cmd/go,crypto/internal/fips140: prevent using FIPS 140-3 mode with purego tag

Change-Id: I6a6a696414f8d5d9dc77c65b0ac9edfc982c2798 Reviewed-on: https://go-review.googlesource.com/c/go/+/703095 Auto-Submit: Filippo Valsorda <filippo@golang.org> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Mark Freeman <markfreeman@google.com> Reviewed-by: Daniel McCarney <daniel@binaryparadox.net> Reviewed-by: Michael Knyszek <mknyszek@google.com>
2025-12-08 06:10:04 +00:00 · 2025-09-12 00:19:55 +02:00 · 2025-09-12 00:19:55 +02:00 · 8105d0ccc2
commit 8105d0ccc2
parent 7f70ca8726
5 changed files with 30 additions and 0 deletions
--- a/src/cmd/dist/test.go
+++ b/src/cmd/dist/test.go
@ -1823,6 +1823,8 @@ func isEnvSet(evar string) bool {
 func (t *tester) fipsSupported() bool {
 	// Keep this in sync with [crypto/internal/fips140.Supported].

+	// We don't test with the purego tag, so no need to check it.
+
 	// Use GOFIPS140 or GOEXPERIMENT=boringcrypto, but not both.
 	if strings.Contains(goexperiment, "boringcrypto") {
 		return false
--- a/src/cmd/go/internal/fips140/fips140.go
+++ b/src/cmd/go/internal/fips140/fips140.go
@ -94,6 +94,7 @@ import (
 	"os"
 	"path"
 	"path/filepath"
+	"slices"
 	"strings"

 	"golang.org/x/mod/module"
@ -121,6 +122,9 @@ func Init() {
 	if cfg.ExperimentErr == nil && cfg.Experiment.BoringCrypto && Enabled() {
 		base.Fatalf("go: cannot use GOFIPS140 with GOEXPERIMENT=boringcrypto")
 	}
+	if slices.Contains(cfg.BuildContext.BuildTags, "purego") && Enabled() {
+		base.Fatalf("go: cannot use GOFIPS140 with the purego build tag")
+	}
 }

 var initDone bool
--- a/src/crypto/internal/fips140/fips140.go
+++ b/src/crypto/internal/fips140/fips140.go
@ -33,6 +33,12 @@ func init() {
 func Supported() error {
 	// Keep this in sync with fipsSupported in cmd/dist/test.go.

+	// The purego tag changes too much of the implementation to claim the
+	// validation still applies.
+	if puregoEnabled {
+		return errors.New("FIPS 140-3 mode is incompatible with the purego build tag")
+	}
+
 	// ASAN disapproves of reading swaths of global memory in fips140/check.
 	// One option would be to expose runtime.asanunpoison through
 	// crypto/internal/fips140deps and then call it to unpoison the range
--- a/src/crypto/internal/fips140/notpurego.go
+++ b/src/crypto/internal/fips140/notpurego.go
@ -0,0 +1,9 @@
+// Copyright 2025 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !purego
+
+package fips140
+
+const puregoEnabled = false
--- a/src/crypto/internal/fips140/purego.go
+++ b/src/crypto/internal/fips140/purego.go
@ -0,0 +1,9 @@
+// Copyright 2025 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build purego
+
+package fips140
+
+const puregoEnabled = true