commit | 9e9c7a0aec0f821b54006681d4fdfba8a0cd6679 | [log] [tgz] |
---|---|---|
author | Russ Cox <rsc@golang.org> | Wed Apr 27 09:02:53 2022 -0400 |
committer | Russ Cox <rsc@golang.org> | Fri Apr 29 14:23:28 2022 +0000 |
tree | c8c1442c614906bb1989389b854230c57260e494 | |
parent | 0ec08283c8e3a673d9916c186f8d2f5428846862 [diff] |
[dev.boringcrypto] crypto/..., go/build: align deps test with standard rules One annoying difference between dev.boringcrypto and master is that there is not a clear separation between low-level (math/big-free) crypto and high-level crypto, because crypto/internal/boring imports both encoding/asn1 and math/big. This CL removes both those problematic imports and aligns the dependency rules in the go/build test with the ones in the main branch. To remove encoding/asn1, the crypto/internal/boring APIs change to accepting and returning encoded ASN.1, leaving crypto/ecdsa to do the marshaling and unmarshaling, which it already contains code to do. To remove math/big, the crypto/internal/boring package defines type BigInt []uint, which is the same representation as a big.Int's internal storage. The new package crypto/internal/boring/bbig provides conversions between BigInt and *big.Int. The boring package can then be in the low-level crypto set, and any package needing to use bignum APIs (necessarily in the high-level crypto set) can import bbig to convert. To simplify everything we hide from the test the fact that crypto/internal/boring imports cgo. Better to pretend it doesn't and keep the prohibitions that other packages like crypto/aes must not use cgo (outside of BoringCrypto). $ git diff origin/master src/go/build/deps_test.go diff --git a/src/go/build/deps_test.go b/src/go/build/deps_test.go index 6ce872e297..a63979cc93 100644 --- a/src/go/build/deps_test.go +++ b/src/go/build/deps_test.go @@ -402,9 +402,13 @@ var depsRules = ` NET, log < net/mail; + NONE < crypto/internal/boring/sig; + sync/atomic < crypto/internal/boring/fipstls; + crypto/internal/boring/sig, crypto/internal/boring/fipstls < crypto/tls/fipsonly; + # CRYPTO is core crypto algorithms - no cgo, fmt, net. # Unfortunately, stuck with reflect via encoding/binary. - encoding/binary, golang.org/x/sys/cpu, hash + crypto/internal/boring/sig, encoding/binary, golang.org/x/sys/cpu, hash < crypto < crypto/subtle < crypto/internal/subtle @@ -413,6 +417,8 @@ var depsRules = ` < crypto/ed25519/internal/edwards25519/field, golang.org/x/crypto/curve25519/internal/field < crypto/ed25519/internal/edwards25519 < crypto/cipher + < crypto/internal/boring + < crypto/boring < crypto/aes, crypto/des, crypto/hmac, crypto/md5, crypto/rc4, crypto/sha1, crypto/sha256, crypto/sha512 < CRYPTO; @@ -421,6 +427,7 @@ var depsRules = ` # CRYPTO-MATH is core bignum-based crypto - no cgo, net; fmt now ok. CRYPTO, FMT, math/big, embed + < crypto/internal/boring/bbig < crypto/rand < crypto/internal/randutil < crypto/ed25519 @@ -443,7 +450,8 @@ var depsRules = ` < golang.org/x/crypto/hkdf < crypto/x509/internal/macos < crypto/x509/pkix - < crypto/x509 + < crypto/x509; + crypto/internal/boring/fipstls, crypto/x509 < crypto/tls; # crypto-aware packages @@ -653,6 +661,9 @@ func findImports(pkg string) ([]string, error) { } var imports []string var haveImport = map[string]bool{} + if pkg == "crypto/internal/boring" { + haveImport["C"] = true // kludge: prevent C from appearing in crypto/internal/boring imports + } fset := token.NewFileSet() for _, file := range files { name := file.Name() For #51940. Change-Id: I26fc752484310d77d22adb06495120a361568d04 Reviewed-on: https://go-review.googlesource.com/c/go/+/395877 TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org> Run-TryBot: Russ Cox <rsc@golang.org>
Go is an open source programming language that makes it easy to build simple, reliable, and efficient software.
Gopher image by Renee French, licensed under Creative Commons 3.0 Attributions license.
Our canonical Git repository is located at https://go.googlesource.com/go. There is a mirror of the repository at https://github.com/golang/go.
Unless otherwise noted, the Go source files are distributed under the BSD-style license found in the LICENSE file.
Official binary distributions are available at https://go.dev/dl/.
After downloading a binary release, visit https://go.dev/doc/install for installation instructions.
If a binary distribution is not available for your combination of operating system and architecture, visit https://go.dev/doc/install/source for source installation instructions.
Go is the work of thousands of contributors. We appreciate your help!
To contribute, please read the contribution guidelines at https://go.dev/doc/contribute.
Note that the Go project uses the issue tracker for bug reports and proposals only. See https://go.dev/wiki/Questions for a list of places to ask questions about the Go language.