aboutsummaryrefslogtreecommitdiff
path: root/src/crypto
diff options
context:
space:
mode:
Diffstat (limited to 'src/crypto')
-rw-r--r--src/crypto/internal/fips140test/acvp_test.go4
-rw-r--r--src/crypto/internal/fips140test/cast_fips140v1.26_test.go16
-rw-r--r--src/crypto/internal/fips140test/check_test.go2
-rw-r--r--src/crypto/internal/fips140test/fips140v1.0_test.go (renamed from src/crypto/internal/fips140test/cast_fips140v1.0_test.go)4
-rw-r--r--src/crypto/internal/fips140test/fips140v1.26_test.go33
-rw-r--r--src/crypto/internal/fips140test/fips_test.go2
-rw-r--r--src/crypto/rsa/rsa_test.go6
-rw-r--r--src/crypto/tls/bogo_shim_test.go2
8 files changed, 49 insertions, 20 deletions
diff --git a/src/crypto/internal/fips140test/acvp_test.go b/src/crypto/internal/fips140test/acvp_test.go
index e94bab74fd..6a0b46af2b 100644
--- a/src/crypto/internal/fips140test/acvp_test.go
+++ b/src/crypto/internal/fips140test/acvp_test.go
@@ -2146,7 +2146,7 @@ func TestACVP(t *testing.T) {
}
configPath := filepath.Join(cwd, testConfigFile)
t.Logf("running check_expected.go\ncwd: %q\ndata_dir: %q\nconfig: %q\ntool: %q\nmodule-wrapper: %q\n",
- cwd, dataDir, configPath, toolPath, os.Args[0])
+ cwd, dataDir, configPath, toolPath, testenv.Executable(t))
// Run the check_expected test driver using the acvptool we built, and this test binary as the
// module wrapper. The file paths in the config file are specified relative to the dataDir root
@@ -2157,7 +2157,7 @@ func TestACVP(t *testing.T) {
"-tool",
toolPath,
// Note: module prefix must match Wrapper value in testConfigFile.
- "-module-wrappers", "go:" + os.Args[0],
+ "-module-wrappers", "go:" + testenv.Executable(t),
"-tests", configPath,
}
cmd = testenv.Command(t, testenv.GoToolPath(t), args...)
diff --git a/src/crypto/internal/fips140test/cast_fips140v1.26_test.go b/src/crypto/internal/fips140test/cast_fips140v1.26_test.go
deleted file mode 100644
index ef79068c38..0000000000
--- a/src/crypto/internal/fips140test/cast_fips140v1.26_test.go
+++ /dev/null
@@ -1,16 +0,0 @@
-// Copyright 2024 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build !fips140v1.0
-
-package fipstest
-
-import "crypto/internal/fips140/mldsa"
-
-func fips140v126Conditionals() {
- // ML-DSA sign and verify PCT
- kMLDSA := mldsa.GenerateKey44()
- // ML-DSA-44
- mldsa.SignDeterministic(kMLDSA, make([]byte, 32), "")
-}
diff --git a/src/crypto/internal/fips140test/check_test.go b/src/crypto/internal/fips140test/check_test.go
index 8aef1f9b9b..d70ffbb77f 100644
--- a/src/crypto/internal/fips140test/check_test.go
+++ b/src/crypto/internal/fips140test/check_test.go
@@ -46,7 +46,7 @@ func TestIntegrityCheckFailure(t *testing.T) {
moduleStatus(t)
cryptotest.MustSupportFIPS140(t)
- bin, err := os.ReadFile(os.Args[0])
+ bin, err := os.ReadFile(testenv.Executable(t))
if err != nil {
t.Fatal(err)
}
diff --git a/src/crypto/internal/fips140test/cast_fips140v1.0_test.go b/src/crypto/internal/fips140test/fips140v1.0_test.go
index b9ddfe4d8b..262ef61d5c 100644
--- a/src/crypto/internal/fips140test/cast_fips140v1.0_test.go
+++ b/src/crypto/internal/fips140test/fips140v1.0_test.go
@@ -6,4 +6,8 @@
package fipstest
+import "testing"
+
func fips140v126Conditionals() {}
+
+func testFIPS140v126(t *testing.T, plaintext []byte) {}
diff --git a/src/crypto/internal/fips140test/fips140v1.26_test.go b/src/crypto/internal/fips140test/fips140v1.26_test.go
new file mode 100644
index 0000000000..6cd9f4fe40
--- /dev/null
+++ b/src/crypto/internal/fips140test/fips140v1.26_test.go
@@ -0,0 +1,33 @@
+// Copyright 2024 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !fips140v1.0
+
+package fipstest
+
+import (
+ "crypto/internal/fips140/mldsa"
+ "testing"
+)
+
+func fips140v126Conditionals() {
+ // ML-DSA sign and verify PCT
+ kMLDSA := mldsa.GenerateKey44()
+ // ML-DSA-44
+ mldsa.SignDeterministic(kMLDSA, make([]byte, 32), "")
+}
+
+func testFIPS140v126(t *testing.T, plaintext []byte) {
+ t.Run("ML-DSA KeyGen, SigGen, SigVer", func(t *testing.T) {
+ ensureServiceIndicator(t)
+ k := mldsa.GenerateKey44()
+
+ sig, err := mldsa.SignDeterministic(k, plaintext, "")
+ fatalIfErr(t, err)
+ t.Logf("ML-DSA signature: %x", sig)
+
+ err = mldsa.Verify(k.PublicKey(), plaintext, sig, "")
+ fatalIfErr(t, err)
+ })
+}
diff --git a/src/crypto/internal/fips140test/fips_test.go b/src/crypto/internal/fips140test/fips_test.go
index 52fc9d3488..7f2824ca9a 100644
--- a/src/crypto/internal/fips140test/fips_test.go
+++ b/src/crypto/internal/fips140test/fips_test.go
@@ -101,6 +101,8 @@ func TestFIPS140(t *testing.T) {
aesBlock, err := aes.New(aesKey)
fatalIfErr(t, err)
+ testFIPS140v126(t, plaintext)
+
t.Run("AES-CTR", func(t *testing.T) {
ensureServiceIndicator(t)
ctr := aes.NewCTR(aesBlock, aesIV)
diff --git a/src/crypto/rsa/rsa_test.go b/src/crypto/rsa/rsa_test.go
index 5ae4c1dd20..124fba1e8a 100644
--- a/src/crypto/rsa/rsa_test.go
+++ b/src/crypto/rsa/rsa_test.go
@@ -145,6 +145,12 @@ d8Y7
}
func testKeyBasics(t *testing.T, priv *PrivateKey) {
+ defer func() {
+ if t.Failed() {
+ t.Logf("failed key: %#v", priv)
+ }
+ }()
+
if err := priv.Validate(); err != nil {
t.Errorf("Validate() failed: %s", err)
}
diff --git a/src/crypto/tls/bogo_shim_test.go b/src/crypto/tls/bogo_shim_test.go
index 1b5fc49c4f..ccac47c271 100644
--- a/src/crypto/tls/bogo_shim_test.go
+++ b/src/crypto/tls/bogo_shim_test.go
@@ -577,7 +577,7 @@ func TestBogoSuite(t *testing.T) {
"test",
".",
fmt.Sprintf("-shim-config=%s", filepath.Join(cwd, "bogo_config.json")),
- fmt.Sprintf("-shim-path=%s", os.Args[0]),
+ fmt.Sprintf("-shim-path=%s", testenv.Executable(t)),
"-shim-extra-flags=-bogo-mode",
"-allow-unimplemented",
"-loose-errors", // TODO(roland): this should be removed eventually
generated by cgit v1.3 (git 2.53.0) at 2026-04-15 07:15:50 +0000