From: Filippo Valsorda <filippo@golang.org>
Date: Wed, 8 Oct 2025 11:15:27 +0000 (+0200)
Subject: crypto/internal/fips140/entropy: move to crypto/internal/entropy/v1.0.0
X-Git-Tag: go1.26rc1~557
X-Git-Url: http://www.git.cypherpunks.su/?a=commitdiff_plain;h=8539691d0c;p=gostls13.git

crypto/internal/fips140/entropy: move to crypto/internal/entropy/v1.0.0

The lab confirmed the that entropy source doesn't have to be inside the
module boundary, although changing the entropy source of a module does
require recertification.

Move the v1.0.0 entropy source out of crypto/internal/fips140, to a
versioned path that lets us keep multiple versions (which would be used
by different modules) if we wish to.

Change-Id: I6a6a69647e9dfca1c375650a0869bdc001d65173
Reviewed-on: https://go-review.googlesource.com/c/go/+/710057
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: David Chase <drchase@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
---

diff --git a/src/crypto/internal/entropy/entropy.go b/src/crypto/internal/entropy/entropy.go
index 73fd529800..6e16f19de5 100644
--- a/src/crypto/internal/entropy/entropy.go
+++ b/src/crypto/internal/entropy/entropy.go
@@ -4,8 +4,10 @@
 
 // Package entropy provides the passive entropy source for the FIPS 140-3
 // module. It is only used in FIPS mode by [crypto/internal/fips140/drbg.Read]
-// from the FIPS 140-3 Go Cryptographic Module v1.0.0. Later versions of the
-// module have an internal CPU jitter-based entropy source.
+// from the FIPS 140-3 Go Cryptographic Module v1.0.0.
+//
+// Later versions of the module use the CPU jitter-based entropy source in the
+// crypto/internal/entropy/v1.0.0 sub-package.
 //
 // This complied with IG 9.3.A, Additional Comment 12, which until January 1,
 // 2026 allows new modules to meet an [earlier version] of Resolution 2(b):
diff --git a/src/crypto/internal/fips140/entropy/entropy.go b/src/crypto/internal/entropy/v1.0.0/entropy.go
similarity index 100%
rename from src/crypto/internal/fips140/entropy/entropy.go
rename to src/crypto/internal/entropy/v1.0.0/entropy.go
diff --git a/src/crypto/internal/fips140/entropy/sha384.go b/src/crypto/internal/entropy/v1.0.0/sha384.go
similarity index 100%
rename from src/crypto/internal/fips140/entropy/sha384.go
rename to src/crypto/internal/entropy/v1.0.0/sha384.go
diff --git a/src/crypto/internal/fips140/drbg/rand.go b/src/crypto/internal/fips140/drbg/rand.go
index 3ccb018e32..cec697c7ab 100644
--- a/src/crypto/internal/fips140/drbg/rand.go
+++ b/src/crypto/internal/fips140/drbg/rand.go
@@ -9,8 +9,8 @@
 package drbg
 
 import (
+	entropy "crypto/internal/entropy/v1.0.0"
 	"crypto/internal/fips140"
-	"crypto/internal/fips140/entropy"
 	"crypto/internal/randutil"
 	"crypto/internal/sysrand"
 	"io"
diff --git a/src/crypto/internal/fips140deps/fipsdeps_test.go b/src/crypto/internal/fips140deps/fipsdeps_test.go
index 97552dc1ce..3eaae1830d 100644
--- a/src/crypto/internal/fips140deps/fipsdeps_test.go
+++ b/src/crypto/internal/fips140deps/fipsdeps_test.go
@@ -16,10 +16,11 @@ import (
 //
 // DO NOT add new packages here just to make the tests pass.
 var AllowedInternalPackages = map[string]bool{
-	// entropy.Depleted is the external passive entropy source, and sysrand.Read
+	// entropy.Depleted/Seed is the entropy source, and sysrand.Read
 	// is the actual (but uncredited!) random bytes source.
-	"crypto/internal/entropy": true,
-	"crypto/internal/sysrand": true,
+	"crypto/internal/entropy":        true,
+	"crypto/internal/entropy/v1.0.0": true,
+	"crypto/internal/sysrand":        true,
 
 	// impl.Register is how the packages expose their alternative
 	// implementations to tests outside the module.
@@ -88,8 +89,7 @@ func TestImports(t *testing.T) {
 		}
 	}
 
-	// Ensure that all packages except check, check's dependencies, and the
-	// entropy source (which is used only from .../fips140/drbg) import check.
+	// Ensure that all packages except check and check's dependencies import check.
 	for pkg := range allPackages {
 		switch pkg {
 		case "crypto/internal/fips140/check":
@@ -100,7 +100,6 @@ func TestImports(t *testing.T) {
 		case "crypto/internal/fips140/sha3":
 		case "crypto/internal/fips140/sha256":
 		case "crypto/internal/fips140/sha512":
-		case "crypto/internal/fips140/entropy":
 		default:
 			if !importCheck[pkg] {
 				t.Errorf("package %s does not import crypto/internal/fips140/check", pkg)
diff --git a/src/crypto/internal/fips140test/entropy_test.go b/src/crypto/internal/fips140test/entropy_test.go
index a33e2e7bbc..cdaa4b7d80 100644
--- a/src/crypto/internal/fips140test/entropy_test.go
+++ b/src/crypto/internal/fips140test/entropy_test.go
@@ -9,8 +9,8 @@ package fipstest
 import (
 	"bytes"
 	"crypto/internal/cryptotest"
+	entropy "crypto/internal/entropy/v1.0.0"
 	"crypto/internal/fips140/drbg"
-	"crypto/internal/fips140/entropy"
 	"crypto/rand"
 	"crypto/sha256"
 	"crypto/sha512"
@@ -217,7 +217,7 @@ func TestEntropyUnchanged(t *testing.T) {
 	testenv.MustHaveSource(t)
 
 	h := sha256.New()
-	root := os.DirFS("../fips140/entropy")
+	root := os.DirFS("../entropy/v1.0.0")
 	if err := fs.WalkDir(root, ".", func(path string, d fs.DirEntry, err error) error {
 		if err != nil {
 			return err
@@ -237,13 +237,13 @@ func TestEntropyUnchanged(t *testing.T) {
 		t.Fatalf("WalkDir: %v", err)
 	}
 
-	// The crypto/internal/fips140/entropy package is certified as a FIPS 140-3
+	// The crypto/internal/entropy/v1.0.0 package is certified as a FIPS 140-3
 	// entropy source through the Entropy Source Validation program,
 	// independently of the FIPS 140-3 module. It must not change even across
 	// FIPS 140-3 module versions, in order to reuse the ESV certificate.
 	exp := "2541273241ae8aafe55026328354ed3799df1e2fb308b2097833203a42911b53"
 	if got := hex.EncodeToString(h.Sum(nil)); got != exp {
-		t.Errorf("hash of crypto/internal/fips140/entropy = %s, want %s", got, exp)
+		t.Errorf("hash of crypto/internal/entropy/v1.0.0 = %s, want %s", got, exp)
 	}
 }
 
diff --git a/src/go/build/deps_test.go b/src/go/build/deps_test.go
index 8b14e6cb05..853605f5c2 100644
--- a/src/go/build/deps_test.go
+++ b/src/go/build/deps_test.go
@@ -490,13 +490,13 @@ var depsRules = `
 	time, internal/syscall/windows < crypto/internal/fips140deps/time;
 
 	crypto/internal/fips140deps/time, errors, math/bits, sync/atomic, unsafe
-	< crypto/internal/fips140/entropy;
+	< crypto/internal/entropy/v1.0.0;
 
 	STR, hash,
 	crypto/internal/impl,
 	crypto/internal/entropy,
 	crypto/internal/randutil,
-	crypto/internal/fips140/entropy,
+	crypto/internal/entropy/v1.0.0,
 	crypto/internal/fips140deps/byteorder,
 	crypto/internal/fips140deps/cpu,
 	crypto/internal/fips140deps/godebug