crypto/internal/fips140/bigmod: fix extendedGCD implementation mismatch by ArquintL · Pull Request #78932 · golang/go

ArquintL · 2026-04-24T10:01:35Z

The existing extendedGCD implementation differs from
BoringSSL & Fiat-Crypto, which this PR fixes.

Avoiding the calls to Nat.Add in the loop results in an on average
24% speedup due to in-place updates instead of allocating temporary
Nat instances as shown in this plot:

https://github.com/user-attachments/files/27047498/bench_plot.pdf

While all annotations have been removed for this PR, the fixed
implementation is backed by proofs using Gobra (https://gobra.ethz.ch),
a program verifier for Go programs. The linked issue describes the
proofs in more details.

Fixes #78218

…ng#78218)

google-cla · 2026-04-24T10:01:46Z

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

ArquintL · 2026-04-24T10:02:31Z

cc @FiloSottile

gopherbot · 2026-04-24T10:14:49Z

This PR (HEAD: ac7edd6) has been imported to Gerrit for code review.

Please visit Gerrit at https://go-review.googlesource.com/c/go/+/770380.

Important tips:

Don't comment on this PR. All discussion takes place in Gerrit.
You need a Gmail or other Google account to log in to Gerrit.
To change your code in response to feedback:
- Push a new commit to the branch used by your GitHub PR.
- A new "patch set" will then appear in Gerrit.
- Respond to each comment by marking as Done in Gerrit if implemented as suggested. You can alternatively write a reply.
- Critical: you must click the blue Reply button near the top to publish your Gerrit responses.
- Multiple commits in the PR will be squashed by GerritBot.
The title and description of the GitHub PR are used to construct the final commit message.
- Edit these as needed via the GitHub web interface (not via Gerrit or git).
- You should word wrap the PR description at ~76 characters unless you need longer lines (e.g., for tables or URLs).
See the Sending a change via GitHub and Reviews sections of the Contribution Guide as well as the FAQ for details.

gopherbot · 2026-04-24T10:27:20Z

Message from Gopher Robot:

Patch Set 1:

(1 comment)

Please don’t reply on this GitHub thread. Visit golang.org/cl/770380.
After addressing review feedback, remember to publish your drafts!

gopherbot · 2026-04-24T10:27:21Z

Message from Gopher Robot:

Patch Set 1:

Congratulations on opening your first change. Thank you for your contribution!

Next steps:
A maintainer will review your change and provide feedback. See
https://go.dev/doc/contribute#review for more info and tips to get your
patch through code review.

Most changes in the Go project go through a few rounds of revision. This can be
surprising to people new to the project. The careful, iterative review process
is our way of helping mentor contributors and ensuring that their contributions
have a lasting impact.

During May-July and Nov-Jan the Go project is in a code freeze, during which
little code gets reviewed or merged. If a reviewer responds with a comment like
R=go1.11 or adds a tag like "wait-release", it means that this CL will be
reviewed as part of the next development cycle. See https://go.dev/s/release
for more details.

Please don’t reply on this GitHub thread. Visit golang.org/cl/770380.
After addressing review feedback, remember to publish your drafts!

gopherbot · 2026-04-24T10:39:44Z

Message from Linard Arquint:

Patch Set 1:

(1 comment)

Please don’t reply on this GitHub thread. Visit golang.org/cl/770380.
After addressing review feedback, remember to publish your drafts!

gopherbot · 2026-06-03T03:43:34Z

This PR (HEAD: 6e376f8) has been imported to Gerrit for code review.

Please visit Gerrit at https://go-review.googlesource.com/c/go/+/770380.

Important tips:

Don't comment on this PR. All discussion takes place in Gerrit.
You need a Gmail or other Google account to log in to Gerrit.
To change your code in response to feedback:
- Push a new commit to the branch used by your GitHub PR.
- A new "patch set" will then appear in Gerrit.
- Respond to each comment by marking as Done in Gerrit if implemented as suggested. You can alternatively write a reply.
- Critical: you must click the blue Reply button near the top to publish your Gerrit responses.
- Multiple commits in the PR will be squashed by GerritBot.
The title and description of the GitHub PR are used to construct the final commit message.
- Edit these as needed via the GitHub web interface (not via Gerrit or git).
- You should word wrap the PR description at ~76 characters unless you need longer lines (e.g., for tables or URLs).
See the Sending a change via GitHub and Reviews sections of the Contribution Guide as well as the FAQ for details.

gopherbot · 2026-06-04T13:52:14Z

Message from Filippo Valsorda:

Patch Set 5: Auto-Submit+1 Code-Review+2 Commit-Queue+1

Please don’t reply on this GitHub thread. Visit golang.org/cl/770380.
After addressing review feedback, remember to publish your drafts!

gopherbot · 2026-06-04T14:09:34Z

Message from golang-scoped@luci-project-accounts.iam.gserviceaccount.com:

Patch Set 5:

Dry run: CV is trying the patch.

Bot data: {"action":"start","triggered_at":"2026-06-04T13:40:40Z","revision":"34f633ed48e6040c9f9083a37a51e17debb0be46"}

Please don’t reply on this GitHub thread. Visit golang.org/cl/770380.
After addressing review feedback, remember to publish your drafts!

gopherbot · 2026-06-04T14:27:44Z

Message from Filippo Valsorda:

Patch Set 5: -Commit-Queue

(Performed by <GERRIT_ACCOUNT_60063> on behalf of <GERRIT_ACCOUNT_11715>)

Please don’t reply on this GitHub thread. Visit golang.org/cl/770380.
After addressing review feedback, remember to publish your drafts!

gopherbot · 2026-06-04T14:27:44Z

Message from golang-scoped@luci-project-accounts.iam.gserviceaccount.com:

Patch Set 5:

This CL has passed the run

Please don’t reply on this GitHub thread. Visit golang.org/cl/770380.
After addressing review feedback, remember to publish your drafts!

gopherbot · 2026-06-04T14:27:45Z

Message from golang-scoped@luci-project-accounts.iam.gserviceaccount.com:

Patch Set 5: LUCI-TryBot-Result+1

Please don’t reply on this GitHub thread. Visit golang.org/cl/770380.
After addressing review feedback, remember to publish your drafts!

gopherbot · 2026-06-05T15:41:25Z

Message from Roland Shoemaker:

Patch Set 5: Code-Review+1

Please don’t reply on this GitHub thread. Visit golang.org/cl/770380.
After addressing review feedback, remember to publish your drafts!

fixes implementation mismatch wrt. BoringSSL & FiatCrypto (issue gola…

a568806

…ng#78218)

fixes grammar in a code comment

ac7edd6

Merge branch 'master' into extendedgcd-impl-fix

6e376f8

FiloSottile changed the title ~~crypto/internal/fips140/bigmod: fix extendedGCD implementation mismatch~~ crypto/internal/fips140/bigmod: fix extendedGCD implementation mismatch Jun 4, 2026

Conversation

ArquintL commented Apr 24, 2026 • edited by FiloSottile Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

google-cla Bot commented Apr 24, 2026

Uh oh!

ArquintL commented Apr 24, 2026

Uh oh!

gopherbot commented Apr 24, 2026

Uh oh!

gopherbot commented Apr 24, 2026

Uh oh!

gopherbot commented Apr 24, 2026

Uh oh!

gopherbot commented Apr 24, 2026

Uh oh!

gopherbot commented Jun 3, 2026

Uh oh!

gopherbot commented Jun 4, 2026

Uh oh!

gopherbot commented Jun 4, 2026

Uh oh!

gopherbot commented Jun 4, 2026

Uh oh!

gopherbot commented Jun 4, 2026

Uh oh!

gopherbot commented Jun 4, 2026

Uh oh!

gopherbot commented Jun 5, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

ArquintL commented Apr 24, 2026 •

edited by FiloSottile

Loading