Golang crypto/tls: segfault when calling tlsrsakex.IncNonDefault() [1.22 backport]

@FiloSottile requested issue #65991 to be considered for backport to the next 1.22 minor release.

@gopherbot please open a Go 1.22 backport issue. This is a severe regression in Go+BoringCrypto mode.

Comment From: cagedmantis

Approved as this is a bug without a workaround.

Comment From: mdempsky

@FiloSottile It looks like this requires both CL 582315 and CL 586755 (no tests) to be backported? I can create the CL, but I'm unfamiliar with Go's BoringSSL-specific details.

Comment From: michaelbeaumont

Why was this skipped for this release? Was there discussion around this? This makes goboring unusable with 1.22. :disappointed: @FiloSottile @mdempsky

EDIT: ok, it's my understanding that 1.22.4 was a security release, so this was pushed. Does the release of 1.22.4 push the release of this fix even further?

Comment From: dmitshur

This backport is approved and it's waiting on a cherry-pick CL to be created. See https://go.dev/wiki/MinorReleases#making-cherry-pick-cls. Once that's created and all of its submit requirements are satisfied, it can be submitted and included in the nearest upcoming minor release.

Comment From: michaelbeaumont

@dmitshur created: https://go-review.googlesource.com/c/go/+/593395

Comment From: gopherbot

Change https://go.dev/cl/593395 mentions this issue: [release-branch.go1.22] crypto/tls: don't call tlsrsakex.IncNonDefault with FIPS

Comment From: gopherbot

Closed by merging 81fc6162675ea2543aa30ae35e56769c3d8a39ca to release-branch.go1.22.