crypto/rsa: skip TestKeyGenerationVectors on older FIPS 140-3 modules

Change-Id: I200a0df9c327a9876046f3fad99ac57b6a6a6964 Reviewed-on: https://go-review.googlesource.com/c/go/+/779900 Auto-Submit: Filippo Valsorda <filippo@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org> LUCI-TryBot-Result: golang-scoped@luci-project-accounts.iam.gserviceaccount.com <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
2026-06-27 03:11:23 +00:00 · 2026-05-19 18:14:04 +02:00 · 2026-05-19 18:14:04 +02:00 · 99623c5a17
commit 99623c5a17
parent f142be8f2f
2 changed files with 21 additions and 12 deletions
--- a/src/crypto/internal/cryptotest/fips140.go
+++ b/src/crypto/internal/cryptotest/fips140.go
@ -13,38 +13,38 @@ import (
 	"testing"
 )

-func MustSupportFIPS140(t *testing.T) {
-	t.Helper()
+func MustSupportFIPS140(tb testing.TB) {
+	tb.Helper()
 	if err := fips140.Supported(); err != nil {
-		t.Skipf("test requires FIPS 140 mode: %v", err)
+		tb.Skipf("test requires FIPS 140 mode: %v", err)
 	}
 }

 // MustMinimumFIPS140ModuleVersion skips the test if compiled against a lower
 // minor version of the FIPS 140-3 module than min (such as "v1.26.0").
-func MustMinimumFIPS140ModuleVersion(t *testing.T, min string) {
-	t.Helper()
+func MustMinimumFIPS140ModuleVersion(tb testing.TB, min string) {
+	tb.Helper()
 	if fips140.Version() == "latest" {
 		return
 	}
-	if parseFIPS140MinorVersion(t, fips140.Version()) < parseFIPS140MinorVersion(t, min) {
-		t.Skipf("test requires FIPS 140-3 module %s or later", min)
+	if parseFIPS140MinorVersion(tb, fips140.Version()) < parseFIPS140MinorVersion(tb, min) {
+		tb.Skipf("test requires FIPS 140-3 module %s or later", min)
 	}
 }

-func parseFIPS140MinorVersion(t *testing.T, version string) int {
-	t.Helper()
+func parseFIPS140MinorVersion(tb testing.TB, version string) int {
+	tb.Helper()
 	v, ok := strings.CutPrefix(version, "v1.")
 	if !ok {
-		t.Fatalf("unexpected FIPS 140 version format: %q", version)
+		tb.Fatalf("unexpected FIPS 140 version format: %q", version)
 	}
 	v, _, ok = strings.Cut(v, ".")
 	if !ok {
-		t.Fatalf("unexpected FIPS 140 version format: %q", version)
+		tb.Fatalf("unexpected FIPS 140 version format: %q", version)
 	}
 	i, err := strconv.Atoi(v)
 	if err != nil {
-		t.Fatalf("unexpected FIPS 140 version format %q: %v", version, err)
+		tb.Fatalf("unexpected FIPS 140 version format %q: %v", version, err)
 	}
 	return i
 }
--- a/src/crypto/rsa/rsa_test.go
+++ b/src/crypto/rsa/rsa_test.go
@ -134,7 +134,13 @@ func TestTinyKeyGeneration(t *testing.T) {
 	}
 }

+// TestKeyGenerationVectors tests RSA key generation against the
+// c2sp.org/det-keygen test vectors. See the comment on
+// [crypto/internal/fips140/rsa.GenerateKey] for more details.
 func TestKeyGenerationVectors(t *testing.T) {
+	// The RSA key generation algorithm changed after Go 1.26.0, so the
+	// generated keys only match with recent FIPS 140-3 modules.
+	cryptotest.MustMinimumFIPS140ModuleVersion(t, "v1.28.0")
 	var vectors []struct {
 		Bits  int
 		Seed  []byte
@ -890,6 +896,9 @@ func BenchmarkParsePKCS8PrivateKey(b *testing.B) {
 }

 func BenchmarkGenerateKey(b *testing.B) {
+	// The RSA key generation algorithm changed after Go 1.26.0, so the testdata
+	// only accurately works with recent FIPS 140-3 modules.
+	cryptotest.MustMinimumFIPS140ModuleVersion(b, "v1.28.0")
 	b.Run("2048", func(b *testing.B) {
 		b.Setenv("GODEBUG", "cryptocustomrand=1")
 		primes, err := os.ReadFile("testdata/keygen2048.txt")