FIPS 140-3 testing requires testing the module both with and without
platform hardware acceleration.
Change-Id: I6a6a4656faad883062d64bc8e2363d4c59bd8cce
Reviewed-on: https://go-review.googlesource.com/c/go/+/648817
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
Reviewed-by: Ian Lance Taylor <iant@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
"crypto/internal/fips140/subtle"
"crypto/internal/fips140/tls12"
"crypto/internal/fips140/tls13"
+ "crypto/internal/impl"
"crypto/rand"
_ "embed"
"encoding/binary"
"testing"
)
+var noPAAPAI = os.Getenv("GONOPAAPAI") == "1"
+
func TestMain(m *testing.M) {
+ if noPAAPAI {
+ for _, p := range impl.Packages() {
+ impl.Select(p, "")
+ }
+ }
if os.Getenv("ACVP_WRAPPER") == "1" {
wrapperMain()
} else {
t.Logf("Module name: %s", fips140.Name())
t.Logf("Module version: %s", fips140.Version())
+ if noPAAPAI {
+ t.Log("PAA/PAI disabled")
+ } else {
+ t.Log("PAA/PAI enabled")
+ }
+
if check.Verified {
t.Log("FIPS 140-3 integrity self-check succeeded")
} else {
})
}
+// Packages returns the list of all packages for which alternative
+// implementations are registered.
+func Packages() []string {
+ var pkgs []string
+ seen := make(map[string]bool)
+ for _, i := range allImplementations {
+ if !seen[i.Package] {
+ pkgs = append(pkgs, i.Package)
+ seen[i.Package] = true
+ }
+ }
+ return pkgs
+}
+
// List returns the names of all alternative implementations registered for the
// given package, whether available or not. The implicit base implementation is
// not included.