[pull] master from golang:master#41
Merged
Merged
Conversation
For unsigned x >> k where k exceeds the width of x, the result is zero, which means that using it as an index doesn't require a bounds check...but not if the length is zero. Walk mishandled this. Fix it. It's a corner case, but the fix is trivial. Change-Id: Ieb7f2d33563f09e98bb31eefb2d2c01f03064311 Reviewed-on: https://go-review.googlesource.com/c/go/+/778200 Reviewed-by: Keith Randall <khr@google.com> LUCI-TryBot-Result: golang-scoped@luci-project-accounts.iam.gserviceaccount.com <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Cuong Manh Le <cuong.manhle.vn@gmail.com> Auto-Submit: Keith Randall <khr@golang.org> Reviewed-by: David Chase <drchase@google.com>
Prefer x8-x15 and f8-f15 to enable increased use of compressed instructions on riscv64. This reduces the text size of the Go binary by 176KB, or around an additional 90,000 compressed instructions. Change-Id: I27e7c8416cbb053100b67887530ed3c8affb4c6c Reviewed-on: https://go-review.googlesource.com/c/go/+/760900 Reviewed-by: Keith Randall <khr@golang.org> Auto-Submit: Joel Sing <joel@sing.id.au> LUCI-TryBot-Result: golang-scoped@luci-project-accounts.iam.gserviceaccount.com <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Keith Randall <khr@google.com> Reviewed-by: David Chase <drchase@google.com>
Fixes #77626 Change-Id: I3f271f961872d9e33605ba7becba7ece6a6a6964 Reviewed-on: https://go-review.googlesource.com/c/go/+/776706 LUCI-TryBot-Result: golang-scoped@luci-project-accounts.iam.gserviceaccount.com <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: David Chase <drchase@google.com> Auto-Submit: Filippo Valsorda <filippo@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
This is a difficult tradeoff, but precomputing the PublicKey makes it
very large (68KB), which is a significant downside for a type that is
often used for one-off signature verification and can stay around in
memory for a long time, for example as part of a TLS connection's
PeerCertificates.
fips140: off
goos: darwin
goarch: arm64
pkg: crypto/mldsa
cpu: Apple M2
│ 2c4fe1660f │ d35f184725-dirty │
│ sec/op │ sec/op vs base │
Verify/ML-DSA-44/Whole-8 74.74µ ± 0% 68.61µ ± 0% -8.21% (p=0.000 n=20)
Verify/ML-DSA-44/Precomputed-8 36.43µ ± 1% 66.91µ ± 0% +83.65% (p=0.000 n=20)
Verify/ML-DSA-65/Whole-8 113.4µ ± 0% 107.2µ ± 0% -5.51% (p=0.000 n=20)
Verify/ML-DSA-65/Precomputed-8 51.56µ ± 0% 104.70µ ± 0% +103.05% (p=0.000 n=20)
Verify/ML-DSA-87/Whole-8 178.0µ ± 0% 171.3µ ± 0% -3.78% (p=0.000 n=20)
Verify/ML-DSA-87/Precomputed-8 76.84µ ± 0% 167.95µ ± 0% +118.58% (p=0.000 n=20)
Updates #77626
Change-Id: Ib71867fcfb710f9f2f92c3df4312e2ef6a6a6964
Reviewed-on: https://go-review.googlesource.com/c/go/+/776707
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
TryBot-Bypass: Filippo Valsorda <filippo@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
The ymovq ytab listed {Zilo_m, argList{Ys32, Yrl}} (sign-extended C7
form, 7 bytes) ahead of {Ziq_rp, argList{Yi64, Yrl}}. Since oclass
returns Ys32 for any positive int that fits in s32, every such MOVQ
to register matched the 7-byte form even though Ziq_rp already picks
the optimal 5/7/10-byte encoding based on the value.
Drop the Ys32 entry so all MOVQ immediate-to-register routes through
Ziq_rp, which emits:
- B8+rd imm32 (5 bytes) when v fits in u32 (implicit zero-ext)
- 48 C7 /0 imm32 (7 bytes) when v is negative s32 (sign-extends)
- 48 B8+rd imm64 (10 bytes) otherwise
Add amd64enc test cases covering the positive-imm32 path, including
the 0x80000000 boundary where the sign- and zero-extended forms differ.
The sigreturn__sigaction trampoline in sys_linux_amd64.s previously
relied on the 7-byte encoding of "MOVQ \$SYS_rt_sigreturn, AX" because
gdb and libgcc recognize the Linux signal trampoline by exact byte
match against glibc's __restore_rt. Hand-emit the required bytes with
BYTE directives so the shorter encoding doesn't break gdb backtraces
through signal frames (TestGdbCoreSignalBacktrace).
Verified with x86lint: "oversized MOV encoding" findings drop to zero
on gofmt (422 -> 0) and cmd/go (412 -> 0). Text section shrinks by
811 bytes (0.029%) on gofmt and 1502 bytes (0.010%) on cmd/go.
Change-Id: Ia03ec04a1f4cf7416531c9295ab4ec8c2c663467
GitHub-Last-Rev: 588bfad
GitHub-Pull-Request: #79445
Reviewed-on: https://go-review.googlesource.com/c/go/+/779060
Reviewed-by: David Chase <drchase@google.com>
Reviewed-by: Keith Randall <khr@golang.org>
Reviewed-by: Keith Randall <khr@google.com>
LUCI-TryBot-Result: golang-scoped@luci-project-accounts.iam.gserviceaccount.com <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Keith Randall <khr@golang.org>
…ration Switched the tests to a ecdsa_test package to avoid an import loop with crypto/x509. This required only duplicating encodeSignature for the RFC 6979 tests, which don't provide ASN.1 encodings. Change-Id: I260c721385c23976c1ddb8cf4149b4bf6a6a6964 Reviewed-on: https://go-review.googlesource.com/c/go/+/778322 Reviewed-by: David Chase <drchase@google.com> Auto-Submit: Filippo Valsorda <filippo@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org> LUCI-TryBot-Result: golang-scoped@luci-project-accounts.iam.gserviceaccount.com <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
To assist in porting the x/crypto Wycheproof test coverage of the standard library cryptography into the standard library this commit adds generated schema types and helper utilities for consuming Wycheproof test vectors. In x/crypto we hand-generated structures corresponding to the test vector data, but this both falls out of sync quickly and makes adding new vectors tedious. Instead, we create a sub module that can do this task automatically using the upstream project's Go module, and the atombender/go-jsonschema tool. We handle this part in a sub module to avoid new stdlib dependencies, instead vendoring the generated schema types that have no dependencies outside of the stdlib. Alongside the generated schema types we add helpers that the individual algorithm tests use to load JSON data into the schema types, and decide whether test cases should pass/fail based on the result and flags. Change-Id: I04b4d7307f11ac93deb175ec2d087004b6368af0 Reviewed-on: https://go-review.googlesource.com/c/go/+/748582 Auto-Submit: Roland Shoemaker <roland@golang.org> TryBot-Bypass: Filippo Valsorda <filippo@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org> Reviewed-by: David Chase <drchase@google.com> Reviewed-by: Filippo Valsorda <filippo@golang.org>
Renamed parseTime to readASN1Time to make it clear it consumes the cryptobyte.String, like the String methods. Fixes #75260 Change-Id: I707b70e65fb627904f997d2e7cf122f96a6a6964 Reviewed-on: https://go-review.googlesource.com/c/go/+/778681 Reviewed-by: Roland Shoemaker <roland@golang.org> LUCI-TryBot-Result: golang-scoped@luci-project-accounts.iam.gserviceaccount.com <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Auto-Submit: Filippo Valsorda <filippo@golang.org> Reviewed-by: David Chase <drchase@google.com>
This commit adapts the x/crypto module's pre-existing Wycheproof test coverage, moving the tests adjacent to the standard library packages that are under test. In general the coverage and test driver code is left relatively unchanged, with the exception of: 1. Adapting to the crypto/internal/cryptotest/wycheproof generated schemas and helpers. 2. Adapting to the current Wycheproof testvectors_v1 vector files. (e.g. in some cases the vector file that was in-use by the x/crypto tests has been split into several test files by the upstream project). 3. Using parallel sub tests for faster execution speed. 4. Adding additional input files where it was trivial (e.g. for HMAC w/ truncated SHA512 digests, SHA3). 5. Using cryptotest.TestAllImplementations where applicable to get coverage of each registered impl. Change-Id: I820bf70d774f52040b2d0f8df1bc7d8ccc7e3186 Reviewed-on: https://go-review.googlesource.com/c/go/+/748640 LUCI-TryBot-Result: golang-scoped@luci-project-accounts.iam.gserviceaccount.com <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: David Chase <drchase@google.com> Reviewed-by: Filippo Valsorda <filippo@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org> Auto-Submit: Roland Shoemaker <roland@golang.org>
Tests the public crypto/mlkem API for ML-KEM-768 and ML-KEM-1024 using
Wycheproof test vectors. Specifically,
mlkem_{768,1024}_keygen_seed_test.json,
mlkem_{768,1024}_encaps_test.json, and mlkem_{768,1024}_test.json)
Change-Id: I00eb8e61d4f6aab1b75626d53592d5061686797f
Reviewed-on: https://go-review.googlesource.com/c/go/+/758860
Auto-Submit: Roland Shoemaker <roland@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
LUCI-TryBot-Result: golang-scoped@luci-project-accounts.iam.gserviceaccount.com <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: David Chase <drchase@google.com>
Fixes #74326 Change-Id: I103e4ac0421124e11cb89b44bf6f1a686a6a6964 Reviewed-on: https://go-review.googlesource.com/c/go/+/776500 LUCI-TryBot-Result: golang-scoped@luci-project-accounts.iam.gserviceaccount.com <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Auto-Submit: Filippo Valsorda <filippo@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org> Reviewed-by: David Chase <drchase@google.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot] (v2.0.0-alpha.4)
Can you help keep this open source service alive? 💖 Please sponsor : )