Implement crypto/pbkdf2 with the OpenSSL/CNG backends

patches/0002-Add-crypto-backend-foundation.patch

@@ -33,12 +33,13 @@ Subject: [PATCH] Add crypto backend foundation
  .../internal/backend/fips140/isrequirefips.go |   9 +
  .../internal/backend/fips140/norequirefips.go |   9 +
  .../backend/fips140/nosystemcrypto.go         |  11 +
- src/crypto/internal/backend/nobackend.go      | 223 ++++++++++++++++++
+ src/crypto/internal/backend/nobackend.go      | 229 ++++++++++++++++++
  src/crypto/internal/backend/stub.s            |  10 +
  src/crypto/internal/cryptotest/allocations.go |   2 +-
  .../internal/cryptotest/implementations.go    |   2 +-
  src/crypto/md5/md5.go                         |   7 +
  src/crypto/md5/md5_test.go                    |  14 ++
+ src/crypto/pbkdf2/pbkdf2.go                   |   4 +
  src/crypto/pbkdf2/pbkdf2_test.go              |   2 +-
  src/crypto/purego_test.go                     |   2 +-
  src/crypto/rand/rand.go                       |   2 +-
@@ -73,7 +74,7 @@ Subject: [PATCH] Add crypto backend foundation
  src/hash/notboring_test.go                    |   9 +
  src/net/smtp/smtp_test.go                     |  72 ++++--
  src/runtime/runtime_boring.go                 |   5 +
- 69 files changed, 1135 insertions(+), 80 deletions(-)
+ 70 files changed, 1145 insertions(+), 80 deletions(-)
  create mode 100644 src/crypto/dsa/boring.go
  create mode 100644 src/crypto/dsa/notboring.go
  create mode 100644 src/crypto/ed25519/boring.go
@@ -1099,10 +1100,10 @@ index 00000000000000..83691d7dd42d51
 +}
 diff --git a/src/crypto/internal/backend/nobackend.go b/src/crypto/internal/backend/nobackend.go
 new file mode 100644
-index 00000000000000..ffa8d38e5d490f
+index 00000000000000..71e0ec9dc25a02
 --- /dev/null
 +++ b/src/crypto/internal/backend/nobackend.go
-@@ -0,0 +1,223 @@
+@@ -0,0 +1,229 @@
 +// Copyright 2017 The Go Authors. All rights reserved.
 +// Use of this source code is governed by a BSD-style
 +// license that can be found in the LICENSE file.
@@ -1235,6 +1236,12 @@ index 00000000000000..ffa8d38e5d490f
 +	panic("cryptobackend: not available")
 +}
 +
++func SupportsPBKDF2() bool { panic("cryptobackend: not available") }
++
++func PBKDF2(password, salt []byte, iter, keyLen int, fh func() hash.Hash) ([]byte, error) {
++	panic("cryptobackend: not available")
++}
++
 +func SupportsTLS1PRF() bool { panic("cryptobackend: not available") }
 +
 +func TLS1PRF(result, secret, label, seed []byte, h func() hash.Hash) error {
@@ -1446,6 +1453,27 @@ index 437d9b9d4c0e0d..5bc3e7b0f8435f 100644
  	for i, test := range largeUnmarshalTests {
 
  		h := New()
+diff --git a/src/crypto/pbkdf2/pbkdf2.go b/src/crypto/pbkdf2/pbkdf2.go
+index 0fdd9e822d40a5..bc8e560487a6ef 100644
+--- a/src/crypto/pbkdf2/pbkdf2.go
++++ b/src/crypto/pbkdf2/pbkdf2.go
+@@ -19,6 +19,7 @@ pbkdf2.Key.
+ package pbkdf2
+
+ import (
++	boring "crypto/internal/backend"
+ 	"crypto/internal/fips140/pbkdf2"
+ 	"crypto/internal/fips140only"
+ 	"errors"
+@@ -53,5 +54,8 @@ func Key[Hash hash.Hash](h func() Hash, password string, salt []byte, iter, keyL
+ 			return nil, errors.New("crypto/pbkdf2: use of hash functions other than SHA-2 or SHA-3 is not allowed in FIPS 140-only mode")
+ 		}
+ 	}
++	if boring.Enabled && boring.SupportsPBKDF2() {
++		return boring.PBKDF2([]byte(password), salt, iter, keyLength, func() hash.Hash { return h() })
++	}
+ 	return pbkdf2.Key(h, password, salt, iter, keyLength)
+ }
 diff --git a/src/crypto/pbkdf2/pbkdf2_test.go b/src/crypto/pbkdf2/pbkdf2_test.go
 index 03980c7e54d3be..4968a666fad4e5 100644
 --- a/src/crypto/pbkdf2/pbkdf2_test.go

patches/0003-Add-BoringSSL-crypto-backend.patch

@@ -5,9 +5,9 @@ Subject: [PATCH] Add BoringSSL crypto backend
 
 ---
  .../internal/backend/bbig/big_boring.go       |  12 +
- src/crypto/internal/backend/boring_linux.go   | 257 ++++++++++++++++++
+ src/crypto/internal/backend/boring_linux.go   | 263 ++++++++++++++++++
  src/crypto/internal/backend/fips140/boring.go |  11 +
- 3 files changed, 281 insertions(+)
+ 3 files changed, 286 insertions(+)
  create mode 100644 src/crypto/internal/backend/bbig/big_boring.go
  create mode 100644 src/crypto/internal/backend/boring_linux.go
  create mode 100644 src/crypto/internal/backend/fips140/boring.go
@@ -32,10 +32,10 @@ index 00000000000000..0b62cef68546d0
 +var Dec = bbig.Dec
 diff --git a/src/crypto/internal/backend/boring_linux.go b/src/crypto/internal/backend/boring_linux.go
 new file mode 100644
-index 00000000000000..31e57a8dffd4c3
+index 00000000000000..b1bd6d5ba756d7
 --- /dev/null
 +++ b/src/crypto/internal/backend/boring_linux.go
-@@ -0,0 +1,257 @@
+@@ -0,0 +1,263 @@
 +// Copyright 2017 The Go Authors. All rights reserved.
 +// Use of this source code is governed by a BSD-style
 +// license that can be found in the LICENSE file.
@@ -196,6 +196,12 @@ index 00000000000000..31e57a8dffd4c3
 +	panic("cryptobackend: not available")
 +}
 +
++func SupportsPBKDF2() bool { return false }
++
++func PBKDF2(password, salt []byte, iter, keyLen int, fh func() hash.Hash) ([]byte, error) {
++	panic("cryptobackend: not available")
++}
++
 +func SupportsTLS1PRF() bool { return false }
 +
 +func TLS1PRF(result, secret, label, seed []byte, h func() hash.Hash) error {

patches/0004-Add-OpenSSL-crypto-backend.patch

@@ -9,7 +9,7 @@ Subject: [PATCH] Add OpenSSL crypto backend
  src/cmd/link/internal/ld/lib.go               |   1 +
  .../internal/backend/bbig/big_openssl.go      |  12 +
  .../internal/backend/fips140/openssl.go       |  41 +++
- src/crypto/internal/backend/openssl_linux.go  | 323 ++++++++++++++++++
+ src/crypto/internal/backend/openssl_linux.go  | 331 ++++++++++++++++++
  src/crypto/rsa/rsa_test.go                    |   3 +
  src/go.mod                                    |   1 +
  src/go.sum                                    |   2 +
@@ -19,7 +19,7 @@ Subject: [PATCH] Add OpenSSL crypto backend
  .../goexperiment/exp_opensslcrypto_on.go      |   9 +
  src/internal/goexperiment/flags.go            |   1 +
  src/os/exec/exec_test.go                      |   9 +
- 15 files changed, 428 insertions(+), 5 deletions(-)
+ 15 files changed, 436 insertions(+), 5 deletions(-)
  create mode 100644 src/crypto/internal/backend/bbig/big_openssl.go
  create mode 100644 src/crypto/internal/backend/fips140/openssl.go
  create mode 100644 src/crypto/internal/backend/openssl_linux.go
@@ -142,10 +142,10 @@ index 00000000000000..118efa3a492a7d
 +}
 diff --git a/src/crypto/internal/backend/openssl_linux.go b/src/crypto/internal/backend/openssl_linux.go
 new file mode 100644
-index 00000000000000..06329e4faef026
+index 00000000000000..2dea051fa44ed0
 --- /dev/null
 +++ b/src/crypto/internal/backend/openssl_linux.go
-@@ -0,0 +1,323 @@
+@@ -0,0 +1,331 @@
 +// Copyright 2017 The Go Authors. All rights reserved.
 +// Use of this source code is governed by a BSD-style
 +// license that can be found in the LICENSE file.
@@ -362,6 +362,14 @@ index 00000000000000..06329e4faef026
 +	return openssl.ExtractHKDF(h, secret, salt)
 +}
 +
++func SupportsPBKDF2() bool {
++	return openssl.SupportsPBKDF2()
++}
++
++func PBKDF2(pass, salt []byte, iter, keyLen int, h func() hash.Hash) []byte {
++	return openssl.PBKDF2(pass, salt, iter, keyLen, h)
++}
++
 +func SupportsTLS1PRF() bool {
 +	return openssl.SupportsTLS1PRF()
 +}
@@ -506,7 +514,7 @@ index 9e661352f16e0b..0a58eccb57a869 100644
  golang.org/x/crypto v0.30.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
  golang.org/x/net v0.32.1-0.20241206180132-552d8ac903a1 h1:+Yk1FZ5E+/ewA0nOO/HRYs9E4yeqpGOShuSAdzCNNoQ=
 diff --git a/src/go/build/deps_test.go b/src/go/build/deps_test.go
-index afbdd6770f3f79..2694c2ec84d091 100644
+index 58082b3636f209..37cb128ba9409a 100644
 --- a/src/go/build/deps_test.go
 +++ b/src/go/build/deps_test.go
 @@ -516,8 +516,10 @@ var depsRules = `

patches/0005-Add-CNG-crypto-backend.patch

@@ -7,7 +7,7 @@ Subject: [PATCH] Add CNG crypto backend
  src/crypto/ecdsa/badlinkname.go               |  17 +
  src/crypto/internal/backend/backend_test.go   |   4 +-
  src/crypto/internal/backend/bbig/big_cng.go   |  12 +
- src/crypto/internal/backend/cng_windows.go    | 310 ++++++++++++++++++
+ src/crypto/internal/backend/cng_windows.go    | 316 ++++++++++++++++++
  src/crypto/internal/backend/common.go         |   9 +-
  src/crypto/internal/backend/fips140/cng.go    |  33 ++
  src/crypto/rsa/pss_test.go                    |   2 +-
@@ -18,7 +18,7 @@ Subject: [PATCH] Add CNG crypto backend
  .../goexperiment/exp_cngcrypto_off.go         |   9 +
  src/internal/goexperiment/exp_cngcrypto_on.go |   9 +
  src/internal/goexperiment/flags.go            |   1 +
- 14 files changed, 410 insertions(+), 5 deletions(-)
+ 14 files changed, 416 insertions(+), 5 deletions(-)
  create mode 100644 src/crypto/ecdsa/badlinkname.go
  create mode 100644 src/crypto/internal/backend/bbig/big_cng.go
  create mode 100644 src/crypto/internal/backend/cng_windows.go
@@ -84,10 +84,10 @@ index 00000000000000..92623031fd87d0
 +var Dec = bbig.Dec
 diff --git a/src/crypto/internal/backend/cng_windows.go b/src/crypto/internal/backend/cng_windows.go
 new file mode 100644
-index 00000000000000..2d7a18eaec2e23
+index 00000000000000..c37247c8a2c7c6
 --- /dev/null
 +++ b/src/crypto/internal/backend/cng_windows.go
-@@ -0,0 +1,310 @@
+@@ -0,0 +1,316 @@
 +// Copyright 2017 The Go Authors. All rights reserved.
 +// Use of this source code is governed by a BSD-style
 +// license that can be found in the LICENSE file.
@@ -295,6 +295,12 @@ index 00000000000000..2d7a18eaec2e23
 +	return cng.ExtractHKDF(h, secret, salt)
 +}
 +
++func SupportsPBKDF2() bool { return true }
++
++func PBKDF2(password, salt []byte, iter, keyLen int, h func() hash.Hash) ([]byte, error) {
++	return cng.PBKDF2(password, salt, iter, keyLen, h)
++}
++
 +func SupportsTLS1PRF() bool {
 +	return true
 +}