Stowage/go
2
0
Fork 0
mirror of https://github.com/golang/go.git synced 2025-12-08 06:10:04 +00:00
Code Issues Projects Releases Packages Wiki Activity

crypto/internal/cryptotest: add MustSupportFIPS140

Browse source 
Change-Id: Iccb3ffdb7c1e15f8f0d889fdc4a27e62870cd58e
Reviewed-on: https://go-review.googlesource.com/c/go/+/702776
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
Reviewed-by: Mark Freeman <markfreeman@google.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Michael Knyszek <mknyszek@google.com>
This commit is contained in:
Filippo Valsorda 2025-09-04 22:19:18 -04:00 committed by Gopher Robot
parent 9e71d8a9f7
commit 7f70ca8726
2 changed files with 21 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

17
src/crypto/internal/cryptotest/fips140.go Normal file
View file

@ -0,0 +1,17 @@
// Copyright 2025 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package cryptotest
import (
"crypto/internal/fips140"
"testing"
)
func MustSupportFIPS140(t *testing.T) {
t.Helper()
if err := fips140.Supported(); err != nil {
t.Skipf("test requires FIPS 140 mode: %v", err)
}
}

14
src/crypto/internal/fips140test/check_test.go
View file

@ -6,7 +6,7 @@ package fipstest
import ( import (
"bytes" "bytes"
"crypto/internal/fips140" "crypto/internal/cryptotest"
. "crypto/internal/fips140/check" . "crypto/internal/fips140/check"
"crypto/internal/fips140/check/checktest" "crypto/internal/fips140/check/checktest"
"fmt" "fmt"
@ -31,9 +31,7 @@ func TestIntegrityCheck(t *testing.T) {
t.Fatalf("GODEBUG=fips140=on but verification did not run") t.Fatalf("GODEBUG=fips140=on but verification did not run")
} }
if err := fips140.Supported(); err != nil { cryptotest.MustSupportFIPS140(t)
t.Skipf("skipping: %v", err)
}
cmd := testenv.Command(t, testenv.Executable(t), "-test.v", "-test.run=^TestIntegrityCheck$") cmd := testenv.Command(t, testenv.Executable(t), "-test.v", "-test.run=^TestIntegrityCheck$")
cmd.Env = append(cmd.Environ(), "GODEBUG=fips140=on") cmd.Env = append(cmd.Environ(), "GODEBUG=fips140=on")
@ -47,9 +45,7 @@ func TestIntegrityCheck(t *testing.T) {
func TestIntegrityCheckFailure(t *testing.T) { func TestIntegrityCheckFailure(t *testing.T) {
moduleStatus(t) moduleStatus(t)
testenv.MustHaveExec(t) testenv.MustHaveExec(t)
if err := fips140.Supported(); err != nil { cryptotest.MustSupportFIPS140(t)
t.Skipf("skipping: %v", err)
}
bin, err := os.ReadFile(os.Args[0]) bin, err := os.ReadFile(os.Args[0])
if err != nil { if err != nil {
@ -90,9 +86,7 @@ func TestIntegrityCheckFailure(t *testing.T) {
} }
func TestIntegrityCheckInfo(t *testing.T) { func TestIntegrityCheckInfo(t *testing.T) {
if err := fips140.Supported(); err != nil { cryptotest.MustSupportFIPS140(t)
t.Skipf("skipping: %v", err)
}
// Check that the checktest symbols are initialized properly. // Check that the checktest symbols are initialized properly.
if checktest.NOPTRDATA != 1 { if checktest.NOPTRDATA != 1 {