@@ -4,6 +4,9 @@ Date: Tue, 17 Dec 2024 13:17:39 +0000
44Subject: [PATCH] Add Darwin crypto backend
55
66---
7+ .gitignore | 2 +
8+ src/cmd/go/go_boring_test.go | 9 +-
9+ src/cmd/go/testdata/script/darwin_no_cgo.txt | 2 +
710 src/crypto/ecdsa/ecdsa.go | 6 +-
811 src/crypto/ed25519/ed25519_test.go | 3 +-
912 .../internal/backend/bbig/big_darwin.go | 12 +
@@ -21,19 +24,68 @@ Subject: [PATCH] Add Darwin crypto backend
2124 .../goexperiment/exp_darwincrypto_off.go | 9 +
2225 .../goexperiment/exp_darwincrypto_on.go | 9 +
2326 src/internal/goexperiment/flags.go | 1 +
24- 17 files changed, 502 insertions(+), 13 deletions(-)
27+ src/runtime/pprof/vminfo_darwin_test.go | 6 +
28+ 21 files changed, 520 insertions(+), 14 deletions(-)
2529 create mode 100644 src/crypto/internal/backend/bbig/big_darwin.go
2630 create mode 100644 src/crypto/internal/backend/darwin_darwin.go
2731 create mode 100644 src/crypto/internal/backend/fips140/darwin.go
2832 create mode 100644 src/crypto/rsa/darwin.go
2933 create mode 100644 src/internal/goexperiment/exp_darwincrypto_off.go
3034 create mode 100644 src/internal/goexperiment/exp_darwincrypto_on.go
3135
36+ diff --git a/.gitignore b/.gitignore
37+ index c6512e64a4ef39..b3b01db73b009d 100644
38+ --- a/.gitignore
39+ +++ b/.gitignore
40+ @@ -46,6 +46,8 @@ _testmain.go
41+ /test/run.out
42+ /test/times.out
43+
44+ + !/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/CryptoKit.o
45+ +
46+ # This file includes artifacts of Go build that should not be checked in.
47+ # For files created by specific development environment (e.g. editor),
48+ # use alternative ways to exclude files from git.
49+ diff --git a/src/cmd/go/go_boring_test.go b/src/cmd/go/go_boring_test.go
50+ index 06478963f4be44..8111b143a1295b 100644
51+ --- a/src/cmd/go/go_boring_test.go
52+ +++ b/src/cmd/go/go_boring_test.go
53+ @@ -6,9 +6,16 @@
54+
55+ package main_test
56+
57+ - import "testing"
58+ + import (
59+ + "internal/goexperiment"
60+ + "testing"
61+ + )
62+
63+ func TestBoringInternalLink(t *testing.T) {
64+ + if goexperiment.DarwinCrypto {
65+ + // https://github.com/microsoft/go-crypto-darwin/issues/33
66+ + t.Skip("skipping on Darwin")
67+ + }
68+ tg := testgo(t)
69+ defer tg.cleanup()
70+ tg.parallel()
71+ diff --git a/src/cmd/go/testdata/script/darwin_no_cgo.txt b/src/cmd/go/testdata/script/darwin_no_cgo.txt
72+ index fa445925b7c374..e36ac86fcaa58d 100644
73+ --- a/src/cmd/go/testdata/script/darwin_no_cgo.txt
74+ +++ b/src/cmd/go/testdata/script/darwin_no_cgo.txt
75+ @@ -4,6 +4,8 @@
76+ # of cmd/go, which imports approximately everything
77+ # in std (certainly everything relevant).
78+ [!GOOS:darwin] skip
79+ + [GOEXPERIMENT:darwincrypto] skip
80+ + [GOEXPERIMENT:systemcrypto] skip
81+ go list -deps cmd/go
82+ ! stdout runtime/cgo
83+
3284diff --git a/src/crypto/ecdsa/ecdsa.go b/src/crypto/ecdsa/ecdsa.go
33- index 41ac17df22d7d7..84a7ba02c88620 100644
85+ index 049da55bd70f2c..cd075f0efbc744 100644
3486--- a/src/crypto/ecdsa/ecdsa.go
3587+++ b/src/crypto/ecdsa/ecdsa.go
36- @@ -159 ,7 +159 ,7 @@ func (priv *PrivateKey) Sign(rand io.Reader, digest []byte, opts crypto.SignerOp
88+ @@ -161 ,7 +161 ,7 @@ func (priv *PrivateKey) Sign(rand io.Reader, digest []byte, opts crypto.SignerOp
3789 func GenerateKey(c elliptic.Curve, rand io.Reader) (*PrivateKey, error) {
3890 randutil.MaybeReadByte(rand)
3991
@@ -42,7 +94,7 @@ index 41ac17df22d7d7..84a7ba02c88620 100644
4294 x, y, d, err := boring.GenerateKeyECDSA(c.Params().Name)
4395 if err != nil {
4496 return nil, err
45- @@ -208 ,7 +208 ,7 @@ var errNoAsm = errors.New("no assembly implementation available")
97+ @@ -210 ,7 +210 ,7 @@ var errNoAsm = errors.New("no assembly implementation available")
4698 func SignASN1(rand io.Reader, priv *PrivateKey, hash []byte) ([]byte, error) {
4799 randutil.MaybeReadByte(rand)
48100
@@ -51,7 +103,7 @@ index 41ac17df22d7d7..84a7ba02c88620 100644
51103 b, err := boringPrivateKey(priv)
52104 if err != nil {
53105 return nil, err
54- @@ -319 ,7 +319 ,7 @@ func addASN1IntBytes(b *cryptobyte.Builder, bytes []byte) {
106+ @@ -321 ,7 +321 ,7 @@ func addASN1IntBytes(b *cryptobyte.Builder, bytes []byte) {
55107 // The inputs are not considered confidential, and may leak through timing side
56108 // channels, or if an attacker has control of part of the inputs.
57109 func VerifyASN1(pub *PublicKey, hash, sig []byte) bool {
@@ -688,7 +740,7 @@ index 7d7115cff81cea..d3ba67fe4d0611 100644
688740 }
689741 default:
690742diff --git a/src/go.mod b/src/go.mod
691- index 897c3802237b4e..0119f5ce8fe623 100644
743+ index 96bdcd421e1129..f6d6bee65d0cd5 100644
692744--- a/src/go.mod
693745+++ b/src/go.mod
694746@@ -4,6 +4,7 @@ go 1.24
@@ -700,7 +752,7 @@ index 897c3802237b4e..0119f5ce8fe623 100644
700752 golang.org/x/crypto v0.30.0
701753 golang.org/x/net v0.32.1-0.20241206180132-552d8ac903a1
702754diff --git a/src/go.sum b/src/go.sum
703- index 7cece574a42291..6050c2fe0c5081 100644
755+ index abebb59dcd7739..61b84a86e0e66c 100644
704756--- a/src/go.sum
705757+++ b/src/go.sum
706758@@ -1,5 +1,7 @@
@@ -712,7 +764,7 @@ index 7cece574a42291..6050c2fe0c5081 100644
712764 github.com/microsoft/go-crypto-winnative v0.0.0-20250108090702-b49854c00e37/go.mod h1:JkxQeL8dGcyCuKjn1Etz4NmQrOMImMy4BA9hptEfVFA=
713765 golang.org/x/crypto v0.30.0 h1:RwoQn3GkWiMkzlX562cLB7OxWvjH1L8xutO2WoJcRoY=
714766diff --git a/src/go/build/deps_test.go b/src/go/build/deps_test.go
715- index 1fcadbf6c19d79..b0da426bf18177 100644
767+ index 997244c84e57c5..4b0585fe1bea25 100644
716768--- a/src/go/build/deps_test.go
717769+++ b/src/go/build/deps_test.go
718770@@ -519,6 +519,8 @@ var depsRules = `
@@ -795,3 +847,27 @@ index c6f64c18bdd13f..e6c9b7d5e62dc0 100644
795847
796848 // SystemCrypto enables the OpenSSL, CNG or Darwin crypto experiment depending on
797849 // which one is appropriate on the target GOOS.
850+ diff --git a/src/runtime/pprof/vminfo_darwin_test.go b/src/runtime/pprof/vminfo_darwin_test.go
851+ index 6d375c5d53368a..39154b000ddc67 100644
852+ --- a/src/runtime/pprof/vminfo_darwin_test.go
853+ +++ b/src/runtime/pprof/vminfo_darwin_test.go
854+ @@ -11,6 +11,7 @@ import (
855+ "bytes"
856+ "fmt"
857+ "internal/abi"
858+ + "internal/goexperiment"
859+ "internal/testenv"
860+ "os"
861+ "os/exec"
862+ @@ -21,6 +22,11 @@ import (
863+ )
864+
865+ func TestVMInfo(t *testing.T) {
866+ + if goexperiment.DarwinCrypto {
867+ + // Fails on macOS when using system crypto.
868+ + // https://github.com/microsoft/go/issues/1466
869+ + t.Skip("skipping on Darwin")
870+ + }
871+ var begin, end, offset uint64
872+ var filename string
873+ first := true
0 commit comments