Implement support for crypto/md5 using OpenSSL/CNG

patches/0002-Add-crypto-backend-foundation.patch

@@ -20,9 +20,11 @@ Subject: [PATCH] Add crypto backend foundation
  src/crypto/internal/backend/bbig/big.go      |  17 +++
  src/crypto/internal/backend/common.go        |  78 ++++++++++
  src/crypto/internal/backend/isrequirefips.go |   9 ++
- src/crypto/internal/backend/nobackend.go     | 143 +++++++++++++++++++
+ src/crypto/internal/backend/nobackend.go     | 145 +++++++++++++++++++
  src/crypto/internal/backend/norequirefips.go |   9 ++
  src/crypto/internal/backend/stub.s           |  10 ++
+ src/crypto/md5/md5.go                        |   7 +
+ src/crypto/md5/md5_test.go                   |   4 +
  src/crypto/rand/rand_unix.go                 |   2 +-
  src/crypto/rsa/boring.go                     |   4 +-
  src/crypto/rsa/notboring.go                  |   2 +-
@@ -44,7 +46,7 @@ Subject: [PATCH] Add crypto backend foundation
  src/crypto/tls/prf_test.go                   |  12 +-
  src/go/build/deps_test.go                    |   2 +
  src/runtime/runtime_boring.go                |   5 +
- 40 files changed, 460 insertions(+), 65 deletions(-)
+ 42 files changed, 473 insertions(+), 65 deletions(-)
  create mode 100644 src/crypto/internal/backend/backend_test.go
  create mode 100644 src/crypto/internal/backend/bbig/big.go
  create mode 100644 src/crypto/internal/backend/common.go
@@ -125,7 +127,7 @@ index 699e5177aef5d5..7e9c2a74adf74b 100644
  	c := new(tripleDESCipher)
  	c.cipher1.generateSubkeys(key[:8])
 diff --git a/src/crypto/ecdh/ecdh.go b/src/crypto/ecdh/ecdh.go
-index b86f5217878251..a48043a044f309 100644
+index b21b5697d0e37f..5e373cd27b350f 100644
 --- a/src/crypto/ecdh/ecdh.go
 +++ b/src/crypto/ecdh/ecdh.go
 @@ -8,7 +8,7 @@ package ecdh
@@ -393,10 +395,10 @@ index 00000000000000..e5d7570d6d4363
 +const isRequireFIPS = true
 diff --git a/src/crypto/internal/backend/nobackend.go b/src/crypto/internal/backend/nobackend.go
 new file mode 100644
-index 00000000000000..75eb22290bcc92
+index 00000000000000..275a6078f90514
 --- /dev/null
 +++ b/src/crypto/internal/backend/nobackend.go
-@@ -0,0 +1,143 @@
+@@ -0,0 +1,145 @@
 +// Copyright 2017 The Go Authors. All rights reserved.
 +// Use of this source code is governed by a BSD-style
 +// license that can be found in the LICENSE file.
@@ -426,12 +428,14 @@ index 00000000000000..75eb22290bcc92
 +
 +func SupportsHash(h crypto.Hash) bool { panic("cryptobackend: not available") }
 +
++func NewMD5() hash.Hash    { panic("cryptobackend: not available") }
 +func NewSHA1() hash.Hash   { panic("cryptobackend: not available") }
 +func NewSHA224() hash.Hash { panic("cryptobackend: not available") }
 +func NewSHA256() hash.Hash { panic("cryptobackend: not available") }
 +func NewSHA384() hash.Hash { panic("cryptobackend: not available") }
 +func NewSHA512() hash.Hash { panic("cryptobackend: not available") }
 +
++func MD5(p []byte) (sum [16]byte)    { panic("cryptobackend: not available") }
 +func SHA1(p []byte) (sum [20]byte)   { panic("cryptobackend: not available") }
 +func SHA224(p []byte) (sum [28]byte) { panic("cryptobackend: not available") }
 +func SHA256(p []byte) (sum [32]byte) { panic("cryptobackend: not available") }
@@ -571,6 +575,60 @@ index 00000000000000..5e4b436554d44d
 +// Having this assembly file keeps the go command
 +// from complaining about the missing body
 +// (because the implementation might be here).
+diff --git a/src/crypto/md5/md5.go b/src/crypto/md5/md5.go
+index ccee4ea3a9914f..206249f5bf261e 100644
+--- a/src/crypto/md5/md5.go
++++ b/src/crypto/md5/md5.go
+@@ -12,6 +12,7 @@ package md5
+
+ import (
+ 	"crypto"
++	boring "crypto/internal/backend"
+ 	"encoding/binary"
+ 	"errors"
+ 	"hash"
+@@ -99,6 +100,9 @@ func consumeUint32(b []byte) ([]byte, uint32) {
+ // implements encoding.BinaryMarshaler and encoding.BinaryUnmarshaler to
+ // marshal and unmarshal the internal state of the hash.
+ func New() hash.Hash {
++	if boring.Enabled && boring.SupportsHash(crypto.MD5) {
++		return boring.NewMD5()
++	}
+ 	d := new(digest)
+ 	d.Reset()
+ 	return d
+@@ -176,6 +180,9 @@ func (d *digest) checkSum() [Size]byte {
+
+ // Sum returns the MD5 checksum of the data.
+ func Sum(data []byte) [Size]byte {
++	if boring.Enabled && boring.SupportsHash(crypto.MD5) {
++		return boring.MD5(data)
++	}
+ 	var d digest
+ 	d.Reset()
+ 	d.Write(data)
+diff --git a/src/crypto/md5/md5_test.go b/src/crypto/md5/md5_test.go
+index 851e7fb10d42f5..f9d1037c9b82b9 100644
+--- a/src/crypto/md5/md5_test.go
++++ b/src/crypto/md5/md5_test.go
+@@ -6,6 +6,7 @@ package md5
+
+ import (
+ 	"bytes"
++	boring "crypto/internal/backend"
+ 	"crypto/rand"
+ 	"encoding"
+ 	"fmt"
+@@ -144,6 +145,9 @@ func TestLarge(t *testing.T) {
+
+ // Tests that blockGeneric (pure Go) and block (in assembly for amd64, 386, arm) match.
+ func TestBlockGeneric(t *testing.T) {
++	if boring.Enabled {
++		t.Skip("digest is not used when boring.Enabled is set")
++	}
+ 	gen, asm := New().(*digest), New().(*digest)
+ 	buf := make([]byte, BlockSize*20) // arbitrary factor
+ 	rand.Read(buf)
 diff --git a/src/crypto/rand/rand_unix.go b/src/crypto/rand/rand_unix.go
 index 40fce36314adfa..1d6231ae91d5ae 100644
 --- a/src/crypto/rand/rand_unix.go

patches/0003-Add-BoringSSL-crypto-backend.patch

@@ -5,8 +5,8 @@ Subject: [PATCH] Add BoringSSL crypto backend
 
 ---
  .../internal/backend/bbig/big_boring.go       |  12 ++
- src/crypto/internal/backend/boring_linux.go   | 173 ++++++++++++++++++
- 2 files changed, 185 insertions(+)
+ src/crypto/internal/backend/boring_linux.go   | 175 ++++++++++++++++++
+ 2 files changed, 187 insertions(+)
  create mode 100644 src/crypto/internal/backend/bbig/big_boring.go
  create mode 100644 src/crypto/internal/backend/boring_linux.go
 
@@ -30,10 +30,10 @@ index 00000000000000..0b62cef68546d0
 +var Dec = bbig.Dec
 diff --git a/src/crypto/internal/backend/boring_linux.go b/src/crypto/internal/backend/boring_linux.go
 new file mode 100644
-index 00000000000000..ea2ec3c2527dcc
+index 00000000000000..bc5c54b02acf2f
 --- /dev/null
 +++ b/src/crypto/internal/backend/boring_linux.go
-@@ -0,0 +1,173 @@
+@@ -0,0 +1,175 @@
 +// Copyright 2017 The Go Authors. All rights reserved.
 +// Use of this source code is governed by a BSD-style
 +// license that can be found in the LICENSE file.
@@ -66,12 +66,14 @@ index 00000000000000..ea2ec3c2527dcc
 +	}
 +}
 +
++func NewMD5() hash.Hash    { panic("cryptobackend: not available") }
 +func NewSHA1() hash.Hash   { return boring.NewSHA1() }
 +func NewSHA224() hash.Hash { return boring.NewSHA224() }
 +func NewSHA256() hash.Hash { return boring.NewSHA256() }
 +func NewSHA384() hash.Hash { return boring.NewSHA384() }
 +func NewSHA512() hash.Hash { return boring.NewSHA512() }
 +
++func MD5(p []byte) (sum [16]byte)    { panic("cryptobackend: not available") }
 +func SHA1(p []byte) (sum [20]byte)   { return boring.SHA1(p) }
 +func SHA224(p []byte) (sum [28]byte) { return boring.SHA224(p) }
 +func SHA256(p []byte) (sum [32]byte) { return boring.SHA256(p) }

patches/0004-Add-OpenSSL-crypto-backend.patch

@@ -14,7 +14,7 @@ Subject: [PATCH] Add OpenSSL crypto backend
  src/crypto/ecdsa/notboring.go                 |   2 +-
  src/crypto/internal/backend/bbig/big.go       |   2 +-
  .../internal/backend/bbig/big_openssl.go      |  12 +
- src/crypto/internal/backend/openssl_linux.go  | 277 ++++++++++++++++++
+ src/crypto/internal/backend/openssl_linux.go  | 279 ++++++++++++++++++
  src/crypto/internal/boring/fipstls/stub.s     |   2 +-
  src/crypto/internal/boring/fipstls/tls.go     |   2 +-
  src/crypto/rsa/boring.go                      |   2 +-
@@ -37,7 +37,7 @@ Subject: [PATCH] Add OpenSSL crypto backend
  .../goexperiment/exp_opensslcrypto_on.go      |   9 +
  src/internal/goexperiment/flags.go            |   1 +
  src/os/exec/exec_test.go                      |   9 +
- 33 files changed, 359 insertions(+), 23 deletions(-)
+ 33 files changed, 361 insertions(+), 23 deletions(-)
  create mode 100644 src/crypto/internal/backend/bbig/big_openssl.go
  create mode 100644 src/crypto/internal/backend/openssl_linux.go
  create mode 100644 src/internal/goexperiment/exp_opensslcrypto_off.go
@@ -190,10 +190,10 @@ index 00000000000000..e6695dd66b1d02
 +var Dec = bbig.Dec
 diff --git a/src/crypto/internal/backend/openssl_linux.go b/src/crypto/internal/backend/openssl_linux.go
 new file mode 100644
-index 00000000000000..bc10293bb719ff
+index 00000000000000..d342e4b0f11e23
 --- /dev/null
 +++ b/src/crypto/internal/backend/openssl_linux.go
-@@ -0,0 +1,277 @@
+@@ -0,0 +1,279 @@
 +// Copyright 2017 The Go Authors. All rights reserved.
 +// Use of this source code is governed by a BSD-style
 +// license that can be found in the LICENSE file.
@@ -322,12 +322,14 @@ index 00000000000000..bc10293bb719ff
 +	return openssl.SupportsHash(h)
 +}
 +
++func NewMD5() hash.Hash   { return openssl.NewMD5() }
 +func NewSHA1() hash.Hash   { return openssl.NewSHA1() }
 +func NewSHA224() hash.Hash { return openssl.NewSHA224() }
 +func NewSHA256() hash.Hash { return openssl.NewSHA256() }
 +func NewSHA384() hash.Hash { return openssl.NewSHA384() }
 +func NewSHA512() hash.Hash { return openssl.NewSHA512() }
 +
++func MD5(p []byte) (sum [16]byte)   { return openssl.MD5(p) }
 +func SHA1(p []byte) (sum [20]byte)   { return openssl.SHA1(p) }
 +func SHA224(p []byte) (sum [28]byte) { return openssl.SHA224(p) }
 +func SHA256(p []byte) (sum [32]byte) { return openssl.SHA256(p) }

patches/0005-Add-CNG-crypto-backend.patch

@@ -12,10 +12,11 @@ Subject: [PATCH] Add CNG crypto backend
  src/crypto/internal/backend/backend_test.go   |   4 +-
  src/crypto/internal/backend/bbig/big.go       |   2 +-
  src/crypto/internal/backend/bbig/big_cng.go   |  12 +
- src/crypto/internal/backend/cng_windows.go    | 248 ++++++++++++++++++
+ src/crypto/internal/backend/cng_windows.go    | 226 ++++++++++++++++++
  src/crypto/internal/backend/common.go         |  33 ++-
  src/crypto/internal/boring/fipstls/stub.s     |   2 +-
  src/crypto/internal/boring/fipstls/tls.go     |   2 +-
+ src/crypto/md5/md5_test.go                    |   7 +
  src/crypto/rand/rand_windows.go               |   9 +-
  src/crypto/rsa/boring.go                      |   2 +-
  src/crypto/rsa/boring_test.go                 |   2 +-
@@ -46,7 +47,7 @@ Subject: [PATCH] Add CNG crypto backend
  .../goexperiment/exp_cngcrypto_off.go         |   9 +
  src/internal/goexperiment/exp_cngcrypto_on.go |   9 +
  src/internal/goexperiment/flags.go            |   1 +
- 42 files changed, 438 insertions(+), 40 deletions(-)
+ 44 files changed, 423 insertions(+), 40 deletions(-)
  create mode 100644 src/crypto/internal/backend/bbig/big_cng.go
  create mode 100644 src/crypto/internal/backend/cng_windows.go
  create mode 100644 src/internal/goexperiment/exp_cngcrypto_off.go
@@ -168,7 +169,7 @@ new file mode 100644
 index 00000000000000..8a1b5618989d06
 --- /dev/null
 +++ b/src/crypto/internal/backend/cng_windows.go
-@@ -0,0 +1,248 @@
+@@ -0,0 +1,226 @@
 +// Copyright 2017 The Go Authors. All rights reserved.
 +// Use of this source code is governed by a BSD-style
 +// license that can be found in the LICENSE file.
@@ -215,41 +216,19 @@ index 00000000000000..8a1b5618989d06
 +	return cng.SupportsHash(h)
 +}
 +
-+func NewSHA1() hash.Hash {
-+	return cng.NewSHA1()
-+}
-+
++func NewMD5() hash.Hash    { return cng.NewMD5() }
++func NewSHA1() hash.Hash   { return cng.NewSHA1() }
 +func NewSHA224() hash.Hash { panic("cngcrypto: not available") }
++func NewSHA256() hash.Hash { return cng.NewSHA256() }
++func NewSHA384() hash.Hash { return cng.NewSHA384() }
++func NewSHA512() hash.Hash { return cng.NewSHA512() }
 +
-+func NewSHA256() hash.Hash {
-+	return cng.NewSHA256()
-+}
-+
-+func NewSHA384() hash.Hash {
-+	return cng.NewSHA384()
-+}
-+
-+func NewSHA512() hash.Hash {
-+	return cng.NewSHA512()
-+}
-+
-+func SHA1(p []byte) (sum [20]byte) {
-+	return cng.SHA1(p)
-+}
-+
++func MD5(p []byte) (sum [16]byte)    { return cng.MD5(p) }
++func SHA1(p []byte) (sum [20]byte)   { return cng.SHA1(p) }
 +func SHA224(p []byte) (sum [28]byte) { panic("cngcrypto: not available") }
-+
-+func SHA256(p []byte) (sum [32]byte) {
-+	return cng.SHA256(p)
-+}
-+
-+func SHA384(p []byte) (sum [48]byte) {
-+	return cng.SHA384(p)
-+}
-+
-+func SHA512(p []byte) (sum [64]byte) {
-+	return cng.SHA512(p)
-+}
++func SHA256(p []byte) (sum [32]byte) { return cng.SHA256(p) }
++func SHA384(p []byte) (sum [48]byte) { return cng.SHA384(p) }
++func SHA512(p []byte) (sum [64]byte) { return cng.SHA512(p) }
 +
 +func NewHMAC(h func() hash.Hash, key []byte) hash.Hash {
 +	return cng.NewHMAC(h, key)
@@ -499,6 +478,38 @@ index 4e629a4db8f7c7..a7cd24a0d15647 100644
 
  // Package fipstls allows control over whether crypto/tls requires FIPS-approved settings.
  // This package only exists with GOEXPERIMENT=boringcrypto, but the effects are independent
+diff --git a/src/crypto/md5/md5_test.go b/src/crypto/md5/md5_test.go
+index f9d1037c9b82b9..6b91d4388b73fe 100644
+--- a/src/crypto/md5/md5_test.go
++++ b/src/crypto/md5/md5_test.go
+@@ -11,6 +11,7 @@ import (
+ 	"encoding"
+ 	"fmt"
+ 	"hash"
++	"internal/goexperiment"
+ 	"io"
+ 	"testing"
+ 	"unsafe"
+@@ -88,6 +89,9 @@ func TestGolden(t *testing.T) {
+ }
+
+ func TestGoldenMarshal(t *testing.T) {
++	if goexperiment.CNGCrypto {
++		t.Skip("CNGCrypto does not support hash marshalling")
++	}
+ 	for _, g := range golden {
+ 		h := New()
+ 		h2 := New()
+@@ -195,6 +199,9 @@ func safeSum(h hash.Hash) (sum []byte, err error) {
+ }
+
+ func TestLargeHashes(t *testing.T) {
++	if goexperiment.CNGCrypto {
++		t.Skip("CNGCrypto does not support hash marshalling")
++	}
+ 	for i, test := range largeUnmarshalTests {
+
+ 		h := New()
 diff --git a/src/crypto/rand/rand_windows.go b/src/crypto/rand/rand_windows.go
 index 6c0655c72b692a..755861fc5bc21d 100644
 --- a/src/crypto/rand/rand_windows.go