This is also reproducible with golang-1.19.1-2.el9 on RHEL-9.2.0-20221005.0 s390x.

https://beaker.engineering.redhat.com/tasks/executed?arch_id=7&task=%2Ftools%2Fgolang%2FRegression%2Fselected-testcases&job_id=7084547

+++ This bug was initially created as a clone of Bug #2132419 +++

Description of problem:
A number of tests from golang net/http internal testsuite are failing on latest golang-1.19.1-2.module+el8.8.0+16778+5fbb74f5 on RHEL-8.8.0-20220929.2 s390x, most of them with "tls: failed to sign handshake: boringcrypto: RSA_sign_pss_mgf1 failed":

[root@s390x-kvm-061 ~]# GOLANG_FIPS=1 go test -timeout 50m -count=1 net/http
— FAIL: TestTransportBodyAltRewind (0.00s)
transport_internal_test.go:218: tls: failed to sign handshake: boringcrypto: RSA_sign_pss_mgf1 failed
transport_internal_test.go:265: Post "https://example.org/": remote error: tls: internal error
2022/10/05 09:26:51 http: TLS handshake error from 127.0.0.1:46500: tls: failed to sign handshake: boringcrypto: RSA_sign_pss_mgf1 failed
— FAIL: TestNextProtoUpgrade (0.00s)
alpn_test.go:49: Get "https://127.0.0.1:36945": remote error: tls: internal error
2022/10/05 09:26:52 http: TLS handshake error from 127.0.0.1:40460: tls: failed to sign handshake: boringcrypto: RSA_sign_pss_mgf1 failed
— FAIL: TestClientHead_h2 (0.01s)
client_test.go:100: Head "https://127.0.0.1:41297": remote error: tls: internal error
2022/10/05 09:26:54 http: TLS handshake error from 127.0.0.1:50378: tls: failed to sign handshake: boringcrypto: RSA_sign_pss_mgf1 failed
[root@s390x-kvm-061 ~]# head -n 50 _net-http.log
— FAIL: TestTransportBodyAltRewind (0.00s)
transport_internal_test.go:218: tls: failed to sign handshake: boringcrypto: RSA_sign_pss_mgf1 failed
transport_internal_test.go:265: Post "https://example.org/": remote error: tls: internal error
2022/10/05 09:26:51 http: TLS handshake error from 127.0.0.1:46500: tls: failed to sign handshake: boringcrypto: RSA_sign_pss_mgf1 failed
— FAIL: TestNextProtoUpgrade (0.00s)
alpn_test.go:49: Get "https://127.0.0.1:36945": remote error: tls: internal error
2022/10/05 09:26:52 http: TLS handshake error from 127.0.0.1:40460: tls: failed to sign handshake: boringcrypto: RSA_sign_pss_mgf1 failed
— FAIL: TestClientHead_h2 (0.01s)
client_test.go:100: Head "https://127.0.0.1:41297": remote error: tls: internal error
2022/10/05 09:26:54 http: TLS handshake error from 127.0.0.1:50378: tls: failed to sign handshake: boringcrypto: RSA_sign_pss_mgf1 failed
— FAIL: TestStreamingGet_h2 (0.01s)
client_test.go:778: Get "https://127.0.0.1:42103": remote error: tls: internal error
— FAIL: TestClientInsecureTransport (0.03s)
client_test.go:869: insecure=true: got unexpected err=Get "https://127.0.0.1:43801": remote error: tls: internal error
2022/10/05 09:26:54 http: TLS handshake error from 127.0.0.1:49572: tls: failed to sign handshake: boringcrypto: RSA_sign_pss_mgf1 failed
— FAIL: TestClientWithCorrectTLSServerName (0.00s)
client_test.go:914: expected successful TLS connection, got error: Get "https://127.0.0.1:43457": remote error: tls: internal error
2022/10/05 09:26:54 http: TLS handshake error from 127.0.0.1:59994: tls: failed to sign handshake: boringcrypto: RSA_sign_pss_mgf1 failed
— FAIL: TestTransportUsesTLSConfigServerName (0.00s)
client_test.go:968: Get "https://some-other-host.tld/": remote error: tls: internal error
2022/10/05 09:26:54 http: panic serving 127.0.0.1:56502: runtime error: index out of range [0] with length 0
goroutine 319 [running]:
net/http.(*conn).serve.func1()
/usr/lib/golang/src/net/http/server.go:1850 +0x122
panic(

{0x153a8c0, 0xc00002e120}

)
/usr/lib/golang/src/runtime/panic.go:890 +0x2ca
crypto/rsa.decryptPKCS1v15(

{0x163ae40, 0x16368b0}, 0xc00028c2a0, {0xc00027eb3e, 0x0, 0x2})
/usr/lib/golang/src/crypto/rsa/pkcs1v15.go:196 +0x430
crypto/rsa.DecryptPKCS1v15SessionKey({0x163ae40, 0x16368b0}

, 0xc00028c2a0,

{0xc00027eb3e, 0x0, 0x2}, {0xc0001a7d10, 0x30, 0x30})
/usr/lib/golang/src/crypto/rsa/pkcs1v15.go:147 +0x140
crypto/rsa.(*PrivateKey).Decrypt(0xc00028c2a0, {0x163ae40, 0x16368b0}, {0xc00027eb3e, 0x0, 0x2}

,

{0x14c71c0, 0xc00027eb40}

)
/usr/lib/golang/src/crypto/rsa/rsa.go:171 +0x128
crypto/tls.rsaKeyAgreement.processClientKeyExchange({}, 0xc00014c000, 0xc00014a980, 0xc0001a44b0, 0x303)
/usr/lib/golang/src/crypto/tls/key_agreement.go:63 +0x172
crypto/tls.(*serverHandshakeState).doFullHandshake(0xc0002557c0)
/usr/lib/golang/src/crypto/tls/handshake_server.go:624 +0xea8
crypto/tls.(*serverHandshakeState).handshake(0xc0002557c0)
/usr/lib/golang/src/crypto/tls/handshake_server.go:102 +0x25e
crypto/tls.(*Conn).serverHandshake(0xc0000b8380,

{0x163cf98, 0xc0000200c0}

)
/usr/lib/golang/src/crypto/tls/handshake_server.go:62 +0xe2
crypto/tls.(*Conn).handshakeContext(0xc0000b8380,

{0x163d040, 0xc0001a4240}

)
/usr/lib/golang/src/crypto/tls/conn.go:1462 +0x37c
crypto/tls.(*Conn).HandshakeContext(...)
/usr/lib/golang/src/crypto/tls/conn.go:1405
net/http.(*conn).serve(0xc0000bc8c0,

{0x163d040, 0xc0001a4150}

)
/usr/lib/golang/src/net/http/server.go:1873 +0x103e
created by net/http.(*Server).Serve
/usr/lib/golang/src/net/http/server.go:3102 +0x5b8
— FAIL: TestResponseSetsTLSConnectionState (0.00s)
(...)

FWIW, similar "TLS handshake error" failures were also seen on rhel-8.6 go-toolset, as addressed on bug #2015930.

Version-Release number of selected component (if applicable):
golang-1.19.1-2.module+el8.8.0+16778+5fbb74f5.s390x
go-toolset:rhel8:8080020220930130611:17f3f959

Steps to Reproduce:
1. GOLANG_FIPS=1 go test -timeout 50m -count=1 net/http

— Additional comment from Edjunior Barbosa Machado on 2022-10-05 15:42:15 UTC —

Test results with golang-1.19.1-2.module+el8.8.0+16778+5fbb74f5 on RHEL-8.8.0-20220929.2:

https://beaker.engineering.redhat.com/tasks/executed?task=%2Ftools%2Fgolang%2FRegression%2Fselected-testcases&job_id=7061851