" "errors" ) func init() { - fips.CAST("ML-KEM-768", func() error { + fips140.CAST("ML-KEM-768", func() error { var d = &[32]byte{ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, diff --git a/src/crypto/internal/fips/mlkem/field.go b/src/crypto/internal/fips140/mlkem/field.go similarity index 99% rename from src/crypto/internal/fips/mlkem/field.go rename to src/crypto/internal/fips140/mlkem/field.go index 720e07528eb613..1a42818247221c 100644 --- a/src/crypto/internal/fips/mlkem/field.go +++ b/src/crypto/internal/fips140/mlkem/field.go @@ -5,8 +5,8 @@ package mlkem import ( - "crypto/internal/fips/sha3" - "crypto/internal/fipsdeps/byteorder" + "crypto/internal/fips140/sha3" + "crypto/internal/fips140deps/byteorder" "errors" ) diff --git a/src/crypto/internal/fips/mlkem/field_test.go b/src/crypto/internal/fips140/mlkem/field_test.go similarity index 100% rename from src/crypto/internal/fips/mlkem/field_test.go rename to src/crypto/internal/fips140/mlkem/field_test.go diff --git a/src/crypto/internal/fips/mlkem/generate1024.go b/src/crypto/internal/fips140/mlkem/generate1024.go similarity index 100% rename from src/crypto/internal/fips/mlkem/generate1024.go rename to src/crypto/internal/fips140/mlkem/generate1024.go diff --git a/src/crypto/internal/fips/mlkem/mlkem1024.go b/src/crypto/internal/fips140/mlkem/mlkem1024.go similarity index 96% rename from src/crypto/internal/fips/mlkem/mlkem1024.go rename to src/crypto/internal/fips140/mlkem/mlkem1024.go index 30c9f3f0fb718a..5aa3c69243b346 100644 --- a/src/crypto/internal/fips/mlkem/mlkem1024.go +++ b/src/crypto/internal/fips140/mlkem/mlkem1024.go @@ -3,10 +3,10 @@ package mlkem import ( - "crypto/internal/fips" - "crypto/internal/fips/drbg" - "crypto/internal/fips/sha3" - "crypto/internal/fips/subtle" + "crypto/internal/fips140" + "crypto/internal/fips140/drbg" + "crypto/internal/fips140/sha3" + "crypto/internal/fips140/subtle" "errors" ) @@ -91,11 +91,11 @@ func generateKey1024(dk *DecapsulationKey1024) (*DecapsulationKey1024, error) { var z [32]byte drbg.Read(z[:]) kemKeyGen1024(dk, &d, &z) - if err := fips.PCT("ML-KEM PCT", func() error { return kemPCT1024(dk) }); err != nil { + if err := fips140.PCT("ML-KEM PCT", func() error { return kemPCT1024(dk) }); err != nil { // This clearly can't happen, but FIPS 140-3 requires us to check. panic(err) } - fips.RecordApproved() + fips140.RecordApproved() return dk, nil } @@ -122,11 +122,11 @@ func newKeyFromSeed1024(dk *DecapsulationKey1024, seed []byte) (*DecapsulationKe d := (*[32]byte)(seed[:32]) z := (*[32]byte)(seed[32:]) kemKeyGen1024(dk, d, z) - if err := fips.PCT("ML-KEM PCT", func() error { return kemPCT1024(dk) }); err != nil { + if err := fips140.PCT("ML-KEM PCT", func() error { return kemPCT1024(dk) }); err != nil { // This clearly can't happen, but FIPS 140-3 requires us to check. panic(err) } - fips.RecordApproved() + fips140.RecordApproved() return dk, nil } @@ -215,7 +215,7 @@ func (ek *EncapsulationKey1024) encapsulate(cc *[CiphertextSize1024]byte) (ciphe drbg.Read(m[:]) // Note that the modulus check (step 2 of the encapsulation key check from // FIPS 203, Section 7.2) is performed by polyByteDecode in parseEK1024. - fips.RecordApproved() + fips140.RecordApproved() return kemEncaps1024(cc, ek, &m) } @@ -341,7 +341,7 @@ func (dk *DecapsulationKey1024) Decapsulate(ciphertext []byte) (sharedKey []byte // // It implements ML-KEM.Decaps_internal according to FIPS 203, Algorithm 18. func kemDecaps1024(dk *DecapsulationKey1024, c *[CiphertextSize1024]byte) (K []byte) { - fips.RecordApproved() + fips140.RecordApproved() m := pkeDecrypt1024(&dk.decryptionKey1024, c) g := sha3.New512() g.Write(m[:]) diff --git a/src/crypto/internal/fips/mlkem/mlkem768.go b/src/crypto/internal/fips140/mlkem/mlkem768.go similarity index 96% rename from src/crypto/internal/fips/mlkem/mlkem768.go rename to src/crypto/internal/fips140/mlkem/mlkem768.go index dcab3d8842f7b3..0c91ceadc4284e 100644 --- a/src/crypto/internal/fips/mlkem/mlkem768.go +++ b/src/crypto/internal/fips140/mlkem/mlkem768.go @@ -24,10 +24,10 @@ package mlkem //go:generate go run generate1024.go -input mlkem768.go -output mlkem1024.go import ( - "crypto/internal/fips" - "crypto/internal/fips/drbg" - "crypto/internal/fips/sha3" - "crypto/internal/fips/subtle" + "crypto/internal/fips140" + "crypto/internal/fips140/drbg" + "crypto/internal/fips140/sha3" + "crypto/internal/fips140/subtle" "errors" ) @@ -148,11 +148,11 @@ func generateKey(dk *DecapsulationKey768) (*DecapsulationKey768, error) { var z [32]byte drbg.Read(z[:]) kemKeyGen(dk, &d, &z) - if err := fips.PCT("ML-KEM PCT", func() error { return kemPCT(dk) }); err != nil { + if err := fips140.PCT("ML-KEM PCT", func() error { return kemPCT(dk) }); err != nil { // This clearly can't happen, but FIPS 140-3 requires us to check. panic(err) } - fips.RecordApproved() + fips140.RecordApproved() return dk, nil } @@ -179,11 +179,11 @@ func newKeyFromSeed(dk *DecapsulationKey768, seed []byte) (*DecapsulationKey768, d := (*[32]byte)(seed[:32]) z := (*[32]byte)(seed[32:]) kemKeyGen(dk, d, z) - if err := fips.PCT("ML-KEM PCT", func() error { return kemPCT(dk) }); err != nil { + if err := fips140.PCT("ML-KEM PCT", func() error { return kemPCT(dk) }); err != nil { // This clearly can't happen, but FIPS 140-3 requires us to check. panic(err) } - fips.RecordApproved() + fips140.RecordApproved() return dk, nil } @@ -272,7 +272,7 @@ func (ek *EncapsulationKey768) encapsulate(cc *[CiphertextSize768]byte) (ciphert drbg.Read(m[:]) // Note that the modulus check (step 2 of the encapsulation key check from // FIPS 203, Section 7.2) is performed by polyByteDecode in parseEK. - fips.RecordApproved() + fips140.RecordApproved() return kemEncaps(cc, ek, &m) } @@ -398,7 +398,7 @@ func (dk *DecapsulationKey768) Decapsulate(ciphertext []byte) (sharedKey []byte, // // It implements ML-KEM.Decaps_internal according to FIPS 203, Algorithm 18. func kemDecaps(dk *DecapsulationKey768, c *[CiphertextSize768]byte) (K []byte) { - fips.RecordApproved() + fips140.RecordApproved() m := pkeDecrypt(&dk.decryptionKey, c) g := sha3.New512() g.Write(m[:]) diff --git a/src/crypto/internal/fips/nistec/_asm/go.mod b/src/crypto/internal/fips140/nistec/_asm/go.mod similarity index 80% rename from src/crypto/internal/fips/nistec/_asm/go.mod rename to src/crypto/internal/fips140/nistec/_asm/go.mod index eb361dbaf5cf1c..09daa240276170 100644 --- a/src/crypto/internal/fips/nistec/_asm/go.mod +++ b/src/crypto/internal/fips140/nistec/_asm/go.mod @@ -1,4 +1,4 @@ -module crypto/internal/fips/nistec/_asm +module crypto/internal/fips140/nistec/_asm go 1.24 diff --git a/src/crypto/internal/fips/nistec/_asm/go.sum b/src/crypto/internal/fips140/nistec/_asm/go.sum similarity index 100% rename from src/crypto/internal/fips/nistec/_asm/go.sum rename to src/crypto/internal/fips140/nistec/_asm/go.sum diff --git a/src/crypto/internal/fips/nistec/_asm/p256_asm.go b/src/crypto/internal/fips140/nistec/_asm/p256_asm.go similarity index 99% rename from src/crypto/internal/fips/nistec/_asm/p256_asm.go rename to src/crypto/internal/fips140/nistec/_asm/p256_asm.go index 5616513a242944..c32e7edf74a7a3 100644 --- a/src/crypto/internal/fips/nistec/_asm/p256_asm.go +++ b/src/crypto/internal/fips140/nistec/_asm/p256_asm.go @@ -43,7 +43,7 @@ var ( ) func main() { - Package("crypto/internal/fips/nistec") + Package("crypto/internal/fips140/nistec") ConstraintExpr("!purego") p256MovCond() p256NegCond() diff --git a/src/crypto/internal/fips/nistec/benchmark_test.go b/src/crypto/internal/fips140/nistec/benchmark_test.go similarity index 98% rename from src/crypto/internal/fips/nistec/benchmark_test.go rename to src/crypto/internal/fips140/nistec/benchmark_test.go index 17d131e05b1b9d..1b8d4f4e710f2f 100644 --- a/src/crypto/internal/fips/nistec/benchmark_test.go +++ b/src/crypto/internal/fips140/nistec/benchmark_test.go @@ -5,7 +5,7 @@ package nistec_test import ( - "crypto/internal/fips/nistec" + "crypto/internal/fips140/nistec" "crypto/rand" "testing" ) diff --git a/src/crypto/internal/fips/nistec/fiat/Dockerfile b/src/crypto/internal/fips140/nistec/fiat/Dockerfile similarity index 100% rename from src/crypto/internal/fips/nistec/fiat/Dockerfile rename to src/crypto/internal/fips140/nistec/fiat/Dockerfile diff --git a/src/crypto/internal/fips/nistec/fiat/README b/src/crypto/internal/fips140/nistec/fiat/README similarity index 100% rename from src/crypto/internal/fips/nistec/fiat/README rename to src/crypto/internal/fips140/nistec/fiat/README diff --git a/src/crypto/internal/fips/nistec/fiat/benchmark_test.go b/src/crypto/internal/fips140/nistec/fiat/benchmark_test.go similarity index 96% rename from src/crypto/internal/fips/nistec/fiat/benchmark_test.go rename to src/crypto/internal/fips140/nistec/fiat/benchmark_test.go index 013d76f7ba8685..eed6952962672b 100644 --- a/src/crypto/internal/fips/nistec/fiat/benchmark_test.go +++ b/src/crypto/internal/fips140/nistec/fiat/benchmark_test.go @@ -5,7 +5,7 @@ package fiat_test import ( - "crypto/internal/fips/nistec/fiat" + "crypto/internal/fips140/nistec/fiat" "testing" ) diff --git a/src/crypto/internal/fips/nistec/fiat/cast.go b/src/crypto/internal/fips140/nistec/fiat/cast.go similarity index 80% rename from src/crypto/internal/fips/nistec/fiat/cast.go rename to src/crypto/internal/fips140/nistec/fiat/cast.go index 1b536fd7d7b03b..39fecd42498266 100644 --- a/src/crypto/internal/fips/nistec/fiat/cast.go +++ b/src/crypto/internal/fips140/nistec/fiat/cast.go @@ -4,4 +4,4 @@ package fiat -import _ "crypto/internal/fips/check" +import _ "crypto/internal/fips140/check" diff --git a/src/crypto/internal/fips/nistec/fiat/generate.go b/src/crypto/internal/fips140/nistec/fiat/generate.go similarity index 99% rename from src/crypto/internal/fips/nistec/fiat/generate.go rename to src/crypto/internal/fips140/nistec/fiat/generate.go index 831524970b9ec6..b8c5a1389c5673 100644 --- a/src/crypto/internal/fips/nistec/fiat/generate.go +++ b/src/crypto/internal/fips140/nistec/fiat/generate.go @@ -152,7 +152,7 @@ const tmplWrapper = `// Copyright 2021 The Go Authors. All rights reserved. package fiat import ( - "crypto/internal/fips/subtle" + "crypto/internal/fips140/subtle" "errors" ) diff --git a/src/crypto/internal/fips/nistec/fiat/p224.go b/src/crypto/internal/fips140/nistec/fiat/p224.go similarity index 99% rename from src/crypto/internal/fips/nistec/fiat/p224.go rename to src/crypto/internal/fips140/nistec/fiat/p224.go index 0973f173c1f2c7..cdce9f7018f9e8 100644 --- a/src/crypto/internal/fips/nistec/fiat/p224.go +++ b/src/crypto/internal/fips140/nistec/fiat/p224.go @@ -7,7 +7,7 @@ package fiat import ( - "crypto/internal/fips/subtle" + "crypto/internal/fips140/subtle" "errors" ) diff --git a/src/crypto/internal/fips/nistec/fiat/p224_fiat64.go b/src/crypto/internal/fips140/nistec/fiat/p224_fiat64.go similarity index 100% rename from src/crypto/internal/fips/nistec/fiat/p224_fiat64.go rename to src/crypto/internal/fips140/nistec/fiat/p224_fiat64.go diff --git a/src/crypto/internal/fips/nistec/fiat/p224_invert.go b/src/crypto/internal/fips140/nistec/fiat/p224_invert.go similarity index 100% rename from src/crypto/internal/fips/nistec/fiat/p224_invert.go rename to src/crypto/internal/fips140/nistec/fiat/p224_invert.go diff --git a/src/crypto/internal/fips/nistec/fiat/p256.go b/src/crypto/internal/fips140/nistec/fiat/p256.go similarity index 99% rename from src/crypto/internal/fips/nistec/fiat/p256.go rename to src/crypto/internal/fips140/nistec/fiat/p256.go index 7933e05bcf06af..fb7284977ac902 100644 --- a/src/crypto/internal/fips/nistec/fiat/p256.go +++ b/src/crypto/internal/fips140/nistec/fiat/p256.go @@ -7,7 +7,7 @@ package fiat import ( - "crypto/internal/fips/subtle" + "crypto/internal/fips140/subtle" "errors" ) diff --git a/src/crypto/internal/fips/nistec/fiat/p256_fiat64.go b/src/crypto/internal/fips140/nistec/fiat/p256_fiat64.go similarity index 100% rename from src/crypto/internal/fips/nistec/fiat/p256_fiat64.go rename to src/crypto/internal/fips140/nistec/fiat/p256_fiat64.go diff --git a/src/crypto/internal/fips/nistec/fiat/p256_invert.go b/src/crypto/internal/fips140/nistec/fiat/p256_invert.go similarity index 100% rename from src/crypto/internal/fips/nistec/fiat/p256_invert.go rename to src/crypto/internal/fips140/nistec/fiat/p256_invert.go diff --git a/src/crypto/internal/fips/nistec/fiat/p384.go b/src/crypto/internal/fips140/nistec/fiat/p384.go similarity index 99% rename from src/crypto/internal/fips/nistec/fiat/p384.go rename to src/crypto/internal/fips140/nistec/fiat/p384.go index 667c62b01c1e2f..505b7e9a2d9491 100644 --- a/src/crypto/internal/fips/nistec/fiat/p384.go +++ b/src/crypto/internal/fips140/nistec/fiat/p384.go @@ -7,7 +7,7 @@ package fiat import ( - "crypto/internal/fips/subtle" + "crypto/internal/fips140/subtle" "errors" ) diff --git a/src/crypto/internal/fips/nistec/fiat/p384_fiat64.go b/src/crypto/internal/fips140/nistec/fiat/p384_fiat64.go similarity index 100% rename from src/crypto/internal/fips/nistec/fiat/p384_fiat64.go rename to src/crypto/internal/fips140/nistec/fiat/p384_fiat64.go diff --git a/src/crypto/internal/fips/nistec/fiat/p384_invert.go b/src/crypto/internal/fips140/nistec/fiat/p384_invert.go similarity index 100% rename from src/crypto/internal/fips/nistec/fiat/p384_invert.go rename to src/crypto/internal/fips140/nistec/fiat/p384_invert.go diff --git a/src/crypto/internal/fips/nistec/fiat/p521.go b/src/crypto/internal/fips140/nistec/fiat/p521.go similarity index 99% rename from src/crypto/internal/fips/nistec/fiat/p521.go rename to src/crypto/internal/fips140/nistec/fiat/p521.go index 7106470572b371..48141900ff6723 100644 --- a/src/crypto/internal/fips/nistec/fiat/p521.go +++ b/src/crypto/internal/fips140/nistec/fiat/p521.go @@ -7,7 +7,7 @@ package fiat import ( - "crypto/internal/fips/subtle" + "crypto/internal/fips140/subtle" "errors" ) diff --git a/src/crypto/internal/fips/nistec/fiat/p521_fiat64.go b/src/crypto/internal/fips140/nistec/fiat/p521_fiat64.go similarity index 100% rename from src/crypto/internal/fips/nistec/fiat/p521_fiat64.go rename to src/crypto/internal/fips140/nistec/fiat/p521_fiat64.go diff --git a/src/crypto/internal/fips/nistec/fiat/p521_invert.go b/src/crypto/internal/fips140/nistec/fiat/p521_invert.go similarity index 100% rename from src/crypto/internal/fips/nistec/fiat/p521_invert.go rename to src/crypto/internal/fips140/nistec/fiat/p521_invert.go diff --git a/src/crypto/internal/fips/nistec/generate.go b/src/crypto/internal/fips140/nistec/generate.go similarity index 99% rename from src/crypto/internal/fips/nistec/generate.go rename to src/crypto/internal/fips140/nistec/generate.go index 105ce79d66c871..7786dc556f5260 100644 --- a/src/crypto/internal/fips/nistec/generate.go +++ b/src/crypto/internal/fips140/nistec/generate.go @@ -140,8 +140,8 @@ const tmplNISTEC = `// Copyright 2022 The Go Authors. All rights reserved. package nistec import ( - "crypto/internal/fips/nistec/fiat" - "crypto/internal/fips/subtle" + "crypto/internal/fips140/nistec/fiat" + "crypto/internal/fips140/subtle" "errors" "sync" ) diff --git a/src/crypto/internal/fips/nistec/nistec.go b/src/crypto/internal/fips140/nistec/nistec.go similarity index 94% rename from src/crypto/internal/fips/nistec/nistec.go rename to src/crypto/internal/fips140/nistec/nistec.go index c85cfa370de5c4..7ec98188184636 100644 --- a/src/crypto/internal/fips/nistec/nistec.go +++ b/src/crypto/internal/fips140/nistec/nistec.go @@ -12,6 +12,6 @@ // can't be represented. package nistec -import _ "crypto/internal/fips/check" +import _ "crypto/internal/fips140/check" //go:generate go run generate.go diff --git a/src/crypto/internal/fips/nistec/p224.go b/src/crypto/internal/fips140/nistec/p224.go similarity index 99% rename from src/crypto/internal/fips/nistec/p224.go rename to src/crypto/internal/fips140/nistec/p224.go index ef6e7e6bafd623..82bced251fe0ac 100644 --- a/src/crypto/internal/fips/nistec/p224.go +++ b/src/crypto/internal/fips140/nistec/p224.go @@ -7,8 +7,8 @@ package nistec import ( - "crypto/internal/fips/nistec/fiat" - "crypto/internal/fips/subtle" + "crypto/internal/fips140/nistec/fiat" + "crypto/internal/fips140/subtle" "errors" "sync" ) diff --git a/src/crypto/internal/fips/nistec/p224_sqrt.go b/src/crypto/internal/fips140/nistec/p224_sqrt.go similarity index 98% rename from src/crypto/internal/fips/nistec/p224_sqrt.go rename to src/crypto/internal/fips140/nistec/p224_sqrt.go index c83e965bb4df68..338c2491ed12e8 100644 --- a/src/crypto/internal/fips/nistec/p224_sqrt.go +++ b/src/crypto/internal/fips140/nistec/p224_sqrt.go @@ -5,7 +5,7 @@ package nistec import ( - "crypto/internal/fips/nistec/fiat" + "crypto/internal/fips140/nistec/fiat" "sync" ) diff --git a/src/crypto/internal/fips/nistec/p256.go b/src/crypto/internal/fips140/nistec/p256.go similarity index 99% rename from src/crypto/internal/fips/nistec/p256.go rename to src/crypto/internal/fips140/nistec/p256.go index e83fc034bd8f11..c957c5424737b0 100644 --- a/src/crypto/internal/fips/nistec/p256.go +++ b/src/crypto/internal/fips140/nistec/p256.go @@ -7,10 +7,10 @@ package nistec import ( - "crypto/internal/fips/nistec/fiat" - "crypto/internal/fips/subtle" - "crypto/internal/fipsdeps/byteorder" - "crypto/internal/fipsdeps/cpu" + "crypto/internal/fips140/nistec/fiat" + "crypto/internal/fips140/subtle" + "crypto/internal/fips140deps/byteorder" + "crypto/internal/fips140deps/cpu" "errors" "math/bits" "sync" diff --git a/src/crypto/internal/fips/nistec/p256_asm.go b/src/crypto/internal/fips140/nistec/p256_asm.go similarity index 99% rename from src/crypto/internal/fips/nistec/p256_asm.go rename to src/crypto/internal/fips140/nistec/p256_asm.go index 08e771cc100151..f00e70d99d1d8c 100644 --- a/src/crypto/internal/fips/nistec/p256_asm.go +++ b/src/crypto/internal/fips140/nistec/p256_asm.go @@ -15,7 +15,7 @@ package nistec import ( - "crypto/internal/fipsdeps/byteorder" + "crypto/internal/fips140deps/byteorder" "errors" "math/bits" "runtime" diff --git a/src/crypto/internal/fips/nistec/p256_asm_amd64.s b/src/crypto/internal/fips140/nistec/p256_asm_amd64.s similarity index 100% rename from src/crypto/internal/fips/nistec/p256_asm_amd64.s rename to src/crypto/internal/fips140/nistec/p256_asm_amd64.s diff --git a/src/crypto/internal/fips/nistec/p256_asm_arm64.s b/src/crypto/internal/fips140/nistec/p256_asm_arm64.s similarity index 100% rename from src/crypto/internal/fips/nistec/p256_asm_arm64.s rename to src/crypto/internal/fips140/nistec/p256_asm_arm64.s diff --git a/src/crypto/internal/fips/nistec/p256_asm_ppc64le.s b/src/crypto/internal/fips140/nistec/p256_asm_ppc64le.s similarity index 100% rename from src/crypto/internal/fips/nistec/p256_asm_ppc64le.s rename to src/crypto/internal/fips140/nistec/p256_asm_ppc64le.s diff --git a/src/crypto/internal/fips/nistec/p256_asm_s390x.s b/src/crypto/internal/fips140/nistec/p256_asm_s390x.s similarity index 100% rename from src/crypto/internal/fips/nistec/p256_asm_s390x.s rename to src/crypto/internal/fips140/nistec/p256_asm_s390x.s diff --git a/src/crypto/internal/fips/nistec/p256_asm_test.go b/src/crypto/internal/fips140/nistec/p256_asm_test.go similarity index 100% rename from src/crypto/internal/fips/nistec/p256_asm_test.go rename to src/crypto/internal/fips140/nistec/p256_asm_test.go diff --git a/src/crypto/internal/fips/nistec/p256_ordinv.go b/src/crypto/internal/fips140/nistec/p256_ordinv.go similarity index 100% rename from src/crypto/internal/fips/nistec/p256_ordinv.go rename to src/crypto/internal/fips140/nistec/p256_ordinv.go diff --git a/src/crypto/internal/fips/nistec/p256_ordinv_noasm.go b/src/crypto/internal/fips140/nistec/p256_ordinv_noasm.go similarity index 100% rename from src/crypto/internal/fips/nistec/p256_ordinv_noasm.go rename to src/crypto/internal/fips140/nistec/p256_ordinv_noasm.go diff --git a/src/crypto/internal/fips/nistec/p256_table.go b/src/crypto/internal/fips140/nistec/p256_table.go similarity index 100% rename from src/crypto/internal/fips/nistec/p256_table.go rename to src/crypto/internal/fips140/nistec/p256_table.go diff --git a/src/crypto/internal/fips/nistec/p256_table_test.go b/src/crypto/internal/fips140/nistec/p256_table_test.go similarity index 96% rename from src/crypto/internal/fips/nistec/p256_table_test.go rename to src/crypto/internal/fips140/nistec/p256_table_test.go index 0fb95ccf822bd1..5b2757da2b4f43 100644 --- a/src/crypto/internal/fips/nistec/p256_table_test.go +++ b/src/crypto/internal/fips140/nistec/p256_table_test.go @@ -8,7 +8,7 @@ package nistec import ( "bytes" - "crypto/internal/fips/nistec/fiat" + "crypto/internal/fips140/nistec/fiat" "fmt" "testing" ) diff --git a/src/crypto/internal/fips/nistec/p384.go b/src/crypto/internal/fips140/nistec/p384.go similarity index 99% rename from src/crypto/internal/fips/nistec/p384.go rename to src/crypto/internal/fips140/nistec/p384.go index 49226d96dfedb2..318c08a97972f7 100644 --- a/src/crypto/internal/fips/nistec/p384.go +++ b/src/crypto/internal/fips140/nistec/p384.go @@ -7,8 +7,8 @@ package nistec import ( - "crypto/internal/fips/nistec/fiat" - "crypto/internal/fips/subtle" + "crypto/internal/fips140/nistec/fiat" + "crypto/internal/fips140/subtle" "errors" "sync" ) diff --git a/src/crypto/internal/fips/nistec/p521.go b/src/crypto/internal/fips140/nistec/p521.go similarity index 99% rename from src/crypto/internal/fips/nistec/p521.go rename to src/crypto/internal/fips140/nistec/p521.go index f724d0233ad118..8ade8a33040b7a 100644 --- a/src/crypto/internal/fips/nistec/p521.go +++ b/src/crypto/internal/fips140/nistec/p521.go @@ -7,8 +7,8 @@ package nistec import ( - "crypto/internal/fips/nistec/fiat" - "crypto/internal/fips/subtle" + "crypto/internal/fips140/nistec/fiat" + "crypto/internal/fips140/subtle" "errors" "sync" ) diff --git a/src/crypto/internal/fips/rsa/cast.go b/src/crypto/internal/fips140/rsa/cast.go similarity index 98% rename from src/crypto/internal/fips/rsa/cast.go rename to src/crypto/internal/fips140/rsa/cast.go index 41666e6a0bb99c..a547d985e89ee2 100644 --- a/src/crypto/internal/fips/rsa/cast.go +++ b/src/crypto/internal/fips140/rsa/cast.go @@ -6,9 +6,9 @@ package rsa import ( "bytes" - "crypto/internal/fips" - "crypto/internal/fips/bigmod" - _ "crypto/internal/fips/check" + "crypto/internal/fips140" + "crypto/internal/fips140/bigmod" + _ "crypto/internal/fips140/check" "errors" "sync" ) @@ -185,7 +185,7 @@ func testHash() []byte { } var fipsSelfTest = sync.OnceFunc(func() { - fips.CAST("RSASSA-PKCS-v1.5 2048-bit sign and verify", func() error { + fips140.CAST("RSASSA-PKCS-v1.5 2048-bit sign and verify", func() error { k := testPrivateKey() hash := []byte{ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, diff --git a/src/crypto/internal/fips/rsa/pkcs1v15.go b/src/crypto/internal/fips140/rsa/pkcs1v15.go similarity index 97% rename from src/crypto/internal/fips/rsa/pkcs1v15.go rename to src/crypto/internal/fips140/rsa/pkcs1v15.go index a3f8f5b339da00..b8261bd1e55977 100644 --- a/src/crypto/internal/fips/rsa/pkcs1v15.go +++ b/src/crypto/internal/fips140/rsa/pkcs1v15.go @@ -8,7 +8,7 @@ package rsa import ( "bytes" - "crypto/internal/fips" + "crypto/internal/fips140" "errors" ) @@ -45,7 +45,7 @@ var hashPrefixes = map[string][]byte{ // or the empty string to indicate that the message is signed directly. func SignPKCS1v15(priv *PrivateKey, hash string, hashed []byte) ([]byte, error) { fipsSelfTest() - fips.RecordApproved() + fips140.RecordApproved() checkApprovedHashName(hash) return signPKCS1v15(priv, hash, hashed) @@ -92,7 +92,7 @@ func pkcs1v15ConstructEM(pub *PublicKey, hash string, hashed []byte) ([]byte, er // or the empty string to indicate that the message is signed directly. func VerifyPKCS1v15(pub *PublicKey, hash string, hashed []byte, sig []byte) error { fipsSelfTest() - fips.RecordApproved() + fips140.RecordApproved() checkApprovedHashName(hash) return verifyPKCS1v15(pub, hash, hashed, sig) @@ -131,6 +131,6 @@ func checkApprovedHashName(hash string) { case "SHA-224", "SHA-256", "SHA-384", "SHA-512", "SHA-512/224", "SHA-512/256", "SHA3-224", "SHA3-256", "SHA3-384", "SHA3-512": default: - fips.RecordNonApproved() + fips140.RecordNonApproved() } } diff --git a/src/crypto/internal/fips/rsa/pkcs1v15_test.go b/src/crypto/internal/fips140/rsa/pkcs1v15_test.go similarity index 100% rename from src/crypto/internal/fips/rsa/pkcs1v15_test.go rename to src/crypto/internal/fips140/rsa/pkcs1v15_test.go diff --git a/src/crypto/internal/fips/rsa/pkcs1v22.go b/src/crypto/internal/fips140/rsa/pkcs1v22.go similarity index 89% rename from src/crypto/internal/fips/rsa/pkcs1v22.go rename to src/crypto/internal/fips140/rsa/pkcs1v22.go index 753d96e7b1a193..2e82317ffaaa4e 100644 --- a/src/crypto/internal/fips/rsa/pkcs1v22.go +++ b/src/crypto/internal/fips140/rsa/pkcs1v22.go @@ -9,12 +9,12 @@ package rsa import ( "bytes" - "crypto/internal/fips" - "crypto/internal/fips/drbg" - "crypto/internal/fips/sha256" - "crypto/internal/fips/sha3" - "crypto/internal/fips/sha512" - "crypto/internal/fips/subtle" + "crypto/internal/fips140" + "crypto/internal/fips140/drbg" + "crypto/internal/fips140/sha256" + "crypto/internal/fips140/sha3" + "crypto/internal/fips140/sha512" + "crypto/internal/fips140/subtle" "errors" "io" ) @@ -48,7 +48,7 @@ func incCounter(c *[4]byte) { // mgf1XOR XORs the bytes in out with a mask generated using the MGF1 function // specified in PKCS #1 v2.1. -func mgf1XOR(out []byte, hash fips.Hash, seed []byte) { +func mgf1XOR(out []byte, hash fips140.Hash, seed []byte) { var counter [4]byte var digest []byte @@ -67,7 +67,7 @@ func mgf1XOR(out []byte, hash fips.Hash, seed []byte) { } } -func emsaPSSEncode(mHash []byte, emBits int, salt []byte, hash fips.Hash) ([]byte, error) { +func emsaPSSEncode(mHash []byte, emBits int, salt []byte, hash fips140.Hash) ([]byte, error) { // See RFC 8017, Section 9.1.1. hLen := hash.Size() @@ -144,7 +144,7 @@ func emsaPSSEncode(mHash []byte, emBits int, salt []byte, hash fips.Hash) ([]byt const pssSaltLengthAutodetect = -1 -func emsaPSSVerify(mHash, em []byte, emBits, sLen int, hash fips.Hash) error { +func emsaPSSVerify(mHash, em []byte, emBits, sLen int, hash fips140.Hash) error { // See RFC 8017, Section 9.1.2. hLen := hash.Size() @@ -207,7 +207,7 @@ func emsaPSSVerify(mHash, em []byte, emBits, sLen int, hash fips.Hash) error { // FIPS 186-5, Section 5.4(g): "the length (in bytes) of the salt (sLen) // shall satisfy 0 ≤ sLen ≤ hLen". if sLen > hLen { - fips.RecordNonApproved() + fips140.RecordNonApproved() } // 10. If the emLen - hLen - sLen - 2 leftmost octets of DB are not zero @@ -250,14 +250,14 @@ func emsaPSSVerify(mHash, em []byte, emBits, sLen int, hash fips.Hash) error { // PSSMaxSaltLength returns the maximum salt length for a given public key and // hash function. -func PSSMaxSaltLength(pub *PublicKey, hash fips.Hash) (int, error) { +func PSSMaxSaltLength(pub *PublicKey, hash fips140.Hash) (int, error) { saltLength := (pub.N.BitLen()-1+7)/8 - 2 - hash.Size() if saltLength < 0 { return 0, ErrMessageTooLong } // FIPS 186-5, Section 5.4(g): "the length (in bytes) of the salt (sLen) // shall satisfy 0 ≤ sLen ≤ hLen". - if fips.Enabled && saltLength > hash.Size() { + if fips140.Enabled && saltLength > hash.Size() { return hash.Size(), nil } return saltLength, nil @@ -266,9 +266,9 @@ func PSSMaxSaltLength(pub *PublicKey, hash fips.Hash) (int, error) { // SignPSS calculates the signature of hashed using RSASSA-PSS. // // In FIPS mode, rand is ignored and can be nil. -func SignPSS(rand io.Reader, priv *PrivateKey, hash fips.Hash, hashed []byte, saltLength int) ([]byte, error) { +func SignPSS(rand io.Reader, priv *PrivateKey, hash fips140.Hash, hashed []byte, saltLength int) ([]byte, error) { fipsSelfTest() - fips.RecordApproved() + fips140.RecordApproved() checkApprovedHash(hash) // Note that while we don't commit to deterministic execution with respect @@ -283,10 +283,10 @@ func SignPSS(rand io.Reader, priv *PrivateKey, hash fips.Hash, hashed []byte, sa // FIPS 186-5, Section 5.4(g): "the length (in bytes) of the salt (sLen) // shall satisfy 0 ≤ sLen ≤ hLen". if saltLength > hash.Size() { - fips.RecordNonApproved() + fips140.RecordNonApproved() } salt := make([]byte, saltLength) - if fips.Enabled { + if fips140.Enabled { drbg.Read(salt) } else { if _, err := io.ReadFull(rand, salt); err != nil { @@ -317,21 +317,21 @@ func SignPSS(rand io.Reader, priv *PrivateKey, hash fips.Hash, hashed []byte, sa } // VerifyPSS verifies sig with RSASSA-PSS automatically detecting the salt length. -func VerifyPSS(pub *PublicKey, hash fips.Hash, digest []byte, sig []byte) error { +func VerifyPSS(pub *PublicKey, hash fips140.Hash, digest []byte, sig []byte) error { return verifyPSS(pub, hash, digest, sig, pssSaltLengthAutodetect) } // VerifyPSS verifies sig with RSASSA-PSS and an expected salt length. -func VerifyPSSWithSaltLength(pub *PublicKey, hash fips.Hash, digest []byte, sig []byte, saltLength int) error { +func VerifyPSSWithSaltLength(pub *PublicKey, hash fips140.Hash, digest []byte, sig []byte, saltLength int) error { if saltLength < 0 { return errors.New("crypto/rsa: salt length cannot be negative") } return verifyPSS(pub, hash, digest, sig, saltLength) } -func verifyPSS(pub *PublicKey, hash fips.Hash, digest []byte, sig []byte, saltLength int) error { +func verifyPSS(pub *PublicKey, hash fips140.Hash, digest []byte, sig []byte, saltLength int) error { fipsSelfTest() - fips.RecordApproved() + fips140.RecordApproved() checkApprovedHash(hash) if err := checkPublicKey(pub); err != nil { return err @@ -363,18 +363,18 @@ func verifyPSS(pub *PublicKey, hash fips.Hash, digest []byte, sig []byte, saltLe return emsaPSSVerify(digest, em, emBits, saltLength, hash) } -func checkApprovedHash(hash fips.Hash) { +func checkApprovedHash(hash fips140.Hash) { switch hash.(type) { case *sha256.Digest, *sha512.Digest, *sha3.Digest: default: - fips.RecordNonApproved() + fips140.RecordNonApproved() } } // EncryptOAEP encrypts the given message with RSAES-OAEP. // // In FIPS mode, random is ignored and can be nil. -func EncryptOAEP(hash fips.Hash, random io.Reader, pub *PublicKey, msg []byte, label []byte) ([]byte, error) { +func EncryptOAEP(hash fips140.Hash, random io.Reader, pub *PublicKey, msg []byte, label []byte) ([]byte, error) { // Note that while we don't commit to deterministic execution with respect // to the random stream, we also don't apply MaybeReadByte, so per Hyrum's // Law it's probably relied upon by some. It's a tolerable promise because a @@ -382,7 +382,7 @@ func EncryptOAEP(hash fips.Hash, random io.Reader, pub *PublicKey, msg []byte, l // well-specified way. fipsSelfTest() - fips.RecordApproved() + fips140.RecordApproved() checkApprovedHash(hash) if err := checkPublicKey(pub); err != nil { return nil, err @@ -404,7 +404,7 @@ func EncryptOAEP(hash fips.Hash, random io.Reader, pub *PublicKey, msg []byte, l db[len(db)-len(msg)-1] = 1 copy(db[len(db)-len(msg):], msg) - if fips.Enabled { + if fips140.Enabled { drbg.Read(seed) } else { _, err := io.ReadFull(random, seed) @@ -420,9 +420,9 @@ func EncryptOAEP(hash fips.Hash, random io.Reader, pub *PublicKey, msg []byte, l } // DecryptOAEP decrypts ciphertext using RSAES-OAEP. -func DecryptOAEP(hash, mgfHash fips.Hash, priv *PrivateKey, ciphertext []byte, label []byte) ([]byte, error) { +func DecryptOAEP(hash, mgfHash fips140.Hash, priv *PrivateKey, ciphertext []byte, label []byte) ([]byte, error) { fipsSelfTest() - fips.RecordApproved() + fips140.RecordApproved() checkApprovedHash(hash) k := priv.pub.Size() diff --git a/src/crypto/internal/fips/rsa/pkcs1v22_test.go b/src/crypto/internal/fips140/rsa/pkcs1v22_test.go similarity index 100% rename from src/crypto/internal/fips/rsa/pkcs1v22_test.go rename to src/crypto/internal/fips140/rsa/pkcs1v22_test.go diff --git a/src/crypto/internal/fips/rsa/rsa.go b/src/crypto/internal/fips140/rsa/rsa.go similarity index 94% rename from src/crypto/internal/fips/rsa/rsa.go rename to src/crypto/internal/fips140/rsa/rsa.go index d7a7b03c6de657..91655142dd08eb 100644 --- a/src/crypto/internal/fips/rsa/rsa.go +++ b/src/crypto/internal/fips140/rsa/rsa.go @@ -5,8 +5,8 @@ package rsa import ( - "crypto/internal/fips" - "crypto/internal/fips/bigmod" + "crypto/internal/fips140" + "crypto/internal/fips140/bigmod" "errors" ) @@ -68,7 +68,7 @@ func NewPrivateKey(N []byte, e int, d, P, Q, dP, dQ, qInv []byte) (*PrivateKey, // TODO(filippo): implement CRT computation. For now, NewPrivateKey is // always called with CRT values. if dP == nil || dQ == nil || qInv == nil { - panic("crypto/internal/fips/rsa: internal error: missing CRT parameters") + panic("crypto/internal/fips140/rsa: internal error: missing CRT parameters") } qInvN, err := bigmod.NewNat().SetBytes(qInv, p) if err != nil { @@ -116,7 +116,7 @@ func checkPublicKey(pub *PublicKey) error { return errors.New("crypto/rsa: missing public modulus") } if pub.N.BitLen() < 2048 || pub.N.BitLen() > 16384 { - fips.RecordNonApproved() + fips140.RecordNonApproved() } if pub.E < 2 { return errors.New("crypto/rsa: public exponent too small or negative") @@ -124,7 +124,7 @@ func checkPublicKey(pub *PublicKey) error { // FIPS 186-5, Section 5.5(e): "The exponent e shall be an odd, positive // integer such that 2¹⁶ < e < 2²⁵⁶." if pub.E <= 1<<16 || pub.E&1 == 0 { - fips.RecordNonApproved() + fips140.RecordNonApproved() } // We require pub.E to fit into a 32-bit integer so that we // do not have different behavior depending on whether @@ -138,7 +138,7 @@ func checkPublicKey(pub *PublicKey) error { // Encrypt performs the RSA public key operation. func Encrypt(pub *PublicKey, plaintext []byte) ([]byte, error) { - fips.RecordNonApproved() + fips140.RecordNonApproved() if err := checkPublicKey(pub); err != nil { return nil, err } @@ -162,14 +162,14 @@ const noCheck = false // DecryptWithoutCheck performs the RSA private key operation. func DecryptWithoutCheck(priv *PrivateKey, ciphertext []byte) ([]byte, error) { - fips.RecordNonApproved() + fips140.RecordNonApproved() return decrypt(priv, ciphertext, noCheck) } // DecryptWithCheck performs the RSA private key operation and checks the // result to defend against errors in the CRT computation. func DecryptWithCheck(priv *PrivateKey, ciphertext []byte) ([]byte, error) { - fips.RecordNonApproved() + fips140.RecordNonApproved() return decrypt(priv, ciphertext, withCheck) } @@ -187,7 +187,7 @@ func decrypt(priv *PrivateKey, ciphertext []byte, check bool) ([]byte, error) { if priv.dP == nil { // Legacy codepath for deprecated multi-prime keys. - fips.RecordNonApproved() + fips140.RecordNonApproved() m = bigmod.NewNat().Exp(c, priv.d.Bytes(N), N) } else { diff --git a/src/crypto/internal/fips/sha256/_asm/go.mod b/src/crypto/internal/fips140/sha256/_asm/go.mod similarity index 100% rename from src/crypto/internal/fips/sha256/_asm/go.mod rename to src/crypto/internal/fips140/sha256/_asm/go.mod diff --git a/src/crypto/internal/fips/sha256/_asm/go.sum b/src/crypto/internal/fips140/sha256/_asm/go.sum similarity index 100% rename from src/crypto/internal/fips/sha256/_asm/go.sum rename to src/crypto/internal/fips140/sha256/_asm/go.sum diff --git a/src/crypto/internal/fips/sha256/_asm/sha256block_amd64_asm.go b/src/crypto/internal/fips140/sha256/_asm/sha256block_amd64_asm.go similarity index 99% rename from src/crypto/internal/fips/sha256/_asm/sha256block_amd64_asm.go rename to src/crypto/internal/fips140/sha256/_asm/sha256block_amd64_asm.go index 3f5d5bdc23cc7f..b26c2418e51ea0 100644 --- a/src/crypto/internal/fips/sha256/_asm/sha256block_amd64_asm.go +++ b/src/crypto/internal/fips140/sha256/_asm/sha256block_amd64_asm.go @@ -59,7 +59,7 @@ func main() { os.Setenv("GOOS", "linux") os.Setenv("GOARCH", "amd64") - Package("crypto/internal/fips/sha256") + Package("crypto/internal/fips140/sha256") ConstraintExpr("!purego") blockAMD64() blockAVX2() diff --git a/src/crypto/internal/fips/sha256/_asm/sha256block_amd64_avx2.go b/src/crypto/internal/fips140/sha256/_asm/sha256block_amd64_avx2.go similarity index 100% rename from src/crypto/internal/fips/sha256/_asm/sha256block_amd64_avx2.go rename to src/crypto/internal/fips140/sha256/_asm/sha256block_amd64_avx2.go diff --git a/src/crypto/internal/fips/sha256/_asm/sha256block_amd64_shani.go b/src/crypto/internal/fips140/sha256/_asm/sha256block_amd64_shani.go similarity index 100% rename from src/crypto/internal/fips/sha256/_asm/sha256block_amd64_shani.go rename to src/crypto/internal/fips140/sha256/_asm/sha256block_amd64_shani.go diff --git a/src/crypto/internal/fips/sha256/cast.go b/src/crypto/internal/fips140/sha256/cast.go similarity index 91% rename from src/crypto/internal/fips/sha256/cast.go rename to src/crypto/internal/fips140/sha256/cast.go index ea40ebe76c8e1f..2994d35d10e554 100644 --- a/src/crypto/internal/fips/sha256/cast.go +++ b/src/crypto/internal/fips140/sha256/cast.go @@ -6,12 +6,12 @@ package sha256 import ( "bytes" - "crypto/internal/fips" + "crypto/internal/fips140" "errors" ) func init() { - fips.CAST("SHA2-256", func() error { + fips140.CAST("SHA2-256", func() error { input := []byte{ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, diff --git a/src/crypto/internal/fips/sha256/sha256.go b/src/crypto/internal/fips140/sha256/sha256.go similarity index 98% rename from src/crypto/internal/fips/sha256/sha256.go rename to src/crypto/internal/fips140/sha256/sha256.go index 16b9aae31605e9..e8c7c25f06294f 100644 --- a/src/crypto/internal/fips/sha256/sha256.go +++ b/src/crypto/internal/fips140/sha256/sha256.go @@ -7,8 +7,8 @@ package sha256 import ( - "crypto/internal/fips" - "crypto/internal/fipsdeps/byteorder" + "crypto/internal/fips140" + "crypto/internal/fips140deps/byteorder" "errors" ) @@ -182,7 +182,7 @@ func (d *Digest) Write(p []byte) (nn int, err error) { } func (d *Digest) Sum(in []byte) []byte { - fips.RecordApproved() + fips140.RecordApproved() // Make a copy of d so that caller can keep writing and summing. d0 := *d hash := d0.checkSum() diff --git a/src/crypto/internal/fips/sha256/sha256block.go b/src/crypto/internal/fips140/sha256/sha256block.go similarity index 100% rename from src/crypto/internal/fips/sha256/sha256block.go rename to src/crypto/internal/fips140/sha256/sha256block.go diff --git a/src/crypto/internal/fips/sha256/sha256block_386.s b/src/crypto/internal/fips140/sha256/sha256block_386.s similarity index 100% rename from src/crypto/internal/fips/sha256/sha256block_386.s rename to src/crypto/internal/fips140/sha256/sha256block_386.s diff --git a/src/crypto/internal/fips/sha256/sha256block_amd64.go b/src/crypto/internal/fips140/sha256/sha256block_amd64.go similarity index 95% rename from src/crypto/internal/fips/sha256/sha256block_amd64.go rename to src/crypto/internal/fips140/sha256/sha256block_amd64.go index 05455ce7792715..291a565b1cc0b1 100644 --- a/src/crypto/internal/fips/sha256/sha256block_amd64.go +++ b/src/crypto/internal/fips140/sha256/sha256block_amd64.go @@ -7,7 +7,7 @@ package sha256 import ( - "crypto/internal/fipsdeps/cpu" + "crypto/internal/fips140deps/cpu" "crypto/internal/impl" ) diff --git a/src/crypto/internal/fips/sha256/sha256block_amd64.s b/src/crypto/internal/fips140/sha256/sha256block_amd64.s similarity index 100% rename from src/crypto/internal/fips/sha256/sha256block_amd64.s rename to src/crypto/internal/fips140/sha256/sha256block_amd64.s diff --git a/src/crypto/internal/fips/sha256/sha256block_arm64.go b/src/crypto/internal/fips140/sha256/sha256block_arm64.go similarity index 93% rename from src/crypto/internal/fips/sha256/sha256block_arm64.go rename to src/crypto/internal/fips140/sha256/sha256block_arm64.go index 3e96db0fb7675c..ee91b4af2cb9e8 100644 --- a/src/crypto/internal/fips/sha256/sha256block_arm64.go +++ b/src/crypto/internal/fips140/sha256/sha256block_arm64.go @@ -7,7 +7,7 @@ package sha256 import ( - "crypto/internal/fipsdeps/cpu" + "crypto/internal/fips140deps/cpu" "crypto/internal/impl" ) diff --git a/src/crypto/internal/fips/sha256/sha256block_arm64.s b/src/crypto/internal/fips140/sha256/sha256block_arm64.s similarity index 100% rename from src/crypto/internal/fips/sha256/sha256block_arm64.s rename to src/crypto/internal/fips140/sha256/sha256block_arm64.s diff --git a/src/crypto/internal/fips/sha256/sha256block_asm.go b/src/crypto/internal/fips140/sha256/sha256block_asm.go similarity index 100% rename from src/crypto/internal/fips/sha256/sha256block_asm.go rename to src/crypto/internal/fips140/sha256/sha256block_asm.go diff --git a/src/crypto/internal/fips/sha256/sha256block_loong64.s b/src/crypto/internal/fips140/sha256/sha256block_loong64.s similarity index 100% rename from src/crypto/internal/fips/sha256/sha256block_loong64.s rename to src/crypto/internal/fips140/sha256/sha256block_loong64.s diff --git a/src/crypto/internal/fips/sha256/sha256block_noasm.go b/src/crypto/internal/fips140/sha256/sha256block_noasm.go similarity index 100% rename from src/crypto/internal/fips/sha256/sha256block_noasm.go rename to src/crypto/internal/fips140/sha256/sha256block_noasm.go diff --git a/src/crypto/internal/fips/sha256/sha256block_ppc64x.go b/src/crypto/internal/fips140/sha256/sha256block_ppc64x.go similarity index 95% rename from src/crypto/internal/fips/sha256/sha256block_ppc64x.go rename to src/crypto/internal/fips140/sha256/sha256block_ppc64x.go index 102dc6b7139516..735b4fcab0b1ca 100644 --- a/src/crypto/internal/fips/sha256/sha256block_ppc64x.go +++ b/src/crypto/internal/fips140/sha256/sha256block_ppc64x.go @@ -7,7 +7,7 @@ package sha256 import ( - "crypto/internal/fipsdeps/godebug" + "crypto/internal/fips140deps/godebug" "crypto/internal/impl" ) diff --git a/src/crypto/internal/fips/sha256/sha256block_ppc64x.s b/src/crypto/internal/fips140/sha256/sha256block_ppc64x.s similarity index 100% rename from src/crypto/internal/fips/sha256/sha256block_ppc64x.s rename to src/crypto/internal/fips140/sha256/sha256block_ppc64x.s diff --git a/src/crypto/internal/fips/sha256/sha256block_riscv64.s b/src/crypto/internal/fips140/sha256/sha256block_riscv64.s similarity index 100% rename from src/crypto/internal/fips/sha256/sha256block_riscv64.s rename to src/crypto/internal/fips140/sha256/sha256block_riscv64.s diff --git a/src/crypto/internal/fips/sha256/sha256block_s390x.go b/src/crypto/internal/fips140/sha256/sha256block_s390x.go similarity index 94% rename from src/crypto/internal/fips/sha256/sha256block_s390x.go rename to src/crypto/internal/fips140/sha256/sha256block_s390x.go index f99f4ccb75a27a..503c3e49520572 100644 --- a/src/crypto/internal/fips/sha256/sha256block_s390x.go +++ b/src/crypto/internal/fips140/sha256/sha256block_s390x.go @@ -7,7 +7,7 @@ package sha256 import ( - "crypto/internal/fipsdeps/cpu" + "crypto/internal/fips140deps/cpu" "crypto/internal/impl" ) diff --git a/src/crypto/internal/fips/sha256/sha256block_s390x.s b/src/crypto/internal/fips140/sha256/sha256block_s390x.s similarity index 100% rename from src/crypto/internal/fips/sha256/sha256block_s390x.s rename to src/crypto/internal/fips140/sha256/sha256block_s390x.s diff --git a/src/crypto/internal/fips/sha3/_asm/go.mod b/src/crypto/internal/fips140/sha3/_asm/go.mod similarity index 100% rename from src/crypto/internal/fips/sha3/_asm/go.mod rename to src/crypto/internal/fips140/sha3/_asm/go.mod diff --git a/src/crypto/internal/fips/sha3/_asm/go.sum b/src/crypto/internal/fips140/sha3/_asm/go.sum similarity index 100% rename from src/crypto/internal/fips/sha3/_asm/go.sum rename to src/crypto/internal/fips140/sha3/_asm/go.sum diff --git a/src/crypto/internal/fips/sha3/_asm/keccakf_amd64_asm.go b/src/crypto/internal/fips140/sha3/_asm/keccakf_amd64_asm.go similarity index 99% rename from src/crypto/internal/fips/sha3/_asm/keccakf_amd64_asm.go rename to src/crypto/internal/fips140/sha3/_asm/keccakf_amd64_asm.go index bdaafb72c5b0b6..02242c9a015d57 100644 --- a/src/crypto/internal/fips/sha3/_asm/keccakf_amd64_asm.go +++ b/src/crypto/internal/fips140/sha3/_asm/keccakf_amd64_asm.go @@ -106,7 +106,7 @@ func main() { os.Setenv("GOOS", "linux") os.Setenv("GOARCH", "amd64") - Package("crypto/internal/fips/sha3") + Package("crypto/internal/fips140/sha3") ConstraintExpr("!purego") keccakF1600() Generate() diff --git a/src/crypto/internal/fips/sha3/cast.go b/src/crypto/internal/fips140/sha3/cast.go similarity index 91% rename from src/crypto/internal/fips/sha3/cast.go rename to src/crypto/internal/fips140/sha3/cast.go index 6173f5b147e5af..4a1ef486a2daad 100644 --- a/src/crypto/internal/fips/sha3/cast.go +++ b/src/crypto/internal/fips140/sha3/cast.go @@ -6,12 +6,12 @@ package sha3 import ( "bytes" - "crypto/internal/fips" + "crypto/internal/fips140" "errors" ) func init() { - fips.CAST("cSHAKE128", func() error { + fips140.CAST("cSHAKE128", func() error { input := []byte{ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, diff --git a/src/crypto/internal/fips/sha3/hashes.go b/src/crypto/internal/fips140/sha3/hashes.go similarity index 100% rename from src/crypto/internal/fips/sha3/hashes.go rename to src/crypto/internal/fips140/sha3/hashes.go diff --git a/src/crypto/internal/fips/sha3/keccakf.go b/src/crypto/internal/fips140/sha3/keccakf.go similarity index 99% rename from src/crypto/internal/fips/sha3/keccakf.go rename to src/crypto/internal/fips140/sha3/keccakf.go index 19d697bd0f7476..398b1250008e11 100644 --- a/src/crypto/internal/fips/sha3/keccakf.go +++ b/src/crypto/internal/fips140/sha3/keccakf.go @@ -5,8 +5,8 @@ package sha3 import ( - "crypto/internal/fipsdeps/byteorder" - "crypto/internal/fipsdeps/cpu" + "crypto/internal/fips140deps/byteorder" + "crypto/internal/fips140deps/cpu" "math/bits" "unsafe" ) diff --git a/src/crypto/internal/fips/sha3/sha3.go b/src/crypto/internal/fips140/sha3/sha3.go similarity index 98% rename from src/crypto/internal/fips/sha3/sha3.go rename to src/crypto/internal/fips140/sha3/sha3.go index 90c8a6ac729e3d..7513f8ef5da586 100644 --- a/src/crypto/internal/fips/sha3/sha3.go +++ b/src/crypto/internal/fips140/sha3/sha3.go @@ -11,8 +11,8 @@ package sha3 import ( - "crypto/internal/fips" - "crypto/internal/fips/subtle" + "crypto/internal/fips140" + "crypto/internal/fips140/subtle" "errors" ) @@ -146,7 +146,7 @@ func (d *Digest) readGeneric(out []byte) (n int, err error) { // Sum appends the current hash to b and returns the resulting slice. // It does not change the underlying hash state. func (d *Digest) Sum(b []byte) []byte { - fips.RecordApproved() + fips140.RecordApproved() return d.sum(b) } diff --git a/src/crypto/internal/fips/sha3/sha3_amd64.go b/src/crypto/internal/fips140/sha3/sha3_amd64.go similarity index 100% rename from src/crypto/internal/fips/sha3/sha3_amd64.go rename to src/crypto/internal/fips140/sha3/sha3_amd64.go diff --git a/src/crypto/internal/fips/sha3/sha3_amd64.s b/src/crypto/internal/fips140/sha3/sha3_amd64.s similarity index 100% rename from src/crypto/internal/fips/sha3/sha3_amd64.s rename to src/crypto/internal/fips140/sha3/sha3_amd64.s diff --git a/src/crypto/internal/fips/sha3/sha3_noasm.go b/src/crypto/internal/fips140/sha3/sha3_noasm.go similarity index 100% rename from src/crypto/internal/fips/sha3/sha3_noasm.go rename to src/crypto/internal/fips140/sha3/sha3_noasm.go diff --git a/src/crypto/internal/fips/sha3/sha3_s390x.go b/src/crypto/internal/fips140/sha3/sha3_s390x.go similarity index 98% rename from src/crypto/internal/fips/sha3/sha3_s390x.go rename to src/crypto/internal/fips140/sha3/sha3_s390x.go index 5e749e3d246ae0..0afc9b9aa1e349 100644 --- a/src/crypto/internal/fips/sha3/sha3_s390x.go +++ b/src/crypto/internal/fips140/sha3/sha3_s390x.go @@ -7,8 +7,8 @@ package sha3 import ( - "crypto/internal/fips/subtle" - "crypto/internal/fipsdeps/cpu" + "crypto/internal/fips140/subtle" + "crypto/internal/fips140deps/cpu" "crypto/internal/impl" ) diff --git a/src/crypto/internal/fips/sha3/sha3_s390x.s b/src/crypto/internal/fips140/sha3/sha3_s390x.s similarity index 100% rename from src/crypto/internal/fips/sha3/sha3_s390x.s rename to src/crypto/internal/fips140/sha3/sha3_s390x.s diff --git a/src/crypto/internal/fips/sha3/shake.go b/src/crypto/internal/fips140/sha3/shake.go similarity index 97% rename from src/crypto/internal/fips/sha3/shake.go rename to src/crypto/internal/fips140/sha3/shake.go index 6bda24e42f3fe8..fc5a60a1303856 100644 --- a/src/crypto/internal/fips/sha3/shake.go +++ b/src/crypto/internal/fips140/sha3/shake.go @@ -6,8 +6,8 @@ package sha3 import ( "bytes" - "crypto/internal/fips" - "crypto/internal/fipsdeps/byteorder" + "crypto/internal/fips140" + "crypto/internal/fips140deps/byteorder" "errors" "math/bits" ) @@ -72,7 +72,7 @@ func (s *SHAKE) Sum(in []byte) []byte { return s.d.Sum(in) } func (s *SHAKE) Write(p []byte) (n int, err error) { return s.d.Write(p) } func (s *SHAKE) Read(out []byte) (n int, err error) { - fips.RecordApproved() + fips140.RecordApproved() // Note that read is not exposed on Digest since SHA-3 does not offer // variable output length. It is only used internally by Sum. return s.d.read(out) diff --git a/src/crypto/internal/fips/sha512/_asm/go.mod b/src/crypto/internal/fips140/sha512/_asm/go.mod similarity index 100% rename from src/crypto/internal/fips/sha512/_asm/go.mod rename to src/crypto/internal/fips140/sha512/_asm/go.mod diff --git a/src/crypto/internal/fips/sha512/_asm/go.sum b/src/crypto/internal/fips140/sha512/_asm/go.sum similarity index 100% rename from src/crypto/internal/fips/sha512/_asm/go.sum rename to src/crypto/internal/fips140/sha512/_asm/go.sum diff --git a/src/crypto/internal/fips/sha512/_asm/sha512block_amd64_asm.go b/src/crypto/internal/fips140/sha512/_asm/sha512block_amd64_asm.go similarity index 99% rename from src/crypto/internal/fips/sha512/_asm/sha512block_amd64_asm.go rename to src/crypto/internal/fips140/sha512/_asm/sha512block_amd64_asm.go index 642f4a2fb29966..ed7b1766bf4fda 100644 --- a/src/crypto/internal/fips/sha512/_asm/sha512block_amd64_asm.go +++ b/src/crypto/internal/fips140/sha512/_asm/sha512block_amd64_asm.go @@ -144,7 +144,7 @@ func main() { os.Setenv("GOOS", "linux") os.Setenv("GOARCH", "amd64") - Package("crypto/internal/fips/sha512") + Package("crypto/internal/fips140/sha512") ConstraintExpr("!purego") blockAMD64() blockAVX2() diff --git a/src/crypto/internal/fips/sha512/cast.go b/src/crypto/internal/fips140/sha512/cast.go similarity index 93% rename from src/crypto/internal/fips/sha512/cast.go rename to src/crypto/internal/fips140/sha512/cast.go index 94e95667bb5bba..6feba3de090cbc 100644 --- a/src/crypto/internal/fips/sha512/cast.go +++ b/src/crypto/internal/fips140/sha512/cast.go @@ -6,12 +6,12 @@ package sha512 import ( "bytes" - "crypto/internal/fips" + "crypto/internal/fips140" "errors" ) func init() { - fips.CAST("SHA2-512", func() error { + fips140.CAST("SHA2-512", func() error { input := []byte{ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, diff --git a/src/crypto/internal/fips/sha512/sha512.go b/src/crypto/internal/fips140/sha512/sha512.go similarity index 98% rename from src/crypto/internal/fips/sha512/sha512.go rename to src/crypto/internal/fips140/sha512/sha512.go index ee0bdea92ade7f..55c90a8cd68cdf 100644 --- a/src/crypto/internal/fips/sha512/sha512.go +++ b/src/crypto/internal/fips140/sha512/sha512.go @@ -7,8 +7,8 @@ package sha512 import ( - "crypto/internal/fips" - "crypto/internal/fipsdeps/byteorder" + "crypto/internal/fips140" + "crypto/internal/fips140deps/byteorder" "errors" ) @@ -252,7 +252,7 @@ func (d *Digest) Write(p []byte) (nn int, err error) { } func (d *Digest) Sum(in []byte) []byte { - fips.RecordApproved() + fips140.RecordApproved() // Make a copy of d so that caller can keep writing and summing. d0 := new(Digest) *d0 = *d diff --git a/src/crypto/internal/fips/sha512/sha512block.go b/src/crypto/internal/fips140/sha512/sha512block.go similarity index 100% rename from src/crypto/internal/fips/sha512/sha512block.go rename to src/crypto/internal/fips140/sha512/sha512block.go diff --git a/src/crypto/internal/fips/sha512/sha512block_amd64.go b/src/crypto/internal/fips140/sha512/sha512block_amd64.go similarity index 94% rename from src/crypto/internal/fips/sha512/sha512block_amd64.go rename to src/crypto/internal/fips140/sha512/sha512block_amd64.go index a633f8f6040b65..185909ec5d4a13 100644 --- a/src/crypto/internal/fips/sha512/sha512block_amd64.go +++ b/src/crypto/internal/fips140/sha512/sha512block_amd64.go @@ -7,7 +7,7 @@ package sha512 import ( - "crypto/internal/fipsdeps/cpu" + "crypto/internal/fips140deps/cpu" "crypto/internal/impl" ) diff --git a/src/crypto/internal/fips/sha512/sha512block_amd64.s b/src/crypto/internal/fips140/sha512/sha512block_amd64.s similarity index 100% rename from src/crypto/internal/fips/sha512/sha512block_amd64.s rename to src/crypto/internal/fips140/sha512/sha512block_amd64.s diff --git a/src/crypto/internal/fips/sha512/sha512block_arm64.go b/src/crypto/internal/fips140/sha512/sha512block_arm64.go similarity index 93% rename from src/crypto/internal/fips/sha512/sha512block_arm64.go rename to src/crypto/internal/fips140/sha512/sha512block_arm64.go index cf6733b862ff62..d6a3ab06ee8fc6 100644 --- a/src/crypto/internal/fips/sha512/sha512block_arm64.go +++ b/src/crypto/internal/fips140/sha512/sha512block_arm64.go @@ -7,7 +7,7 @@ package sha512 import ( - "crypto/internal/fipsdeps/cpu" + "crypto/internal/fips140deps/cpu" "crypto/internal/impl" ) diff --git a/src/crypto/internal/fips/sha512/sha512block_arm64.s b/src/crypto/internal/fips140/sha512/sha512block_arm64.s similarity index 100% rename from src/crypto/internal/fips/sha512/sha512block_arm64.s rename to src/crypto/internal/fips140/sha512/sha512block_arm64.s diff --git a/src/crypto/internal/fips/sha512/sha512block_asm.go b/src/crypto/internal/fips140/sha512/sha512block_asm.go similarity index 100% rename from src/crypto/internal/fips/sha512/sha512block_asm.go rename to src/crypto/internal/fips140/sha512/sha512block_asm.go diff --git a/src/crypto/internal/fips/sha512/sha512block_loong64.s b/src/crypto/internal/fips140/sha512/sha512block_loong64.s similarity index 100% rename from src/crypto/internal/fips/sha512/sha512block_loong64.s rename to src/crypto/internal/fips140/sha512/sha512block_loong64.s diff --git a/src/crypto/internal/fips/sha512/sha512block_noasm.go b/src/crypto/internal/fips140/sha512/sha512block_noasm.go similarity index 100% rename from src/crypto/internal/fips/sha512/sha512block_noasm.go rename to src/crypto/internal/fips140/sha512/sha512block_noasm.go diff --git a/src/crypto/internal/fips/sha512/sha512block_ppc64x.go b/src/crypto/internal/fips140/sha512/sha512block_ppc64x.go similarity index 95% rename from src/crypto/internal/fips/sha512/sha512block_ppc64x.go rename to src/crypto/internal/fips140/sha512/sha512block_ppc64x.go index c0040e3b7d9b10..e5098d39708228 100644 --- a/src/crypto/internal/fips/sha512/sha512block_ppc64x.go +++ b/src/crypto/internal/fips140/sha512/sha512block_ppc64x.go @@ -7,7 +7,7 @@ package sha512 import ( - "crypto/internal/fipsdeps/godebug" + "crypto/internal/fips140deps/godebug" "crypto/internal/impl" ) diff --git a/src/crypto/internal/fips/sha512/sha512block_ppc64x.s b/src/crypto/internal/fips140/sha512/sha512block_ppc64x.s similarity index 100% rename from src/crypto/internal/fips/sha512/sha512block_ppc64x.s rename to src/crypto/internal/fips140/sha512/sha512block_ppc64x.s diff --git a/src/crypto/internal/fips/sha512/sha512block_riscv64.s b/src/crypto/internal/fips140/sha512/sha512block_riscv64.s similarity index 100% rename from src/crypto/internal/fips/sha512/sha512block_riscv64.s rename to src/crypto/internal/fips140/sha512/sha512block_riscv64.s diff --git a/src/crypto/internal/fips/sha512/sha512block_s390x.go b/src/crypto/internal/fips140/sha512/sha512block_s390x.go similarity index 94% rename from src/crypto/internal/fips/sha512/sha512block_s390x.go rename to src/crypto/internal/fips140/sha512/sha512block_s390x.go index f665c57a036aa1..175424068ee1b6 100644 --- a/src/crypto/internal/fips/sha512/sha512block_s390x.go +++ b/src/crypto/internal/fips140/sha512/sha512block_s390x.go @@ -7,7 +7,7 @@ package sha512 import ( - "crypto/internal/fipsdeps/cpu" + "crypto/internal/fips140deps/cpu" "crypto/internal/impl" ) diff --git a/src/crypto/internal/fips/sha512/sha512block_s390x.s b/src/crypto/internal/fips140/sha512/sha512block_s390x.s similarity index 100% rename from src/crypto/internal/fips/sha512/sha512block_s390x.s rename to src/crypto/internal/fips140/sha512/sha512block_s390x.s diff --git a/src/crypto/internal/fips/ssh/kdf.go b/src/crypto/internal/fips140/ssh/kdf.go similarity index 90% rename from src/crypto/internal/fips/ssh/kdf.go rename to src/crypto/internal/fips140/ssh/kdf.go index defcb7f47c2898..837af199c450a5 100644 --- a/src/crypto/internal/fips/ssh/kdf.go +++ b/src/crypto/internal/fips140/ssh/kdf.go @@ -7,8 +7,8 @@ package ssh import ( - "crypto/internal/fips" - _ "crypto/internal/fips/check" + "crypto/internal/fips140" + _ "crypto/internal/fips140/check" ) type Direction struct { @@ -24,7 +24,7 @@ func init() { ClientKeys = Direction{[]byte{'A'}, []byte{'C'}, []byte{'E'}} } -func Keys[Hash fips.Hash](hash func() Hash, d Direction, +func Keys[Hash fips140.Hash](hash func() Hash, d Direction, K, H, sessionID []byte, ivKeyLen, keyLen, macKeyLen int, ) (ivKey, key, macKey []byte) { diff --git a/src/crypto/internal/fips/subtle/constant_time.go b/src/crypto/internal/fips140/subtle/constant_time.go similarity index 100% rename from src/crypto/internal/fips/subtle/constant_time.go rename to src/crypto/internal/fips140/subtle/constant_time.go diff --git a/src/crypto/internal/fips/subtle/xor.go b/src/crypto/internal/fips140/subtle/xor.go similarity index 95% rename from src/crypto/internal/fips/subtle/xor.go rename to src/crypto/internal/fips140/subtle/xor.go index 76e8ee036d8040..b1e22ff36e387f 100644 --- a/src/crypto/internal/fips/subtle/xor.go +++ b/src/crypto/internal/fips140/subtle/xor.go @@ -4,7 +4,7 @@ package subtle -import "crypto/internal/fips/alias" +import "crypto/internal/fips140/alias" // XORBytes sets dst[i] = x[i] ^ y[i] for all i < n = min(len(x), len(y)), // returning n, the number of bytes written to dst. diff --git a/src/crypto/internal/fips/subtle/xor_amd64.go b/src/crypto/internal/fips140/subtle/xor_amd64.go similarity index 100% rename from src/crypto/internal/fips/subtle/xor_amd64.go rename to src/crypto/internal/fips140/subtle/xor_amd64.go diff --git a/src/crypto/internal/fips/subtle/xor_amd64.s b/src/crypto/internal/fips140/subtle/xor_amd64.s similarity index 100% rename from src/crypto/internal/fips/subtle/xor_amd64.s rename to src/crypto/internal/fips140/subtle/xor_amd64.s diff --git a/src/crypto/internal/fips/subtle/xor_arm64.go b/src/crypto/internal/fips140/subtle/xor_arm64.go similarity index 100% rename from src/crypto/internal/fips/subtle/xor_arm64.go rename to src/crypto/internal/fips140/subtle/xor_arm64.go diff --git a/src/crypto/internal/fips/subtle/xor_arm64.s b/src/crypto/internal/fips140/subtle/xor_arm64.s similarity index 100% rename from src/crypto/internal/fips/subtle/xor_arm64.s rename to src/crypto/internal/fips140/subtle/xor_arm64.s diff --git a/src/crypto/internal/fips/subtle/xor_generic.go b/src/crypto/internal/fips140/subtle/xor_generic.go similarity index 100% rename from src/crypto/internal/fips/subtle/xor_generic.go rename to src/crypto/internal/fips140/subtle/xor_generic.go diff --git a/src/crypto/internal/fips/subtle/xor_loong64.go b/src/crypto/internal/fips140/subtle/xor_loong64.go similarity index 100% rename from src/crypto/internal/fips/subtle/xor_loong64.go rename to src/crypto/internal/fips140/subtle/xor_loong64.go diff --git a/src/crypto/internal/fips/subtle/xor_loong64.s b/src/crypto/internal/fips140/subtle/xor_loong64.s similarity index 100% rename from src/crypto/internal/fips/subtle/xor_loong64.s rename to src/crypto/internal/fips140/subtle/xor_loong64.s diff --git a/src/crypto/internal/fips/subtle/xor_ppc64x.go b/src/crypto/internal/fips140/subtle/xor_ppc64x.go similarity index 100% rename from src/crypto/internal/fips/subtle/xor_ppc64x.go rename to src/crypto/internal/fips140/subtle/xor_ppc64x.go diff --git a/src/crypto/internal/fips/subtle/xor_ppc64x.s b/src/crypto/internal/fips140/subtle/xor_ppc64x.s similarity index 100% rename from src/crypto/internal/fips/subtle/xor_ppc64x.s rename to src/crypto/internal/fips140/subtle/xor_ppc64x.s diff --git a/src/crypto/internal/fips/tls12/cast.go b/src/crypto/internal/fips140/tls12/cast.go similarity index 86% rename from src/crypto/internal/fips/tls12/cast.go rename to src/crypto/internal/fips140/tls12/cast.go index 33cbd1514a9e1e..d77bf413355ac1 100644 --- a/src/crypto/internal/fips/tls12/cast.go +++ b/src/crypto/internal/fips140/tls12/cast.go @@ -6,14 +6,14 @@ package tls12 import ( "bytes" - "crypto/internal/fips" - _ "crypto/internal/fips/check" - "crypto/internal/fips/sha256" + "crypto/internal/fips140" + _ "crypto/internal/fips140/check" + "crypto/internal/fips140/sha256" "errors" ) func init() { - fips.CAST("TLSv1.2-SHA2-256", func() error { + fips140.CAST("TLSv1.2-SHA2-256", func() error { input := []byte{ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, diff --git a/src/crypto/internal/fips/tls12/tls12.go b/src/crypto/internal/fips140/tls12/tls12.go similarity index 75% rename from src/crypto/internal/fips/tls12/tls12.go rename to src/crypto/internal/fips140/tls12/tls12.go index 0a70e9d963f030..b07e02c85f2ff8 100644 --- a/src/crypto/internal/fips/tls12/tls12.go +++ b/src/crypto/internal/fips140/tls12/tls12.go @@ -5,15 +5,15 @@ package tls12 import ( - "crypto/internal/fips" - "crypto/internal/fips/hmac" - "crypto/internal/fips/sha256" - "crypto/internal/fips/sha512" + "crypto/internal/fips140" + "crypto/internal/fips140/hmac" + "crypto/internal/fips140/sha256" + "crypto/internal/fips140/sha512" ) // PRF implements the TLS 1.2 pseudo-random function, as defined in RFC 5246, // Section 5 and allowed by SP 800-135, Revision 1, Section 4.2.2. -func PRF[H fips.Hash](hash func() H, secret []byte, label string, seed []byte, keyLen int) []byte { +func PRF[H fips140.Hash](hash func() H, secret []byte, label string, seed []byte, keyLen int) []byte { labelAndSeed := make([]byte, len(label)+len(seed)) copy(labelAndSeed, label) copy(labelAndSeed[len(label):], seed) @@ -24,7 +24,7 @@ func PRF[H fips.Hash](hash func() H, secret []byte, label string, seed []byte, k } // pHash implements the P_hash function, as defined in RFC 5246, Section 5. -func pHash[H fips.Hash](hash func() H, result, secret, seed []byte) { +func pHash[H fips140.Hash](hash func() H, result, secret, seed []byte) { h := hmac.New(hash, secret) h.Write(seed) a := h.Sum(nil) @@ -48,21 +48,21 @@ const extendedMasterSecretLabel = "extended master secret" // MasterSecret implements the TLS 1.2 extended master secret derivation, as // defined in RFC 7627 and allowed by SP 800-135, Revision 1, Section 4.2.2. -func MasterSecret[H fips.Hash](hash func() H, preMasterSecret, transcript []byte) []byte { +func MasterSecret[H fips140.Hash](hash func() H, preMasterSecret, transcript []byte) []byte { // "The TLS 1.2 KDF is an approved KDF when the following conditions are // satisfied: [...] (3) P_HASH uses either SHA-256, SHA-384 or SHA-512." h := hash() switch any(h).(type) { case *sha256.Digest: if h.Size() != 32 { - fips.RecordNonApproved() + fips140.RecordNonApproved() } case *sha512.Digest: if h.Size() != 46 && h.Size() != 64 { - fips.RecordNonApproved() + fips140.RecordNonApproved() } default: - fips.RecordNonApproved() + fips140.RecordNonApproved() } return PRF(hash, preMasterSecret, extendedMasterSecretLabel, transcript, masterSecretLength) diff --git a/src/crypto/internal/fips/tls13/cast.go b/src/crypto/internal/fips140/tls13/cast.go similarity index 85% rename from src/crypto/internal/fips/tls13/cast.go rename to src/crypto/internal/fips140/tls13/cast.go index 9b727afdc40d4b..ad1fe6e46026a6 100644 --- a/src/crypto/internal/fips/tls13/cast.go +++ b/src/crypto/internal/fips140/tls13/cast.go @@ -6,14 +6,14 @@ package tls13 import ( "bytes" - "crypto/internal/fips" - _ "crypto/internal/fips/check" - "crypto/internal/fips/sha256" + "crypto/internal/fips140" + _ "crypto/internal/fips140/check" + "crypto/internal/fips140/sha256" "errors" ) func init() { - fips.CAST("TLSv1.3-SHA2-256", func() error { + fips140.CAST("TLSv1.3-SHA2-256", func() error { input := []byte{ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, diff --git a/src/crypto/internal/fips/tls13/tls13.go b/src/crypto/internal/fips140/tls13/tls13.go similarity index 83% rename from src/crypto/internal/fips/tls13/tls13.go rename to src/crypto/internal/fips140/tls13/tls13.go index b712af3670f6d2..f2c8250f3b4b20 100644 --- a/src/crypto/internal/fips/tls13/tls13.go +++ b/src/crypto/internal/fips140/tls13/tls13.go @@ -7,9 +7,9 @@ package tls13 import ( - "crypto/internal/fips" - "crypto/internal/fips/hkdf" - "crypto/internal/fipsdeps/byteorder" + "crypto/internal/fips140" + "crypto/internal/fips140/hkdf" + "crypto/internal/fips140deps/byteorder" ) // We don't set the service indicator in this package but we delegate that to @@ -17,7 +17,7 @@ import ( // its own. // ExpandLabel implements HKDF-Expand-Label from RFC 8446, Section 7.1. -func ExpandLabel[H fips.Hash](hash func() H, secret []byte, label string, context []byte, length int) []byte { +func ExpandLabel[H fips140.Hash](hash func() H, secret []byte, label string, context []byte, length int) []byte { if len("tls13 ")+len(label) > 255 || len(context) > 255 { // It should be impossible for this to panic: labels are fixed strings, // and context is either a fixed-length computed hash, or parsed from a @@ -39,14 +39,14 @@ func ExpandLabel[H fips.Hash](hash func() H, secret []byte, label string, contex return hkdf.Expand(hash, secret, hkdfLabel, length) } -func extract[H fips.Hash](hash func() H, newSecret, currentSecret []byte) []byte { +func extract[H fips140.Hash](hash func() H, newSecret, currentSecret []byte) []byte { if newSecret == nil { newSecret = make([]byte, hash().Size()) } return hkdf.Extract(hash, newSecret, currentSecret) } -func deriveSecret[H fips.Hash](hash func() H, secret []byte, label string, transcript fips.Hash) []byte { +func deriveSecret[H fips140.Hash](hash func() H, secret []byte, label string, transcript fips140.Hash) []byte { if transcript == nil { transcript = hash() } @@ -67,13 +67,13 @@ const ( type EarlySecret struct { secret []byte - hash func() fips.Hash + hash func() fips140.Hash } -func NewEarlySecret[H fips.Hash](hash func() H, psk []byte) *EarlySecret { +func NewEarlySecret[H fips140.Hash](hash func() H, psk []byte) *EarlySecret { return &EarlySecret{ secret: extract(hash, psk, nil), - hash: func() fips.Hash { return hash() }, + hash: func() fips140.Hash { return hash() }, } } @@ -83,13 +83,13 @@ func (s *EarlySecret) ResumptionBinderKey() []byte { // ClientEarlyTrafficSecret derives the client_early_traffic_secret from the // early secret and the transcript up to the ClientHello. -func (s *EarlySecret) ClientEarlyTrafficSecret(transcript fips.Hash) []byte { +func (s *EarlySecret) ClientEarlyTrafficSecret(transcript fips140.Hash) []byte { return deriveSecret(s.hash, s.secret, clientEarlyTrafficLabel, transcript) } type HandshakeSecret struct { secret []byte - hash func() fips.Hash + hash func() fips140.Hash } func (s *EarlySecret) HandshakeSecret(sharedSecret []byte) *HandshakeSecret { @@ -102,19 +102,19 @@ func (s *EarlySecret) HandshakeSecret(sharedSecret []byte) *HandshakeSecret { // ClientHandshakeTrafficSecret derives the client_handshake_traffic_secret from // the handshake secret and the transcript up to the ServerHello. -func (s *HandshakeSecret) ClientHandshakeTrafficSecret(transcript fips.Hash) []byte { +func (s *HandshakeSecret) ClientHandshakeTrafficSecret(transcript fips140.Hash) []byte { return deriveSecret(s.hash, s.secret, clientHandshakeTrafficLabel, transcript) } // ServerHandshakeTrafficSecret derives the server_handshake_traffic_secret from // the handshake secret and the transcript up to the ServerHello. -func (s *HandshakeSecret) ServerHandshakeTrafficSecret(transcript fips.Hash) []byte { +func (s *HandshakeSecret) ServerHandshakeTrafficSecret(transcript fips140.Hash) []byte { return deriveSecret(s.hash, s.secret, serverHandshakeTrafficLabel, transcript) } type MasterSecret struct { secret []byte - hash func() fips.Hash + hash func() fips140.Hash } func (s *HandshakeSecret) MasterSecret() *MasterSecret { @@ -127,30 +127,30 @@ func (s *HandshakeSecret) MasterSecret() *MasterSecret { // ClientApplicationTrafficSecret derives the client_application_traffic_secret_0 // from the master secret and the transcript up to the server Finished. -func (s *MasterSecret) ClientApplicationTrafficSecret(transcript fips.Hash) []byte { +func (s *MasterSecret) ClientApplicationTrafficSecret(transcript fips140.Hash) []byte { return deriveSecret(s.hash, s.secret, clientApplicationTrafficLabel, transcript) } // ServerApplicationTrafficSecret derives the server_application_traffic_secret_0 // from the master secret and the transcript up to the server Finished. -func (s *MasterSecret) ServerApplicationTrafficSecret(transcript fips.Hash) []byte { +func (s *MasterSecret) ServerApplicationTrafficSecret(transcript fips140.Hash) []byte { return deriveSecret(s.hash, s.secret, serverApplicationTrafficLabel, transcript) } // ResumptionMasterSecret derives the resumption_master_secret from the master secret // and the transcript up to the client Finished. -func (s *MasterSecret) ResumptionMasterSecret(transcript fips.Hash) []byte { +func (s *MasterSecret) ResumptionMasterSecret(transcript fips140.Hash) []byte { return deriveSecret(s.hash, s.secret, resumptionLabel, transcript) } type ExporterMasterSecret struct { secret []byte - hash func() fips.Hash + hash func() fips140.Hash } // ExporterMasterSecret derives the exporter_master_secret from the master secret // and the transcript up to the server Finished. -func (s *MasterSecret) ExporterMasterSecret(transcript fips.Hash) *ExporterMasterSecret { +func (s *MasterSecret) ExporterMasterSecret(transcript fips140.Hash) *ExporterMasterSecret { return &ExporterMasterSecret{ secret: deriveSecret(s.hash, s.secret, exporterLabel, transcript), hash: s.hash, @@ -159,7 +159,7 @@ func (s *MasterSecret) ExporterMasterSecret(transcript fips.Hash) *ExporterMaste // EarlyExporterMasterSecret derives the exporter_master_secret from the early secret // and the transcript up to the ClientHello. -func (s *EarlySecret) EarlyExporterMasterSecret(transcript fips.Hash) *ExporterMasterSecret { +func (s *EarlySecret) EarlyExporterMasterSecret(transcript fips140.Hash) *ExporterMasterSecret { return &ExporterMasterSecret{ secret: deriveSecret(s.hash, s.secret, earlyExporterLabel, transcript), hash: s.hash, diff --git a/src/crypto/internal/fipsdeps/byteorder/byteorder.go b/src/crypto/internal/fips140deps/byteorder/byteorder.go similarity index 100% rename from src/crypto/internal/fipsdeps/byteorder/byteorder.go rename to src/crypto/internal/fips140deps/byteorder/byteorder.go diff --git a/src/crypto/internal/fipsdeps/cpu/cpu.go b/src/crypto/internal/fips140deps/cpu/cpu.go similarity index 100% rename from src/crypto/internal/fipsdeps/cpu/cpu.go rename to src/crypto/internal/fips140deps/cpu/cpu.go diff --git a/src/crypto/internal/fipsdeps/fipsdeps.go b/src/crypto/internal/fips140deps/fipsdeps.go similarity index 96% rename from src/crypto/internal/fipsdeps/fipsdeps.go rename to src/crypto/internal/fips140deps/fipsdeps.go index b89e0952551eef..307144339f416a 100644 --- a/src/crypto/internal/fipsdeps/fipsdeps.go +++ b/src/crypto/internal/fips140deps/fipsdeps.go @@ -4,6 +4,6 @@ // Package fipsdeps contains wrapper packages for internal APIs that are exposed // to the FIPS module. Since modules are frozen upon validation and supported -// for a number of future versions, APIs exposed by crypto/internal/fipsdeps/... +// for a number of future versions, APIs exposed by crypto/internal/fips140deps/... // must not be changed until the modules that use them are no longer supported. package fipsdeps diff --git a/src/crypto/internal/fipsdeps/fipsdeps_test.go b/src/crypto/internal/fips140deps/fipsdeps_test.go similarity index 77% rename from src/crypto/internal/fipsdeps/fipsdeps_test.go rename to src/crypto/internal/fips140deps/fipsdeps_test.go index d9f6b684f8f07f..488cc1caa58ccc 100644 --- a/src/crypto/internal/fipsdeps/fipsdeps_test.go +++ b/src/crypto/internal/fips140deps/fipsdeps_test.go @@ -39,7 +39,7 @@ func TestImports(t *testing.T) { {{end -}} {{range .XTestImports -}} {{$path}} {{.}} -{{end -}}`, "crypto/internal/fips/...") +{{end -}}`, "crypto/internal/fips140/...") out, err := cmd.CombinedOutput() if err != nil { t.Fatalf("go list: %v\n%s", err, out) @@ -47,7 +47,7 @@ func TestImports(t *testing.T) { allPackages := make(map[string]bool) - // importCheck is the set of packages that import crypto/internal/fips/check. + // importCheck is the set of packages that import crypto/internal/fips140/check. importCheck := make(map[string]bool) for _, line := range strings.Split(string(out), "\n") { @@ -58,16 +58,16 @@ func TestImports(t *testing.T) { allPackages[pkg] = true - if importedPkg == "crypto/internal/fips/check" { + if importedPkg == "crypto/internal/fips140/check" { importCheck[pkg] = true } // Ensure we don't import any unexpected internal package from the FIPS // module, since we can't change the module source after it starts // validation. This locks in the API of otherwise internal packages. - if importedPkg == "crypto/internal/fips" || - strings.HasPrefix(importedPkg, "crypto/internal/fips/") || - strings.HasPrefix(importedPkg, "crypto/internal/fipsdeps/") { + if importedPkg == "crypto/internal/fips140" || + strings.HasPrefix(importedPkg, "crypto/internal/fips140/") || + strings.HasPrefix(importedPkg, "crypto/internal/fips140deps/") { continue } if AllowedInternalPackages[importedPkg] { @@ -81,17 +81,17 @@ func TestImports(t *testing.T) { // Ensure that all packages except check and check's dependencies import check. for pkg := range allPackages { switch pkg { - case "crypto/internal/fips/check": - case "crypto/internal/fips": - case "crypto/internal/fips/alias": - case "crypto/internal/fips/subtle": - case "crypto/internal/fips/hmac": - case "crypto/internal/fips/sha3": - case "crypto/internal/fips/sha256": - case "crypto/internal/fips/sha512": + case "crypto/internal/fips140/check": + case "crypto/internal/fips140": + case "crypto/internal/fips140/alias": + case "crypto/internal/fips140/subtle": + case "crypto/internal/fips140/hmac": + case "crypto/internal/fips140/sha3": + case "crypto/internal/fips140/sha256": + case "crypto/internal/fips140/sha512": default: if !importCheck[pkg] { - t.Errorf("package %s does not import crypto/internal/fips/check", pkg) + t.Errorf("package %s does not import crypto/internal/fips140/check", pkg) } } } diff --git a/src/crypto/internal/fipsdeps/godebug/godebug.go b/src/crypto/internal/fips140deps/godebug/godebug.go similarity index 100% rename from src/crypto/internal/fipsdeps/godebug/godebug.go rename to src/crypto/internal/fips140deps/godebug/godebug.go diff --git a/src/crypto/internal/fipstest/acvp_capabilities.json b/src/crypto/internal/fips140test/acvp_capabilities.json similarity index 100% rename from src/crypto/internal/fipstest/acvp_capabilities.json rename to src/crypto/internal/fips140test/acvp_capabilities.json diff --git a/src/crypto/internal/fipstest/acvp_test.config.json b/src/crypto/internal/fips140test/acvp_test.config.json similarity index 100% rename from src/crypto/internal/fipstest/acvp_test.config.json rename to src/crypto/internal/fips140test/acvp_test.config.json diff --git a/src/crypto/internal/fipstest/acvp_test.go b/src/crypto/internal/fips140test/acvp_test.go similarity index 92% rename from src/crypto/internal/fipstest/acvp_test.go rename to src/crypto/internal/fips140test/acvp_test.go index e59978e8804bbd..a5fa38fd609fa0 100644 --- a/src/crypto/internal/fipstest/acvp_test.go +++ b/src/crypto/internal/fips140test/acvp_test.go @@ -22,11 +22,11 @@ import ( "bufio" "bytes" "crypto/internal/cryptotest" - "crypto/internal/fips" - "crypto/internal/fips/hmac" - "crypto/internal/fips/sha256" - "crypto/internal/fips/sha3" - "crypto/internal/fips/sha512" + "crypto/internal/fips140" + "crypto/internal/fips140/hmac" + "crypto/internal/fips140/sha256" + "crypto/internal/fips140/sha3" + "crypto/internal/fips140/sha512" _ "embed" "encoding/binary" "errors" @@ -103,16 +103,16 @@ var ( "SHA3-512": cmdHashAft(sha3.New512()), "SHA3-512/MCT": cmdSha3Mct(sha3.New512()), - "HMAC-SHA2-224": cmdHmacAft(func() fips.Hash { return sha256.New224() }), - "HMAC-SHA2-256": cmdHmacAft(func() fips.Hash { return sha256.New() }), - "HMAC-SHA2-384": cmdHmacAft(func() fips.Hash { return sha512.New384() }), - "HMAC-SHA2-512": cmdHmacAft(func() fips.Hash { return sha512.New() }), - "HMAC-SHA2-512/224": cmdHmacAft(func() fips.Hash { return sha512.New512_224() }), - "HMAC-SHA2-512/256": cmdHmacAft(func() fips.Hash { return sha512.New512_256() }), - "HMAC-SHA3-224": cmdHmacAft(func() fips.Hash { return sha3.New224() }), - "HMAC-SHA3-256": cmdHmacAft(func() fips.Hash { return sha3.New256() }), - "HMAC-SHA3-384": cmdHmacAft(func() fips.Hash { return sha3.New384() }), - "HMAC-SHA3-512": cmdHmacAft(func() fips.Hash { return sha3.New512() }), + "HMAC-SHA2-224": cmdHmacAft(func() fips140.Hash { return sha256.New224() }), + "HMAC-SHA2-256": cmdHmacAft(func() fips140.Hash { return sha256.New() }), + "HMAC-SHA2-384": cmdHmacAft(func() fips140.Hash { return sha512.New384() }), + "HMAC-SHA2-512": cmdHmacAft(func() fips140.Hash { return sha512.New() }), + "HMAC-SHA2-512/224": cmdHmacAft(func() fips140.Hash { return sha512.New512_224() }), + "HMAC-SHA2-512/256": cmdHmacAft(func() fips140.Hash { return sha512.New512_256() }), + "HMAC-SHA3-224": cmdHmacAft(func() fips140.Hash { return sha3.New224() }), + "HMAC-SHA3-256": cmdHmacAft(func() fips140.Hash { return sha3.New256() }), + "HMAC-SHA3-384": cmdHmacAft(func() fips140.Hash { return sha3.New384() }), + "HMAC-SHA3-512": cmdHmacAft(func() fips140.Hash { return sha3.New512() }), } ) @@ -239,7 +239,7 @@ func cmdGetConfig() command { // and writes the resulting digest as a response. // // See https://pages.nist.gov/ACVP/draft-celi-acvp-sha.html -func cmdHashAft(h fips.Hash) command { +func cmdHashAft(h fips140.Hash) command { return command{ requiredArgs: 1, // Message to hash. handler: func(args [][]byte) ([][]byte, error) { @@ -267,7 +267,7 @@ func cmdHashAft(h fips.Hash) command { // // [0]: https://pages.nist.gov/ACVP/draft-celi-acvp-sha.html#section-6.2 // [1]: https://boringssl.googlesource.com/boringssl/+/refs/heads/master/util/fipstools/acvp/ACVP.md#testing-other-fips-modules -func cmdHashMct(h fips.Hash) command { +func cmdHashMct(h fips140.Hash) command { return command{ requiredArgs: 1, // Seed message. handler: func(args [][]byte) ([][]byte, error) { @@ -311,7 +311,7 @@ func cmdHashMct(h fips.Hash) command { // like that handler it does not perform the outer 100 iterations. // // [0]: https://pages.nist.gov/ACVP/draft-celi-acvp-sha3.html#section-6.2.1 -func cmdSha3Mct(h fips.Hash) command { +func cmdSha3Mct(h fips140.Hash) command { return command{ requiredArgs: 1, // Seed message. handler: func(args [][]byte) ([][]byte, error) { @@ -330,7 +330,7 @@ func cmdSha3Mct(h fips.Hash) command { } } -func cmdHmacAft(h func() fips.Hash) command { +func cmdHmacAft(h func() fips140.Hash) command { return command{ requiredArgs: 2, // Message and key handler: func(args [][]byte) ([][]byte, error) { diff --git a/src/crypto/internal/fipstest/alias_test.go b/src/crypto/internal/fips140test/alias_test.go similarity index 97% rename from src/crypto/internal/fipstest/alias_test.go rename to src/crypto/internal/fips140test/alias_test.go index e3cadaa20aac5d..e979cd9c8e950e 100644 --- a/src/crypto/internal/fipstest/alias_test.go +++ b/src/crypto/internal/fips140test/alias_test.go @@ -5,7 +5,7 @@ package fipstest import ( - "crypto/internal/fips/alias" + "crypto/internal/fips140/alias" "testing" ) diff --git a/src/crypto/internal/fipstest/cast_test.go b/src/crypto/internal/fips140test/cast_test.go similarity index 77% rename from src/crypto/internal/fipstest/cast_test.go rename to src/crypto/internal/fips140test/cast_test.go index b1ddd66132eef7..0c5cc63e3f0601 100644 --- a/src/crypto/internal/fipstest/cast_test.go +++ b/src/crypto/internal/fips140test/cast_test.go @@ -15,29 +15,29 @@ import ( "testing" // Import packages that define CASTs to test them. - _ "crypto/internal/fips/aes" - _ "crypto/internal/fips/aes/gcm" - _ "crypto/internal/fips/drbg" - "crypto/internal/fips/ecdh" - "crypto/internal/fips/ecdsa" - "crypto/internal/fips/ed25519" - _ "crypto/internal/fips/hkdf" - _ "crypto/internal/fips/hmac" - "crypto/internal/fips/mlkem" - "crypto/internal/fips/rsa" - "crypto/internal/fips/sha256" - _ "crypto/internal/fips/sha3" - _ "crypto/internal/fips/sha512" - _ "crypto/internal/fips/tls12" - _ "crypto/internal/fips/tls13" + _ "crypto/internal/fips140/aes" + _ "crypto/internal/fips140/aes/gcm" + _ "crypto/internal/fips140/drbg" + "crypto/internal/fips140/ecdh" + "crypto/internal/fips140/ecdsa" + "crypto/internal/fips140/ed25519" + _ "crypto/internal/fips140/hkdf" + _ "crypto/internal/fips140/hmac" + "crypto/internal/fips140/mlkem" + "crypto/internal/fips140/rsa" + "crypto/internal/fips140/sha256" + _ "crypto/internal/fips140/sha3" + _ "crypto/internal/fips140/sha512" + _ "crypto/internal/fips140/tls12" + _ "crypto/internal/fips140/tls13" ) func findAllCASTs(t *testing.T) map[string]struct{} { testenv.MustHaveSource(t) - // Ask "go list" for the location of the crypto/internal/fips tree, as it + // Ask "go list" for the location of the crypto/internal/fips140 tree, as it // might be the unpacked frozen tree selected with GOFIPS140. - cmd := testenv.Command(t, testenv.GoToolPath(t), "list", "-f", `{{.Dir}}`, "crypto/internal/fips") + cmd := testenv.Command(t, testenv.GoToolPath(t), "list", "-f", `{{.Dir}}`, "crypto/internal/fips140") out, err := cmd.CombinedOutput() if err != nil { t.Fatalf("go list: %v\n%s", err, out) @@ -45,9 +45,9 @@ func findAllCASTs(t *testing.T) map[string]struct{} { fipsDir := strings.TrimSpace(string(out)) t.Logf("FIPS module directory: %s", fipsDir) - // Find all invocations of fips.CAST or fips.PCT. + // Find all invocations of fips140.CAST or fips140.PCT. allCASTs := make(map[string]struct{}) - castRe := regexp.MustCompile(`fips\.(CAST|PCT)\("([^"]+)"`) + castRe := regexp.MustCompile(`fips140\.(CAST|PCT)\("([^"]+)"`) if err := fs.WalkDir(os.DirFS(fipsDir), ".", func(path string, d fs.DirEntry, err error) error { if err != nil { return err diff --git a/src/crypto/internal/fipstest/check_test.go b/src/crypto/internal/fips140test/check_test.go similarity index 98% rename from src/crypto/internal/fipstest/check_test.go rename to src/crypto/internal/fips140test/check_test.go index c24eee629c912d..1c7dae4127be5f 100644 --- a/src/crypto/internal/fipstest/check_test.go +++ b/src/crypto/internal/fips140test/check_test.go @@ -5,8 +5,8 @@ package fipstest import ( - . "crypto/internal/fips/check" - "crypto/internal/fips/check/checktest" + . "crypto/internal/fips140/check" + "crypto/internal/fips140/check/checktest" "fmt" "internal/abi" "internal/asan" diff --git a/src/crypto/internal/fipstest/cmac_test.go b/src/crypto/internal/fips140test/cmac_test.go similarity index 93% rename from src/crypto/internal/fipstest/cmac_test.go rename to src/crypto/internal/fips140test/cmac_test.go index 05e421ffe93738..a8cc49400a2aa5 100644 --- a/src/crypto/internal/fipstest/cmac_test.go +++ b/src/crypto/internal/fips140test/cmac_test.go @@ -6,8 +6,8 @@ package fipstest import ( "bytes" - "crypto/internal/fips/aes" - "crypto/internal/fips/aes/gcm" + "crypto/internal/fips140/aes" + "crypto/internal/fips140/aes/gcm" "testing" ) diff --git a/src/crypto/internal/fipstest/ctrdrbg_test.go b/src/crypto/internal/fips140test/ctrdrbg_test.go similarity index 97% rename from src/crypto/internal/fipstest/ctrdrbg_test.go rename to src/crypto/internal/fips140test/ctrdrbg_test.go index 79efb39b7dd93d..e856a089fa69d8 100644 --- a/src/crypto/internal/fipstest/ctrdrbg_test.go +++ b/src/crypto/internal/fips140test/ctrdrbg_test.go @@ -6,8 +6,8 @@ package fipstest import ( "bytes" - "crypto/internal/fips/drbg" - "crypto/internal/fips/subtle" + "crypto/internal/fips140/drbg" + "crypto/internal/fips140/subtle" "testing" ) diff --git a/src/crypto/internal/fipstest/edwards25519_test.go b/src/crypto/internal/fips140test/edwards25519_test.go similarity index 93% rename from src/crypto/internal/fipstest/edwards25519_test.go rename to src/crypto/internal/fips140test/edwards25519_test.go index b09a167f96cb48..cd4a49dbcf8956 100644 --- a/src/crypto/internal/fipstest/edwards25519_test.go +++ b/src/crypto/internal/fips140test/edwards25519_test.go @@ -6,7 +6,7 @@ package fipstest import ( "crypto/internal/cryptotest" - . "crypto/internal/fips/edwards25519" + . "crypto/internal/fips140/edwards25519" "testing" ) diff --git a/src/crypto/internal/fipstest/fips_test.go b/src/crypto/internal/fips140test/fips_test.go similarity index 91% rename from src/crypto/internal/fipstest/fips_test.go rename to src/crypto/internal/fips140test/fips_test.go index 7390ac6969d182..8da5278050ba6c 100644 --- a/src/crypto/internal/fipstest/fips_test.go +++ b/src/crypto/internal/fips140test/fips_test.go @@ -3,7 +3,7 @@ // license that can be found in the LICENSE file. // Package fipstest collects external tests that would ordinarily live in -// crypto/internal/fips/... packages. That tree gets snapshot at each +// crypto/internal/fips140/... packages. That tree gets snapshot at each // validation, while we want tests to evolve and still apply to all versions of // the module. Also, we can't fix failing tests in a module snapshot, so we need // to either minimize, skip, or remove them. Finally, the module needs to avoid diff --git a/src/crypto/internal/fipstest/hkdf_test.go b/src/crypto/internal/fips140test/hkdf_test.go similarity index 97% rename from src/crypto/internal/fipstest/hkdf_test.go rename to src/crypto/internal/fips140test/hkdf_test.go index a624af33ab4997..9ddfe88f4f0de1 100644 --- a/src/crypto/internal/fipstest/hkdf_test.go +++ b/src/crypto/internal/fips140test/hkdf_test.go @@ -9,8 +9,8 @@ package fipstest_test import ( "bytes" "crypto/internal/boring" - "crypto/internal/fips" - "crypto/internal/fips/hkdf" + "crypto/internal/fips140" + "crypto/internal/fips140/hkdf" "crypto/md5" "crypto/sha1" "crypto/sha256" @@ -341,23 +341,23 @@ func TestFIPSServiceIndicator(t *testing.T) { t.Skip("in BoringCrypto mode HMAC is not from the Go FIPS module") } - fips.ResetServiceIndicator() + fips140.ResetServiceIndicator() hkdf.Key(sha256.New, []byte("YELLOW SUBMARINE"), nil, nil, 32) - if !fips.ServiceIndicator() { + if !fips140.ServiceIndicator() { t.Error("FIPS service indicator should be set") } // Key too short. - fips.ResetServiceIndicator() + fips140.ResetServiceIndicator() hkdf.Key(sha256.New, []byte("key"), nil, nil, 32) - if fips.ServiceIndicator() { + if fips140.ServiceIndicator() { t.Error("FIPS service indicator should not be set") } // Salt and info are short, which is ok, but translates to a short HMAC key. - fips.ResetServiceIndicator() + fips140.ResetServiceIndicator() hkdf.Key(sha256.New, []byte("YELLOW SUBMARINE"), []byte("salt"), []byte("info"), 32) - if !fips.ServiceIndicator() { + if !fips140.ServiceIndicator() { t.Error("FIPS service indicator should be set") } } diff --git a/src/crypto/internal/fipstest/indicator_test.go b/src/crypto/internal/fips140test/indicator_test.go similarity index 52% rename from src/crypto/internal/fipstest/indicator_test.go rename to src/crypto/internal/fips140test/indicator_test.go index a193959edf4816..c42cf34aa5ef6d 100644 --- a/src/crypto/internal/fipstest/indicator_test.go +++ b/src/crypto/internal/fips140test/indicator_test.go @@ -5,72 +5,72 @@ package fipstest import ( - "crypto/internal/fips" + "crypto/internal/fips140" "testing" ) func TestIndicator(t *testing.T) { - fips.ResetServiceIndicator() - if fips.ServiceIndicator() { + fips140.ResetServiceIndicator() + if fips140.ServiceIndicator() { t.Error("indicator should be false if no calls are made") } - fips.ResetServiceIndicator() - fips.RecordApproved() - if !fips.ServiceIndicator() { + fips140.ResetServiceIndicator() + fips140.RecordApproved() + if !fips140.ServiceIndicator() { t.Error("indicator should be true if RecordApproved is called") } - fips.ResetServiceIndicator() - fips.RecordApproved() - fips.RecordApproved() - if !fips.ServiceIndicator() { + fips140.ResetServiceIndicator() + fips140.RecordApproved() + fips140.RecordApproved() + if !fips140.ServiceIndicator() { t.Error("indicator should be true if RecordApproved is called multiple times") } - fips.ResetServiceIndicator() - fips.RecordNonApproved() - if fips.ServiceIndicator() { + fips140.ResetServiceIndicator() + fips140.RecordNonApproved() + if fips140.ServiceIndicator() { t.Error("indicator should be false if RecordNonApproved is called") } - fips.ResetServiceIndicator() - fips.RecordApproved() - fips.RecordNonApproved() - if fips.ServiceIndicator() { + fips140.ResetServiceIndicator() + fips140.RecordApproved() + fips140.RecordNonApproved() + if fips140.ServiceIndicator() { t.Error("indicator should be false if both RecordApproved and RecordNonApproved are called") } - fips.ResetServiceIndicator() - fips.RecordNonApproved() - fips.RecordApproved() - if fips.ServiceIndicator() { + fips140.ResetServiceIndicator() + fips140.RecordNonApproved() + fips140.RecordApproved() + if fips140.ServiceIndicator() { t.Error("indicator should be false if both RecordNonApproved and RecordApproved are called") } - fips.ResetServiceIndicator() - fips.RecordNonApproved() + fips140.ResetServiceIndicator() + fips140.RecordNonApproved() done := make(chan struct{}) go func() { - fips.ResetServiceIndicator() - fips.RecordApproved() + fips140.ResetServiceIndicator() + fips140.RecordApproved() close(done) }() <-done - if fips.ServiceIndicator() { + if fips140.ServiceIndicator() { t.Error("indicator should be false if RecordApproved is called in a different goroutine") } - fips.ResetServiceIndicator() - fips.RecordApproved() + fips140.ResetServiceIndicator() + fips140.RecordApproved() done = make(chan struct{}) go func() { - fips.ResetServiceIndicator() - fips.RecordNonApproved() + fips140.ResetServiceIndicator() + fips140.RecordNonApproved() close(done) }() <-done - if !fips.ServiceIndicator() { + if !fips140.ServiceIndicator() { t.Error("indicator should be true if RecordNonApproved is called in a different goroutine") } } diff --git a/src/crypto/internal/fipstest/mlkem_test.go b/src/crypto/internal/fips140test/mlkem_test.go similarity index 99% rename from src/crypto/internal/fipstest/mlkem_test.go rename to src/crypto/internal/fips140test/mlkem_test.go index d9a43034f37f10..43467456f09f63 100644 --- a/src/crypto/internal/fipstest/mlkem_test.go +++ b/src/crypto/internal/fips140test/mlkem_test.go @@ -8,8 +8,8 @@ package fipstest_test import ( "bytes" - . "crypto/internal/fips/mlkem" - "crypto/internal/fips/sha3" + . "crypto/internal/fips140/mlkem" + "crypto/internal/fips140/sha3" "crypto/rand" _ "embed" "encoding/hex" diff --git a/src/crypto/internal/fipstest/nistec_ordinv_test.go b/src/crypto/internal/fips140test/nistec_ordinv_test.go similarity index 98% rename from src/crypto/internal/fipstest/nistec_ordinv_test.go rename to src/crypto/internal/fips140test/nistec_ordinv_test.go index 60317e0e448047..5eeb3d25268efb 100644 --- a/src/crypto/internal/fipstest/nistec_ordinv_test.go +++ b/src/crypto/internal/fips140test/nistec_ordinv_test.go @@ -9,7 +9,7 @@ package fipstest import ( "bytes" "crypto/elliptic" - "crypto/internal/fips/nistec" + "crypto/internal/fips140/nistec" "math/big" "testing" ) diff --git a/src/crypto/internal/fipstest/nistec_test.go b/src/crypto/internal/fips140test/nistec_test.go similarity index 99% rename from src/crypto/internal/fipstest/nistec_test.go rename to src/crypto/internal/fips140test/nistec_test.go index 42c671c238b2a5..3849add7004e2a 100644 --- a/src/crypto/internal/fipstest/nistec_test.go +++ b/src/crypto/internal/fips140test/nistec_test.go @@ -8,7 +8,7 @@ import ( "bytes" "crypto/elliptic" "crypto/internal/cryptotest" - "crypto/internal/fips/nistec" + "crypto/internal/fips140/nistec" "fmt" "math/big" "math/rand" diff --git a/src/crypto/internal/fipstest/sha3_test.go b/src/crypto/internal/fips140test/sha3_test.go similarity index 99% rename from src/crypto/internal/fipstest/sha3_test.go rename to src/crypto/internal/fips140test/sha3_test.go index c9b0e2729d92d5..2bc2a6df2375e6 100644 --- a/src/crypto/internal/fipstest/sha3_test.go +++ b/src/crypto/internal/fips140test/sha3_test.go @@ -9,8 +9,8 @@ package fipstest_test import ( "bytes" "crypto/internal/cryptotest" - "crypto/internal/fips" - . "crypto/internal/fips/sha3" + "crypto/internal/fips140" + . "crypto/internal/fips140/sha3" "encoding" "encoding/hex" "fmt" @@ -539,7 +539,7 @@ func TestMarshalUnmarshal(t *testing.T) { } // TODO(filippo): move this to crypto/internal/cryptotest. -func testMarshalUnmarshal(t *testing.T, h fips.Hash) { +func testMarshalUnmarshal(t *testing.T, h fips140.Hash) { buf := make([]byte, 200) rand.Read(buf) n := rand.Intn(200) @@ -563,7 +563,7 @@ func testMarshalUnmarshal(t *testing.T, h fips.Hash) { } // benchmarkHash tests the speed to hash num buffers of buflen each. -func benchmarkHash(b *testing.B, h fips.Hash, size, num int) { +func benchmarkHash(b *testing.B, h fips140.Hash, size, num int) { b.StopTimer() h.Reset() data := sequentialBytes(size) diff --git a/src/crypto/internal/fipstest/sshkdf_test.go b/src/crypto/internal/fips140test/sshkdf_test.go similarity index 98% rename from src/crypto/internal/fipstest/sshkdf_test.go rename to src/crypto/internal/fips140test/sshkdf_test.go index b942ca86a241ca..91135205de9bd5 100644 --- a/src/crypto/internal/fipstest/sshkdf_test.go +++ b/src/crypto/internal/fips140test/sshkdf_test.go @@ -6,7 +6,7 @@ package fipstest import ( "bytes" - "crypto/internal/fips/ssh" + "crypto/internal/fips140/ssh" "crypto/sha256" "encoding/hex" "testing" diff --git a/src/crypto/internal/fipstest/xaes_test.go b/src/crypto/internal/fips140test/xaes_test.go similarity index 97% rename from src/crypto/internal/fipstest/xaes_test.go rename to src/crypto/internal/fips140test/xaes_test.go index 9e21428c97ccc5..9406bfab7bf5cc 100644 --- a/src/crypto/internal/fipstest/xaes_test.go +++ b/src/crypto/internal/fips140test/xaes_test.go @@ -7,10 +7,10 @@ package fipstest import ( "bytes" "crypto/internal/cryptotest" - "crypto/internal/fips/aes" - "crypto/internal/fips/aes/gcm" - "crypto/internal/fips/drbg" - "crypto/internal/fips/sha3" + "crypto/internal/fips140/aes" + "crypto/internal/fips140/aes/gcm" + "crypto/internal/fips140/drbg" + "crypto/internal/fips140/sha3" "encoding/hex" "runtime" "testing" diff --git a/src/crypto/internal/hpke/hpke.go b/src/crypto/internal/hpke/hpke.go index 69c1f8b2baaa24..0d6340cfc5de53 100644 --- a/src/crypto/internal/hpke/hpke.go +++ b/src/crypto/internal/hpke/hpke.go @@ -9,7 +9,7 @@ import ( "crypto/aes" "crypto/cipher" "crypto/ecdh" - "crypto/internal/fips/hkdf" + "crypto/internal/fips140/hkdf" "crypto/rand" "errors" "internal/byteorder" diff --git a/src/crypto/rand/rand.go b/src/crypto/rand/rand.go index b2dbe13fcd3994..5dd875e6e72575 100644 --- a/src/crypto/rand/rand.go +++ b/src/crypto/rand/rand.go @@ -8,8 +8,8 @@ package rand import ( "crypto/internal/boring" - "crypto/internal/fips" - "crypto/internal/fips/drbg" + "crypto/internal/fips140" + "crypto/internal/fips140/drbg" "crypto/internal/sysrand" "io" _ "unsafe" @@ -42,7 +42,7 @@ type reader struct{} func (r *reader) Read(b []byte) (n int, err error) { boring.Unreachable() - if fips.Enabled { + if fips140.Enabled { drbg.Read(b) } else { sysrand.Read(b) diff --git a/src/crypto/rc4/rc4.go b/src/crypto/rc4/rc4.go index 4c6bab16816807..19e6b8a047dcad 100644 --- a/src/crypto/rc4/rc4.go +++ b/src/crypto/rc4/rc4.go @@ -10,7 +10,7 @@ package rc4 import ( - "crypto/internal/fips/alias" + "crypto/internal/fips140/alias" "strconv" ) diff --git a/src/crypto/rsa/fips.go b/src/crypto/rsa/fips.go index ede27258ebf7fb..a08de0e75e1c38 100644 --- a/src/crypto/rsa/fips.go +++ b/src/crypto/rsa/fips.go @@ -7,7 +7,7 @@ package rsa import ( "crypto" "crypto/internal/boring" - "crypto/internal/fips/rsa" + "crypto/internal/fips140/rsa" "errors" "hash" "io" diff --git a/src/crypto/rsa/pkcs1v15.go b/src/crypto/rsa/pkcs1v15.go index d12313f071657a..b144be766247bf 100644 --- a/src/crypto/rsa/pkcs1v15.go +++ b/src/crypto/rsa/pkcs1v15.go @@ -6,7 +6,7 @@ package rsa import ( "crypto/internal/boring" - "crypto/internal/fips/rsa" + "crypto/internal/fips140/rsa" "crypto/internal/randutil" "crypto/subtle" "io" diff --git a/src/crypto/rsa/pss_test.go b/src/crypto/rsa/pss_test.go index aeef916cd91769..b888dfb41a2725 100644 --- a/src/crypto/rsa/pss_test.go +++ b/src/crypto/rsa/pss_test.go @@ -8,7 +8,7 @@ import ( "bufio" "compress/bzip2" "crypto" - "crypto/internal/fips" + "crypto/internal/fips140" "crypto/rand" . "crypto/rsa" "crypto/sha256" @@ -181,7 +181,7 @@ func TestPSSSigning(t *testing.T) { opts.SaltLength = test.verifySaltLength err = VerifyPSS(&rsaPrivateKey.PublicKey, hash, hashed, sig, &opts) good := test.good - if fips.Enabled { + if fips140.Enabled { good = test.fipsGood } if (err == nil) != good { diff --git a/src/crypto/rsa/rsa.go b/src/crypto/rsa/rsa.go index 0cf05348e70ea4..9138a993a680d4 100644 --- a/src/crypto/rsa/rsa.go +++ b/src/crypto/rsa/rsa.go @@ -28,8 +28,8 @@ import ( "crypto" "crypto/internal/boring" "crypto/internal/boring/bbig" - "crypto/internal/fips/bigmod" - "crypto/internal/fips/rsa" + "crypto/internal/fips140/bigmod" + "crypto/internal/fips140/rsa" "crypto/internal/randutil" "crypto/rand" "crypto/subtle" diff --git a/src/crypto/rsa/rsa_test.go b/src/crypto/rsa/rsa_test.go index ce0227367caa8c..9d084ae2de4176 100644 --- a/src/crypto/rsa/rsa_test.go +++ b/src/crypto/rsa/rsa_test.go @@ -9,7 +9,7 @@ import ( "bytes" "crypto" "crypto/internal/cryptotest" - "crypto/internal/fips" + "crypto/internal/fips140" "crypto/rand" . "crypto/rsa" "crypto/sha1" @@ -632,7 +632,7 @@ type testEncryptOAEPStruct struct { } func TestEncryptOAEP(t *testing.T) { - if fips.Enabled { + if fips140.Enabled { t.Skip("FIPS mode overrides the deterministic random source") } sha1 := sha1.New() diff --git a/src/crypto/sha256/sha256.go b/src/crypto/sha256/sha256.go index d87c689c9001ad..069938a22dbc5a 100644 --- a/src/crypto/sha256/sha256.go +++ b/src/crypto/sha256/sha256.go @@ -9,7 +9,7 @@ package sha256 import ( "crypto" "crypto/internal/boring" - "crypto/internal/fips/sha256" + "crypto/internal/fips140/sha256" "hash" ) diff --git a/src/crypto/sha512/sha512.go b/src/crypto/sha512/sha512.go index ebdde0feb1a654..1435eac1f5b5dc 100644 --- a/src/crypto/sha512/sha512.go +++ b/src/crypto/sha512/sha512.go @@ -13,7 +13,7 @@ package sha512 import ( "crypto" "crypto/internal/boring" - "crypto/internal/fips/sha512" + "crypto/internal/fips140/sha512" "hash" ) diff --git a/src/crypto/subtle/constant_time.go b/src/crypto/subtle/constant_time.go index a6f663ff430ec5..22c1c64a0da9e0 100644 --- a/src/crypto/subtle/constant_time.go +++ b/src/crypto/subtle/constant_time.go @@ -6,7 +6,7 @@ // code but require careful thought to use correctly. package subtle -import "crypto/internal/fips/subtle" +import "crypto/internal/fips140/subtle" // ConstantTimeCompare returns 1 if the two slices, x and y, have equal contents // and 0 otherwise. The time taken is a function of the length of the slices and diff --git a/src/crypto/subtle/xor.go b/src/crypto/subtle/xor.go index a1582764c2b13d..26c1c779a647bb 100644 --- a/src/crypto/subtle/xor.go +++ b/src/crypto/subtle/xor.go @@ -4,7 +4,7 @@ package subtle -import "crypto/internal/fips/subtle" +import "crypto/internal/fips140/subtle" // XORBytes sets dst[i] = x[i] ^ y[i] for all i < n = min(len(x), len(y)), // returning n, the number of bytes written to dst. diff --git a/src/crypto/tls/cipher_suites.go b/src/crypto/tls/cipher_suites.go index 1c849e3c2746dd..9e831a983e07d4 100644 --- a/src/crypto/tls/cipher_suites.go +++ b/src/crypto/tls/cipher_suites.go @@ -11,8 +11,8 @@ import ( "crypto/des" "crypto/hmac" "crypto/internal/boring" - fipsaes "crypto/internal/fips/aes" - "crypto/internal/fips/aes/gcm" + fipsaes "crypto/internal/fips140/aes" + "crypto/internal/fips140/aes/gcm" "crypto/rc4" "crypto/sha1" "crypto/sha256" @@ -367,7 +367,7 @@ var tdesCiphers = map[uint16]bool{ } var ( - // Keep in sync with crypto/internal/fips/aes/gcm.supportsAESGCM. + // Keep in sync with crypto/internal/fips140/aes/gcm.supportsAESGCM. hasGCMAsmAMD64 = cpu.X86.HasAES && cpu.X86.HasPCLMULQDQ && cpu.X86.HasSSE41 && cpu.X86.HasSSSE3 hasGCMAsmARM64 = cpu.ARM64.HasAES && cpu.ARM64.HasPMULL hasGCMAsmS390X = cpu.S390X.HasAES && cpu.S390X.HasAESCTR && cpu.S390X.HasGHASH diff --git a/src/crypto/tls/handshake_client.go b/src/crypto/tls/handshake_client.go index ea9c4c50c5f604..3926ebd4f4cd22 100644 --- a/src/crypto/tls/handshake_client.go +++ b/src/crypto/tls/handshake_client.go @@ -10,8 +10,8 @@ import ( "crypto" "crypto/ecdsa" "crypto/ed25519" - "crypto/internal/fips/mlkem" - "crypto/internal/fips/tls13" + "crypto/internal/fips140/mlkem" + "crypto/internal/fips140/tls13" "crypto/internal/hpke" "crypto/rsa" "crypto/subtle" diff --git a/src/crypto/tls/handshake_client_tls13.go b/src/crypto/tls/handshake_client_tls13.go index 6ce83b9623e112..53f16651661d57 100644 --- a/src/crypto/tls/handshake_client_tls13.go +++ b/src/crypto/tls/handshake_client_tls13.go @@ -9,9 +9,9 @@ import ( "context" "crypto" "crypto/hmac" - "crypto/internal/fips/hkdf" - "crypto/internal/fips/mlkem" - "crypto/internal/fips/tls13" + "crypto/internal/fips140/hkdf" + "crypto/internal/fips140/mlkem" + "crypto/internal/fips140/tls13" "crypto/rsa" "crypto/subtle" "errors" diff --git a/src/crypto/tls/handshake_server_tls13.go b/src/crypto/tls/handshake_server_tls13.go index aa1ffd908ac822..90c032040201e8 100644 --- a/src/crypto/tls/handshake_server_tls13.go +++ b/src/crypto/tls/handshake_server_tls13.go @@ -9,8 +9,8 @@ import ( "context" "crypto" "crypto/hmac" - "crypto/internal/fips/mlkem" - "crypto/internal/fips/tls13" + "crypto/internal/fips140/mlkem" + "crypto/internal/fips140/tls13" "crypto/rsa" "errors" "hash" diff --git a/src/crypto/tls/key_schedule.go b/src/crypto/tls/key_schedule.go index 99229ea834a97e..60527b02405025 100644 --- a/src/crypto/tls/key_schedule.go +++ b/src/crypto/tls/key_schedule.go @@ -7,9 +7,9 @@ package tls import ( "crypto/ecdh" "crypto/hmac" - "crypto/internal/fips/mlkem" - "crypto/internal/fips/sha3" - "crypto/internal/fips/tls13" + "crypto/internal/fips140/mlkem" + "crypto/internal/fips140/sha3" + "crypto/internal/fips140/tls13" "errors" "hash" "io" diff --git a/src/crypto/tls/key_schedule_test.go b/src/crypto/tls/key_schedule_test.go index 0dc3601e47e46e..f96b14c86542f0 100644 --- a/src/crypto/tls/key_schedule_test.go +++ b/src/crypto/tls/key_schedule_test.go @@ -6,8 +6,8 @@ package tls import ( "bytes" - "crypto/internal/fips/mlkem" - "crypto/internal/fips/tls13" + "crypto/internal/fips140/mlkem" + "crypto/internal/fips140/tls13" "crypto/sha256" "encoding/hex" "strings" diff --git a/src/crypto/tls/prf.go b/src/crypto/tls/prf.go index c306ca40e658a6..e7369542a73270 100644 --- a/src/crypto/tls/prf.go +++ b/src/crypto/tls/prf.go @@ -7,7 +7,7 @@ package tls import ( "crypto" "crypto/hmac" - "crypto/internal/fips/tls12" + "crypto/internal/fips140/tls12" "crypto/md5" "crypto/sha1" "crypto/sha256" diff --git a/src/go/build/deps_test.go b/src/go/build/deps_test.go index 4d18ed0ff2614b..c31beec72e215a 100644 --- a/src/go/build/deps_test.go +++ b/src/go/build/deps_test.go @@ -447,46 +447,46 @@ var depsRules = ` OS < crypto/internal/sysrand < crypto/internal/entropy; - internal/byteorder < crypto/internal/fipsdeps/byteorder; - internal/cpu, internal/goarch < crypto/internal/fipsdeps/cpu; - internal/godebug < crypto/internal/fipsdeps/godebug; + internal/byteorder < crypto/internal/fips140deps/byteorder; + internal/cpu, internal/goarch < crypto/internal/fips140deps/cpu; + internal/godebug < crypto/internal/fips140deps/godebug; # FIPS is the FIPS 140 module. # It must not depend on external crypto packages. STR, crypto/internal/impl, crypto/internal/entropy, crypto/internal/randutil, - crypto/internal/fipsdeps/byteorder, - crypto/internal/fipsdeps/cpu, - crypto/internal/fipsdeps/godebug - < crypto/internal/fips - < crypto/internal/fips/alias - < crypto/internal/fips/subtle - < crypto/internal/fips/sha256 - < crypto/internal/fips/sha512 - < crypto/internal/fips/sha3 - < crypto/internal/fips/hmac - < crypto/internal/fips/check - < crypto/internal/fips/aes - < crypto/internal/fips/drbg - < crypto/internal/fips/aes/gcm - < crypto/internal/fips/hkdf - < crypto/internal/fips/mlkem - < crypto/internal/fips/ssh - < crypto/internal/fips/tls12 - < crypto/internal/fips/tls13 - < crypto/internal/fips/bigmod - < crypto/internal/fips/nistec/fiat - < crypto/internal/fips/nistec - < crypto/internal/fips/ecdh - < crypto/internal/fips/ecdsa - < crypto/internal/fips/edwards25519/field - < crypto/internal/fips/edwards25519 - < crypto/internal/fips/ed25519 - < crypto/internal/fips/rsa + crypto/internal/fips140deps/byteorder, + crypto/internal/fips140deps/cpu, + crypto/internal/fips140deps/godebug + < crypto/internal/fips140 + < crypto/internal/fips140/alias + < crypto/internal/fips140/subtle + < crypto/internal/fips140/sha256 + < crypto/internal/fips140/sha512 + < crypto/internal/fips140/sha3 + < crypto/internal/fips140/hmac + < crypto/internal/fips140/check + < crypto/internal/fips140/aes + < crypto/internal/fips140/drbg + < crypto/internal/fips140/aes/gcm + < crypto/internal/fips140/hkdf + < crypto/internal/fips140/mlkem + < crypto/internal/fips140/ssh + < crypto/internal/fips140/tls12 + < crypto/internal/fips140/tls13 + < crypto/internal/fips140/bigmod + < crypto/internal/fips140/nistec/fiat + < crypto/internal/fips140/nistec + < crypto/internal/fips140/ecdh + < crypto/internal/fips140/ecdsa + < crypto/internal/fips140/edwards25519/field + < crypto/internal/fips140/edwards25519 + < crypto/internal/fips140/ed25519 + < crypto/internal/fips140/rsa < FIPS; - FIPS < crypto/internal/fips/check/checktest; + FIPS < crypto/internal/fips140/check/checktest; NONE < crypto/internal/boring/sig, crypto/internal/boring/syso; sync/atomic < crypto/internal/boring/bcache, crypto/internal/boring/fipstls; @@ -511,7 +511,7 @@ var depsRules = ` < crypto/aes, crypto/des, crypto/hmac, crypto/md5, crypto/rc4, crypto/sha1, crypto/sha256, crypto/sha512; - crypto/boring, crypto/internal/fips/edwards25519/field + crypto/boring, crypto/internal/fips140/edwards25519/field < crypto/ecdh; # Unfortunately, stuck with reflect via encoding/binary. diff --git a/src/runtime/panic.go b/src/runtime/panic.go index 8e8ee8559afc97..58606e1dce42f4 100644 --- a/src/runtime/panic.go +++ b/src/runtime/panic.go @@ -1043,7 +1043,7 @@ func sysrand_fatal(s string) { fatal(s) } -//go:linkname fips_fatal crypto/internal/fips.fatal +//go:linkname fips_fatal crypto/internal/fips140.fatal func fips_fatal(s string) { fatal(s) } diff --git a/src/runtime/runtime1.go b/src/runtime/runtime1.go index 7a092e80390007..b47c589075ff60 100644 --- a/src/runtime/runtime1.go +++ b/src/runtime/runtime1.go @@ -727,12 +727,12 @@ func reflect_addReflectOff(ptr unsafe.Pointer) int32 { return id } -//go:linkname fips_getIndicator crypto/internal/fips.getIndicator +//go:linkname fips_getIndicator crypto/internal/fips140.getIndicator func fips_getIndicator() uint8 { return getg().fipsIndicator } -//go:linkname fips_setIndicator crypto/internal/fips.setIndicator +//go:linkname fips_setIndicator crypto/internal/fips140.setIndicator func fips_setIndicator(indicator uint8) { getg().fipsIndicator = indicator } diff --git a/src/slices/slices.go b/src/slices/slices.go index 13e41ae0d807b5..40b4d088b06e39 100644 --- a/src/slices/slices.go +++ b/src/slices/slices.go @@ -449,7 +449,7 @@ func overlaps[E any](a, b []E) bool { return false } // TODO: use a runtime/unsafe facility once one becomes available. See issue 12445. - // Also see crypto/internal/fips/alias/alias.go:AnyOverlap + // Also see crypto/internal/fips140/alias/alias.go:AnyOverlap return uintptr(unsafe.Pointer(&a[0])) <= uintptr(unsafe.Pointer(&b[len(b)-1]))+(elemSize-1) && uintptr(unsafe.Pointer(&b[0])) <= uintptr(unsafe.Pointer(&a[len(a)-1]))+(elemSize-1) }