lib/fips140: freeze v1.1.0-rc1 FIPS 140 module zip file

Fixes #76769 Cq-Include-Trybots: luci.golang.try:gotip-linux-amd64-longtest Change-Id: I16b0e9463e2e10ee5a6f20967fb6377b6a6a6964 Reviewed-on: https://go-review.googlesource.com/c/go/+/729180 LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Auto-Submit: Filippo Valsorda <filippo@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org> Reviewed-by: David Chase <drchase@google.com>
2025-12-28 06:34:04 +00:00 · 2025-12-10 22:49:31 +01:00 · 2025-12-10 22:49:31 +01:00 · f105dfd048
commit f105dfd048
parent af14f67911
3 changed files with 23 additions and 12 deletions
--- a/lib/fips140/fips140.sum
+++ b/lib/fips140/fips140.sum
@ -10,3 +10,4 @@
 #	go test cmd/go/internal/fips140 -update
 #
 v1.0.0-c2097c7c.zip daf3614e0406f67ae6323c902db3f953a1effb199142362a039e7526dfb9368b
+v1.1.0-rc1.zip ea94f8c3885294c9efe1bd8f9b6e86daeb25b6aff2aeb20707cd9a5101f6f54e
--- a/lib/fips140/v1.1.0-rc1.zip
+++ b/lib/fips140/v1.1.0-rc1.zip
--- a/src/internal/buildcfg/cfg.go
+++ b/src/internal/buildcfg/cfg.go
@ -80,32 +80,42 @@ func gofips140() string {
 	if isFIPSVersion(v) {
 		return v
 	}
-	Error = fmt.Errorf("invalid GOFIPS140: must be off, latest, inprocess, certified, or vX.Y.Z")
+	Error = fmt.Errorf("invalid GOFIPS140: must be off, latest, inprocess, certified, or v1.Y.Z")
 	return DefaultGOFIPS140
 }

 // isFIPSVersion reports whether v is a valid FIPS version,
-// of the form vX.Y.Z or vX.Y.Z-hash.
+// of the form v1.Y.Z or v1.Y.Z-hhhhhhhh or v1.Y.Z-rcN.
 func isFIPSVersion(v string) bool {
-	if !strings.HasPrefix(v, "v") {
+	v, ok := strings.CutPrefix(v, "v1.")
+	if !ok {
 		return false
 	}
-	v, ok := skipNum(v[len("v"):])
-	if !ok || !strings.HasPrefix(v, ".") {
+	if v, ok = cutNum(v); !ok {
 		return false
 	}
-	v, ok = skipNum(v[len("."):])
-	if !ok || !strings.HasPrefix(v, ".") {
+	if v, ok = strings.CutPrefix(v, "."); !ok {
 		return false
 	}
-	v, ok = skipNum(v[len("."):])
-	hasHash := strings.HasPrefix(v, "-") && len(v) == len("-")+8
-	return ok && (v == "" || hasHash)
+	if v, ok = cutNum(v); !ok {
+		return false
+	}
+	if v == "" {
+		return true
+	}
+	if v, ok = strings.CutPrefix(v, "-rc"); ok {
+		v, ok = cutNum(v)
+		return ok && v == ""
+	}
+	if v, ok = strings.CutPrefix(v, "-"); ok {
+		return len(v) == 8
+	}
+	return false
 }

-// skipNum skips the leading text matching [0-9]+
+// cutNum skips the leading text matching [0-9]+
 // in s, returning the rest and whether such text was found.
-func skipNum(s string) (rest string, ok bool) {
+func cutNum(s string) (rest string, ok bool) {
 	i := 0
 	for i < len(s) && '0' <= s[i] && s[i] <= '9' {
 		i++