Update to go-crypto-openssl v0.2.9; increment rev (#1167)

MICROSOFT_REVISION

@@ -0,0 +1 @@
+2

patches/0004-Add-OpenSSL-crypto-backend.patch

@@ -477,7 +477,7 @@ index 95f4b8e98d2fb0..3bb307e7bddc48 100644
 
  	msg := []byte{0xed, 0x36, 0x90, 0x8d, 0xbe, 0xfc, 0x35, 0x40, 0x70, 0x4f, 0xf5, 0x9d, 0x6e, 0xc2, 0xeb, 0xf5, 0x27, 0xae, 0x65, 0xb0, 0x59, 0x29, 0x45, 0x25, 0x8c, 0xc1, 0x91, 0x22}
 diff --git a/src/crypto/tls/boring.go b/src/crypto/tls/boring.go
-index aad96b1c747784..9ee834e5a5952b 100644
+index 1827f764589b58..70baa62d63754a 100644
 --- a/src/crypto/tls/boring.go
 +++ b/src/crypto/tls/boring.go
 @@ -2,7 +2,7 @@
@@ -490,7 +490,7 @@ index aad96b1c747784..9ee834e5a5952b 100644
  package tls
 
 diff --git a/src/crypto/tls/boring_test.go b/src/crypto/tls/boring_test.go
-index 96dfc93e286f4c..e2543f53d77990 100644
+index ba68f355eb037c..929111d8679cc2 100644
 --- a/src/crypto/tls/boring_test.go
 +++ b/src/crypto/tls/boring_test.go
 @@ -2,7 +2,7 @@
@@ -529,7 +529,7 @@ index f8485dc3ca1c29..9c1d3d279c472f 100644
  package fipsonly
 
 diff --git a/src/crypto/tls/notboring.go b/src/crypto/tls/notboring.go
-index edccb44d87a553..cae24d19c9f444 100644
+index 7d85b39c59319e..1aaabd5ef486aa 100644
 --- a/src/crypto/tls/notboring.go
 +++ b/src/crypto/tls/notboring.go
 @@ -2,7 +2,7 @@
@@ -542,7 +542,7 @@ index edccb44d87a553..cae24d19c9f444 100644
  package tls
 
 diff --git a/src/crypto/x509/boring.go b/src/crypto/x509/boring.go
-index e6237e96bb3b17..e4086bd90feb83 100644
+index 095b58c31590d4..9aec21dbcd3bff 100644
 --- a/src/crypto/x509/boring.go
 +++ b/src/crypto/x509/boring.go
 @@ -2,7 +2,7 @@
@@ -581,24 +581,24 @@ index c83a7272c9f01f..a0548a7f9179c5 100644
  package x509
 
 diff --git a/src/go.mod b/src/go.mod
-index 3b24053b94da17..715845b399f627 100644
+index 3b24053b94da17..f2b72bfc71fc0c 100644
 --- a/src/go.mod
 +++ b/src/go.mod
 @@ -3,6 +3,7 @@ module std
  go 1.21
 
  require (
-+	github.com/microsoft/go-crypto-openssl v0.2.9-0.20240110181346-cf2e349f6f4f
++	github.com/microsoft/go-crypto-openssl v0.2.9
  	golang.org/x/crypto v0.11.1-0.20230711161743-2e82bdd1719d
  	golang.org/x/net v0.12.1-0.20231027154334-5ca955b1789c
  )
 diff --git a/src/go.sum b/src/go.sum
-index caf8ff010daafd..5f729bd90aeeeb 100644
+index caf8ff010daafd..bf97a865dd51fe 100644
 --- a/src/go.sum
 +++ b/src/go.sum
 @@ -1,3 +1,5 @@
-+github.com/microsoft/go-crypto-openssl v0.2.9-0.20240110181346-cf2e349f6f4f h1:HRNz2SIk2d4O4KVVzzrLNvwefELKnlAeKMgS5RMPZ9A=
-+github.com/microsoft/go-crypto-openssl v0.2.9-0.20240110181346-cf2e349f6f4f/go.mod h1:xOSmQnWz4xvNB2+KQN2g2UUwMG9vqDHBk9nk/NdmyRw=
++github.com/microsoft/go-crypto-openssl v0.2.9 h1:pzWgU+PLq61DzuhfZM7L7nyr3DrQoa4Ln75gCwsvvjs=
++github.com/microsoft/go-crypto-openssl v0.2.9/go.mod h1:xOSmQnWz4xvNB2+KQN2g2UUwMG9vqDHBk9nk/NdmyRw=
  golang.org/x/crypto v0.11.1-0.20230711161743-2e82bdd1719d h1:LiA25/KWKuXfIq5pMIBq1s5hz3HQxhJJSu/SUGlD+SM=
  golang.org/x/crypto v0.11.1-0.20230711161743-2e82bdd1719d/go.mod h1:xgJhtzW8F9jGdVFWZESrid1U1bjeNy4zgy5cRr/CIio=
  golang.org/x/net v0.12.1-0.20231027154334-5ca955b1789c h1:d+VvAxu4S13DWtf73R5eY//VaCk3aUcVdyYjM1SX7zw=

patches/0005-Add-CNG-crypto-backend.patch

@@ -896,7 +896,7 @@ index 2fef7ddae07480..979e4c69ab710c 100644
 
  		h := New()
 diff --git a/src/crypto/tls/boring.go b/src/crypto/tls/boring.go
-index 9ee834e5a5952b..5444d9b0fc0942 100644
+index 70baa62d63754a..ecd0f5a7b3e9ed 100644
 --- a/src/crypto/tls/boring.go
 +++ b/src/crypto/tls/boring.go
 @@ -2,7 +2,7 @@
@@ -909,7 +909,7 @@ index 9ee834e5a5952b..5444d9b0fc0942 100644
  package tls
 
 diff --git a/src/crypto/tls/boring_test.go b/src/crypto/tls/boring_test.go
-index e2543f53d77990..b2b4a57ea1d195 100644
+index 929111d8679cc2..3e63ba6a053c42 100644
 --- a/src/crypto/tls/boring_test.go
 +++ b/src/crypto/tls/boring_test.go
 @@ -2,7 +2,7 @@
@@ -948,7 +948,7 @@ index 9c1d3d279c472f..0ca7a863b73690 100644
  package fipsonly
 
 diff --git a/src/crypto/tls/handshake_server_tls13.go b/src/crypto/tls/handshake_server_tls13.go
-index dd5298b728f715..21d009cd83bae5 100644
+index 07b1a3851e0714..6fae2b4ba22540 100644
 --- a/src/crypto/tls/handshake_server_tls13.go
 +++ b/src/crypto/tls/handshake_server_tls13.go
 @@ -13,6 +13,7 @@ import (
@@ -959,7 +959,7 @@ index dd5298b728f715..21d009cd83bae5 100644
  	"io"
  	"time"
  )
-@@ -401,6 +402,15 @@ func cloneHash(in hash.Hash, h crypto.Hash) hash.Hash {
+@@ -402,6 +403,15 @@ func cloneHash(in hash.Hash, h crypto.Hash) hash.Hash {
  	}
  	marshaler, ok := in.(binaryMarshaler)
  	if !ok {
@@ -976,7 +976,7 @@ index dd5298b728f715..21d009cd83bae5 100644
  	}
  	state, err := marshaler.MarshalBinary()
 diff --git a/src/crypto/tls/notboring.go b/src/crypto/tls/notboring.go
-index cae24d19c9f444..7625ccb867dd92 100644
+index 1aaabd5ef486aa..5a133c9b2f94c7 100644
 --- a/src/crypto/tls/notboring.go
 +++ b/src/crypto/tls/notboring.go
 @@ -2,7 +2,7 @@
@@ -989,7 +989,7 @@ index cae24d19c9f444..7625ccb867dd92 100644
  package tls
 
 diff --git a/src/crypto/x509/boring.go b/src/crypto/x509/boring.go
-index e4086bd90feb83..674990c63c0539 100644
+index 9aec21dbcd3bff..05324f731bedc4 100644
 --- a/src/crypto/x509/boring.go
 +++ b/src/crypto/x509/boring.go
 @@ -2,7 +2,7 @@
@@ -1028,24 +1028,24 @@ index a0548a7f9179c5..ae6117a1554b7f 100644
  package x509
 
 diff --git a/src/go.mod b/src/go.mod
-index 715845b399f627..4326603793be6e 100644
+index f2b72bfc71fc0c..18175aacfe8884 100644
 --- a/src/go.mod
 +++ b/src/go.mod
 @@ -4,6 +4,7 @@ go 1.21
 
  require (
- 	github.com/microsoft/go-crypto-openssl v0.2.9-0.20240110181346-cf2e349f6f4f
+ 	github.com/microsoft/go-crypto-openssl v0.2.9
 +	github.com/microsoft/go-crypto-winnative v0.0.0-20240109184443-a968e40d3103
  	golang.org/x/crypto v0.11.1-0.20230711161743-2e82bdd1719d
  	golang.org/x/net v0.12.1-0.20231027154334-5ca955b1789c
  )
 diff --git a/src/go.sum b/src/go.sum
-index 5f729bd90aeeeb..a19607ce2355f6 100644
+index bf97a865dd51fe..f86e681db951b6 100644
 --- a/src/go.sum
 +++ b/src/go.sum
 @@ -1,5 +1,7 @@
- github.com/microsoft/go-crypto-openssl v0.2.9-0.20240110181346-cf2e349f6f4f h1:HRNz2SIk2d4O4KVVzzrLNvwefELKnlAeKMgS5RMPZ9A=
- github.com/microsoft/go-crypto-openssl v0.2.9-0.20240110181346-cf2e349f6f4f/go.mod h1:xOSmQnWz4xvNB2+KQN2g2UUwMG9vqDHBk9nk/NdmyRw=
+ github.com/microsoft/go-crypto-openssl v0.2.9 h1:pzWgU+PLq61DzuhfZM7L7nyr3DrQoa4Ln75gCwsvvjs=
+ github.com/microsoft/go-crypto-openssl v0.2.9/go.mod h1:xOSmQnWz4xvNB2+KQN2g2UUwMG9vqDHBk9nk/NdmyRw=
 +github.com/microsoft/go-crypto-winnative v0.0.0-20240109184443-a968e40d3103 h1:KQsPPal3pKvKzAPTaR7sEriaqrHmRWw0dWG/7E5FNNk=
 +github.com/microsoft/go-crypto-winnative v0.0.0-20240109184443-a968e40d3103/go.mod h1:fveERXKbeK+XLmOyU24caKnIT/S5nniAX9XCRHfnrM4=
  golang.org/x/crypto v0.11.1-0.20230711161743-2e82bdd1719d h1:LiA25/KWKuXfIq5pMIBq1s5hz3HQxhJJSu/SUGlD+SM=

patches/0006-Vendor-crypto-backends.patch

@@ -1127,7 +1127,7 @@ index 00000000000000..de4aa0ecfcbcab
 +}
 diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/evpkey.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/evpkey.go
 new file mode 100644
-index 00000000000000..ef0753ec878ee6
+index 00000000000000..a6161b11a005fb
 --- /dev/null
 +++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/evpkey.go
 @@ -0,0 +1,334 @@
@@ -1234,7 +1234,15 @@ index 00000000000000..ef0753ec878ee6
 +
 +func setupEVP(withKey withKeyFunc, padding C.int,
 +	h, mgfHash hash.Hash, label []byte, saltLen C.int, ch crypto.Hash,
-+	init initFunc) (ctx C.GO_EVP_PKEY_CTX_PTR, err error) {
++	init initFunc) (_ C.GO_EVP_PKEY_CTX_PTR, err error) {
++	var ctx C.GO_EVP_PKEY_CTX_PTR
++	withKey(func(pkey C.GO_EVP_PKEY_PTR) C.int {
++		ctx = C.go_openssl_EVP_PKEY_CTX_new(pkey, nil)
++		return 1
++	})
++	if ctx == nil {
++		return nil, newOpenSSLError("EVP_PKEY_CTX_new failed")
++	}
 +	defer func() {
 +		if err != nil {
 +			if ctx != nil {
@@ -1243,14 +1251,6 @@ index 00000000000000..ef0753ec878ee6
 +			}
 +		}
 +	}()
-+
-+	withKey(func(pkey C.GO_EVP_PKEY_PTR) C.int {
-+		ctx = C.go_openssl_EVP_PKEY_CTX_new(pkey, nil)
-+		return 1
-+	})
-+	if ctx == nil {
-+		return nil, newOpenSSLError("EVP_PKEY_CTX_new failed")
-+	}
 +	if err := init(ctx); err != nil {
 +		return nil, err
 +	}
@@ -1647,7 +1647,7 @@ index 00000000000000..3ef57ba798a098
 +}
 diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/goopenssl.h b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/goopenssl.h
 new file mode 100644
-index 00000000000000..439ce8e5b7fe16
+index 00000000000000..4e092f7ca307a4
 --- /dev/null
 +++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/goopenssl.h
 @@ -0,0 +1,148 @@
@@ -1747,8 +1747,8 @@ index 00000000000000..439ce8e5b7fe16
 +                                       const unsigned char *in, int in_len,
 +                                       const unsigned char *aad, int aad_len)
 +{
-+    if (in_len == 0) in = "";
-+    if (aad_len == 0) aad = "";
++    if (in_len == 0) in = (const unsigned char *)"";
++    if (aad_len == 0) aad = (const unsigned char *)"";
 +
 +    if (go_openssl_EVP_CipherInit_ex(ctx, NULL, NULL, NULL, nonce, GO_AES_ENCRYPT) != 1)
 +        return 0;
@@ -1775,8 +1775,8 @@ index 00000000000000..439ce8e5b7fe16
 +                                       const unsigned char *aad, int aad_len,
 +                                       const unsigned char *tag)
 +{
-+    if (in_len == 0) in = "";
-+    if (aad_len == 0) aad = "";
++    if (in_len == 0) in = (const unsigned char *)"";
++    if (aad_len == 0) aad = (const unsigned char *)"";
 +
 +    if (go_openssl_EVP_CipherInit_ex(ctx, NULL, NULL, NULL, nonce, GO_AES_DECRYPT) != 1)
 +        return 0;
@@ -7178,11 +7178,11 @@ index 00000000000000..1722410e5af193
 +	return getSystemDirectory() + "\\" + dll
 +}
 diff --git a/src/vendor/modules.txt b/src/vendor/modules.txt
-index 4de656b0e81f82..a8b0c934e3f0aa 100644
+index 4de656b0e81f82..b86fd43687e210 100644
 --- a/src/vendor/modules.txt
 +++ b/src/vendor/modules.txt
 @@ -1,3 +1,15 @@
-+# github.com/microsoft/go-crypto-openssl v0.2.9-0.20240110181346-cf2e349f6f4f
++# github.com/microsoft/go-crypto-openssl v0.2.9
 +## explicit; go 1.17
 +github.com/microsoft/go-crypto-openssl/openssl
 +github.com/microsoft/go-crypto-openssl/openssl/bbig