diff options
| author | Filippo Valsorda <filippo@golang.org> | 2025-03-06 17:08:02 +0100 |
|---|---|---|
| committer | Gopher Robot <gobot@golang.org> | 2025-03-07 11:33:03 -0800 |
| commit | 705fa920c13e87a580f0fc5bec4e186e1b6f663b (patch) | |
| tree | 09e3add12c78b13e4e7beee7c8574bf95d35bd7a /src/crypto | |
| parent | d7e5cd5851f9fea4512c20cf275d979516828521 (diff) | |
| download | go-705fa920c13e87a580f0fc5bec4e186e1b6f663b.tar.xz | |
crypto/internal/fips140: make Version return latest when not frozen
Fixes #71820
Change-Id: I6a6a46563da281a7b20efc61eefdcbb2e146db33
Reviewed-on: https://go-review.googlesource.com/c/go/+/655795
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
Reviewed-by: Junyang Shao <shaojunyang@google.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Diffstat (limited to 'src/crypto')
| -rw-r--r-- | src/crypto/internal/fips140/fips140.go | 6 | ||||
| -rw-r--r-- | src/crypto/internal/fips140test/fips_test.go | 27 |
2 files changed, 32 insertions, 1 deletions
diff --git a/src/crypto/internal/fips140/fips140.go b/src/crypto/internal/fips140/fips140.go index c7b167b82a..e05ad66374 100644 --- a/src/crypto/internal/fips140/fips140.go +++ b/src/crypto/internal/fips140/fips140.go @@ -62,6 +62,10 @@ func Name() string { return "Go Cryptographic Module" } +// Version returns the formal version (such as "v1.0") if building against a +// frozen module with GOFIPS140. Otherwise, it returns "latest". func Version() string { - return "v1.0" + // This return value is replaced by mkzip.go, it must not be changed or + // moved to a different file. + return "latest" //mkzip:version } diff --git a/src/crypto/internal/fips140test/fips_test.go b/src/crypto/internal/fips140test/fips_test.go index 3ed6152ea3..08d60933ef 100644 --- a/src/crypto/internal/fips140test/fips_test.go +++ b/src/crypto/internal/fips140test/fips_test.go @@ -36,6 +36,7 @@ import ( "crypto/internal/fips140/tls13" "crypto/rand" "encoding/hex" + "runtime/debug" "strings" "testing" ) @@ -63,6 +64,32 @@ func moduleStatus(t *testing.T) { } } +func TestVersion(t *testing.T) { + bi, ok := debug.ReadBuildInfo() + if !ok { + t.Skip("no build info") + } + for _, setting := range bi.Settings { + if setting.Key != "GOFIPS140" { + continue + } + exp := setting.Value + if exp == "v1.0.0" { + // Unfortunately we enshrined the version of the first module as + // v1.0 before deciding to go for full versions. + exp = "v1.0" + } + if v := fips140.Version(); v != exp { + t.Errorf("Version is %q, expected %q", v, exp) + } + return + } + // Without GOFIPS140, the Version should be "latest". + if v := fips140.Version(); v != "latest" { + t.Errorf("Version is %q, expected latest", v) + } +} + func TestFIPS140(t *testing.T) { moduleStatus(t) if boring.Enabled { |