rpms/golang
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Update to Go 1.18.4

Browse Source 
Resolves: rhbz#2109180
Deprecates keys smaller than 2048 bits in TestDecryptOAEP in boring mode
This commit is contained in:
Alejandro Sáez 2022-08-10 16:49:25 +02:00
parent 0176a371f8
commit 35eb386c3a
2 changed files with 21 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
golang.spec
View File

@ -101,7 +101,7 @@
Name: golang Name: golang
Version: %{go_version} Version: %{go_version}
Release: 1%{?dist} Release: 2%{?dist}
Summary: The Go Programming Language Summary: The Go Programming Language
# source tree includes several copies of Mark.Twain-Tom.Sawyer.txt under Public Domain # source tree includes several copies of Mark.Twain-Tom.Sawyer.txt under Public Domain
License: BSD and Public Domain License: BSD and Public Domain
@ -436,18 +436,17 @@ export GO_TEST_RUN=""
./run.bash --no-rebuild -v -v -v -k $GO_TEST_RUN ./run.bash --no-rebuild -v -v -v -k $GO_TEST_RUN
#export OPENSSL_FORCE_FIPS_MODE=1 export OPENSSL_FORCE_FIPS_MODE=1
# Run tests with FIPS enabled. # Run tests with FIPS enabled.
GOLANG_FIPS=1
pushd crypto pushd crypto
# Run all crypto tests but skip TLS, we will run FIPS specific TLS tests later # Run all crypto tests but skip TLS, we will run FIPS specific TLS tests later
go test $(go list ./... | grep -v tls) -v GOLANG_FIPS=1 go test $(go list ./... | grep -v tls) -v
# Check that signature functions have parity between boring and notboring # Check that signature functions have parity between boring and notboring
CGO_ENABLED=0 go test $(go list ./... | grep -v tls) -v CGO_ENABLED=0 go test $(go list ./... | grep -v tls) -v
popd popd
# Run all FIPS specific TLS tests # Run all FIPS specific TLS tests
pushd crypto/tls pushd crypto/tls
go test -v -run "Boring" GOLANG_FIPS=1 go test -v -run "Boring"
popd popd
%else %else
./run.bash --no-rebuild -v -v -v -k || : ./run.bash --no-rebuild -v -v -v -k || :
@ -510,6 +509,11 @@ cd ..
%endif %endif
%changelog %changelog
* Wed Aug 10 2022 Alejandro Sáez <asm@redhat.com> - 1.18.4-2
- Update to Go 1.18.4
- Resolves: rhbz#2109180
- Deprecates keys smaller than 2048 bits in TestDecryptOAEP in boring mode
* Fri Aug 05 2022 Alejandro Sáez <asm@redhat.com> - 1.18.4-1 * Fri Aug 05 2022 Alejandro Sáez <asm@redhat.com> - 1.18.4-1
- Update to Go 1.18.4 - Update to Go 1.18.4
- Resolves: rhbz#2109180 - Resolves: rhbz#2109180

12
openssl_deprecated_algorithm_tests.patch
View File

@ -110,3 +110,15 @@ index 9aa67655ab..2f4e666abb 100644
pub := &priv.PublicKey pub := &priv.PublicKey
m := big.NewInt(42) m := big.NewInt(42)
@@ -312,6 +312,11 @@ func TestDecryptOAEP(t *testing.T) {
private.PublicKey = PublicKey{N: n, E: test.e}
private.D = d
+ if boring.Enabled() && private.PublicKey.Size() < 256 {
+ t.Logf("skipping check for unsupported key less than 2048 bits")
+ continue
+ }
+ t.Logf("running check for supported key size")
for j, message := range test.msgs {
out, err := DecryptOAEP(sha1, nil, private, message.out, nil)
if err != nil {